TY - GEN
T1 - Promoting distributed accountability in the cloud
AU - Sundareswaran, Smitha
AU - Squicciarini, Anna
AU - Lin, Dan
AU - Huang, Shuo
PY - 2011
Y1 - 2011
N2 - Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that users' data is usually processed remotely in unknown machines that users do not own or operate. While enjoying the convenience brought by this new emerging technology, users' fears of losing control of their own data (particularly financial and health data) can become a significant barrier to the wide adoption of cloud services. To address this problem, in this paper, we propose a novel highly decentralized information accountability framework to keep track of the actual usage of the users' data in the cloud. In particular, we leverage the programmable capability of Java JAR files to enclose our logging mechanism together with users' data and policies. Our approach ensures that any access to users' data will trigger authentication and automated logging local to the JARs. To strengthen user's control, we also provide distributed auditing mechanisms. Our experimental study demonstrates the efficiency and effectiveness of the proposed approaches.
AB - Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that users' data is usually processed remotely in unknown machines that users do not own or operate. While enjoying the convenience brought by this new emerging technology, users' fears of losing control of their own data (particularly financial and health data) can become a significant barrier to the wide adoption of cloud services. To address this problem, in this paper, we propose a novel highly decentralized information accountability framework to keep track of the actual usage of the users' data in the cloud. In particular, we leverage the programmable capability of Java JAR files to enclose our logging mechanism together with users' data and policies. Our approach ensures that any access to users' data will trigger authentication and automated logging local to the JARs. To strengthen user's control, we also provide distributed auditing mechanisms. Our experimental study demonstrates the efficiency and effectiveness of the proposed approaches.
UR - https://www.scopus.com/pages/publications/80053159713
UR - https://www.scopus.com/pages/publications/80053159713#tab=citedBy
U2 - 10.1109/CLOUD.2011.57
DO - 10.1109/CLOUD.2011.57
M3 - Conference contribution
AN - SCOPUS:80053159713
SN - 9780769544601
T3 - Proceedings - 2011 IEEE 4th International Conference on Cloud Computing, CLOUD 2011
SP - 113
EP - 120
BT - Proceedings - 2011 IEEE 4th International Conference on Cloud Computing, CLOUD 2011
T2 - 2011 IEEE 4th International Conference on Cloud Computing, CLOUD 2011
Y2 - 4 July 2011 through 9 July 2011
ER -