Journal of Network and Information Security

1. Hiroshi Fujinoki – Associate Professor, Southern Illinois University Edwardsville, United States

Received
14-Mar-2014
Accepted
-
Published
14-Mar-2014
Abstract
We propose new security architecture to enhance direct control to the information stored in cloud servers. It splits the cloud stack to two layers and having the security control for the owner of the information between them. By executing security-critical operations at the inline owner agent, the owner of the data logically preserves the essential security control to its data physically stored in a private cloud. The shadow auditor monitors the integrity of information stored in a cloud server to detect unauthorized modification of the information even by the administrators in the clouds while real-time lineage summaries provide cloud users timely feedback on the quality of data without disturbing their workflow. Our performance evaluations showed that real-time lineage summaries are effective for feedbacking quality of information for systems that have frequent references to the information. The shadow auditor was also workload scalable, while the major bottleneck was securing communication between the split cloud and the owner agent. The proposed security architecture will be a solution to make secure transition to clouds while the advantages of clouds are maintained.
Locked
Subscribed
Open Access