Cryptology ePrint Archive: Report 2015/1175

Improved Data Confidentiality of Audit Trail Data in Multi-Tenant Cloud

Bhanu Prakash Gopularam and Nalini. N

Abstract: Cloud computing is delivery of services rather than a product and among different cloud deployment models, the public cloud provides improved scalability and cost reduction when compared to others. Security and privacy of data is one of the key factors in transitioning to cloud. Typically the cloud providers have a demilitarized zone protecting the data center along with a reverse proxy setup. The reverse proxy gateway acts as initial access point and provides additional capabilities like load balancing, caching, security monitoring capturing events, syslogs related to hosts residing in the cloud. The audit-trail logs captured by reverse proxy server comprise important information related to all the tenants. While the PKI infrastructure works in cloud scenario it becomes cumbersome from manageability point of view and they lack flexibility in providing controlled access to data. In this paper we evaluate risks associated with security and privacy of audit logs produced by reverse proxy server. We provide a two-phase approach for sharing the audit-logs with users allowing fine-grained access. In this paper we evaluate certain Identity-Based and AttributeBased Encryption schemes and provide detailed analysis on performance.

Category / Keywords: implementation / Data confidentiality, multi-tenancy, audit-trail log, Attribute-based encryption, reverse proxy security

Original Publication (in the same form): Improved Data Confidentiality of Audit Trail Data in Multi-Tenant Cloud

Date: received 6 Dec 2015

Contact author: bhanuprakash gopularam at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20151208:220226 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]