Towards provenance cloud security auditing based on association rule mining

被引：0

作者：

Tu S. ^{[1
]}

Huang X. ^{[1
]}

机构：

[1] Faculty of Information Technology, Beijing University of Technology, Beijing

来源：

International Journal for Engineering Modelling | 2019年 / 32卷 / 01期

基金：

中国国家自然科学基金;

关键词：

Association rule mining algorithm; Cloud security auditing; Log analysis; Provenance data; User behaviour;

D O I：

10.31534/engmod.2019.2-4.ri.01d

中图分类号：

学科分类号：

摘要：

Cloud storage provides external data storage services by combining and coordinating different types of devices in a network to work collectively. However, there is always a trust relationship between users and service providers, therefore, an effective security auditing of cloud data and operational processes is necessary. We propose a trusted cloud framework based on a Cloud Accountability Life Cycle (CALC). We suggest that auditing provenance data in cloud servers is a practical and efficient method to log data, being relatively stable and easy to collect type of provenance data. Furthermore, we suggest a scheme based on user behaviour (UB) by analysing the log data from cloud servers. We present a description of rules for a UB operating system log, and put forward an association rule mining algorithm based on the Long Sequence Frequent Pattern (LSFP) to extract the UB. Finally, the results of our experiment prove that our solution can be implemented to track and forensically inspect the data leakage in an efficient manner for cloud security auditing. © 2019, University of Split. All rights reserved.

引用

页码：1 / 16

页数：15

共 24 条

[1] Tu S., Huang Y., Towards efficient and secure access control system for mobile cloud computing, China Communications, 12, 12, pp. 43-52, (2015)
[2] Tu S., Niu S., Li H., A fine-grained access control and revocation scheme on clouds, Concurrency & Computation Practice & Experience, 28, pp. 1697-1714, (2016)
[3] Niu S., Tu S., Huang Y., An Effective and Secure Access Control System Scheme in the Cloud, Chinese Journal of Electronics, 24, 3, pp. 524-528, (2015)
[4] Ko R.K.L., Et al., TrustCloud: A Framework for Accountability and Trust in Cloud Computing, 2011 IEEE World Congress on Services, pp. 584-588, (2011)
[5] Ko R.K.L., Kirchberg M., Lee B.S., From System-centric to Data-centric logging-Accountability, Trust and Security in Cloud Computing, In Defence Science Research Conference and Expo, (2011)
[6] Ko R.K.L., Jagadpramana P., Lee B.S., Flogger: A File-Centric Logger for Monitoring File Access and Transfers within Cloud Computing Environments, International Conference on Trust, Security and Privacy in Computing and Communications, pp. 765-771, (2011)
[7] Suen C.H., Ko R.K.L., Tan Y.S., Jagadpramana P., Lee B.S., S2Logger: End-to-End Data Tracking Mechanism for Cloud Data Provenance, IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Melbourne, VIC, pp. 594-602, (2013)
[8] Fu Z., Ren K., Shu J., Sun X., Huang F., Enabling Personalized Search over Encrypted Outsourced Data with Efficiency Improvement, IEEE Transactions on Parallel and Distributed Systems, 27, 9, pp. 2546-2559, (2016)
[9] Fu Z., Sun X., Liu Q., Zhou L., Shu J., Achieving Efficient Cloud Search Services-Multi-Keyword Ranked Search over Encrypted Cloud Data Supporting Parallel Computing, IEICE Transactions on Communications, E98.B, 1, pp. 190-200, (2015)
[10] Xia Z., Wang X., Sun X., Wang Q., A Secure and Dynamic Multi-Keyword Ranked Search Scheme over Encrypted Cloud Data, IEEE Transactions on Parallel and Distributed Systems, 27, 2, pp. 340-352, (2016)

← 1 2 3 →