Cloudacc: a cloud-based accountability framework for federated cloud

Detalhes bibliográficos
Ano de defesa: 2016
Autor(a) principal: RODRIGUES, Thiago Gomes
Orientador(a): Não Informado pela instituição
Banca de defesa: Não Informado pela instituição
Tipo de documento: Tese
Tipo de acesso: Acesso aberto
Idioma: eng
Instituição de defesa: Universidade Federal de Pernambuco
UFPE
Brasil
Programa de Pos Graduacao em Ciencia da Computacao
Programa de Pós-Graduação: Não Informado pela instituição
Departamento: Não Informado pela instituição
País: Não Informado pela instituição
Palavras-chave em Português:
Federação de nuvens
Accountability
Segurança em nuvem
Transparência
Conformidade com a lei
Cloud federation
Cloud security
Transparency
Law compliance
Link de acesso: https://repositorio.ufpe.br/handle/123456789/18590
Resumo: The evolution of software service delivery has changed the way accountability is performed. The complexity related to cloud computing environments increases the difficulty in properly performing accountability, since the evidences are spread through the whole infrastructure, from different servers, in physical, virtualization and application layers. This complexity increases when the cloud federation is considered because besides the inherent complexity of the virtualized environment, the federation members may not implement the same security procedures and policies. The main objective of this thesis is to propose an accountability framework named CloudAcc, that supports audit, management, planning and billing process in federated cloud environments, increasing trust and transparency. Furthermore, CloudAcc considers the legal safeguard requirements presented in Brazilian Marco Civil da Internet. We confirm the CloudAcc effectiveness when some infrastructure elements were submitted against Denial of Service (DoS) and Brute Force attacks, and our framework was able to detect them. Facing the results obtained, we can conclude that CloudAcc contributes to the state-of-the-art once it provides the holistic vision of the cloud federated environment through the evidence collection considering the three layers, supporting audit, management, planning and billing process in federated cloud environments.
id UFPE_e8419e75cb5f14ed061161a15745aa63
oai_identifier_str oai:repositorio.ufpe.br:123456789/18590
network_acronym_str UFPE
network_name_str Repositório Institucional da UFPE
repository_id_str
spelling Cloudacc: a cloud-based accountability framework for federated cloudFederação de nuvensAccountabilitySegurança em nuvemTransparênciaConformidade com a leiCloud federationAccountabilityCloud securityTransparencyLaw complianceThe evolution of software service delivery has changed the way accountability is performed. The complexity related to cloud computing environments increases the difficulty in properly performing accountability, since the evidences are spread through the whole infrastructure, from different servers, in physical, virtualization and application layers. This complexity increases when the cloud federation is considered because besides the inherent complexity of the virtualized environment, the federation members may not implement the same security procedures and policies. The main objective of this thesis is to propose an accountability framework named CloudAcc, that supports audit, management, planning and billing process in federated cloud environments, increasing trust and transparency. Furthermore, CloudAcc considers the legal safeguard requirements presented in Brazilian Marco Civil da Internet. We confirm the CloudAcc effectiveness when some infrastructure elements were submitted against Denial of Service (DoS) and Brute Force attacks, and our framework was able to detect them. Facing the results obtained, we can conclude that CloudAcc contributes to the state-of-the-art once it provides the holistic vision of the cloud federated environment through the evidence collection considering the three layers, supporting audit, management, planning and billing process in federated cloud environments.A maneira de realizar accountability tem variado à medida em que o modo de entrega de serviços de Tecnologia da Informação (TI) tem evoluído. Em ambientes de nuvem a complexidade de realizar accountability apropriadamente é alta porque as evidências devem ser coletadas considerando-se as camadas física, de virtualização e de aplicações, que estão espalhadas em diferentes servidores e elementos da infraestrutura. Esta complexidade é ampliada quando ocorre a federação das infraestruturas de nuvem porque além da complexidade inerente ao ambiente virtualizado, os membros da federação podem não ter os mesmos grupos de políticas e práticas de segurança. O principal objetivo desta tese é propor um framework de accountability, denominado CloudAcc, que suporte processos de auditoria, gerenciamento, planejamento e cobrança, em nuvens federadas, aumentando a confiança e a transparência. Além disso, o CloudAcc também considera os requisitos legais para a salvaguarda dos registros, conforme descrito no Marco Civil da Internet brasileira. A efetividade do CloudAcc foi confirmada quando alguns componentes da infraestrutura da nuvem foram submetidos a ataques de negação de serviço e de força bruta, e o framework foi capaz de detectá-los. Diante dos resultados obtidos, pode-se concluir que o CloudAcc contribui para o estado-da-arte, uma vez que fornece uma visão holística do ambiente de nuvem federada através da coleta de evidências em três camadas suportando os processos de auditoria, gerenciamento, planejamento e cobrança.Universidade Federal de PernambucoUFPEBrasilPrograma de Pos Graduacao em Ciencia da ComputacaoKELNER, JudithENDO, Patricia Takakohttp://lattes.cnpq.br/4205356718868779http://lattes.cnpq.br/7532050172035129RODRIGUES, Thiago Gomes2017-04-19T15:09:08Z2017-04-19T15:09:08Z2016-09-08info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/doctoralThesisapplication/pdfhttps://repositorio.ufpe.br/handle/123456789/18590engAttribution-NonCommercial-NoDerivs 3.0 Brazilhttp://creativecommons.org/licenses/by-nc-nd/3.0/br/info:eu-repo/semantics/openAccessreponame:Repositório Institucional da UFPEinstname:Universidade Federal de Pernambuco (UFPE)instacron:UFPE2019-10-25T10:46:27Zoai:repositorio.ufpe.br:123456789/18590Repositório InstitucionalPUBhttps://repositorio.ufpe.br/oai/requestattena@ufpe.bropendoar:22212019-10-25T10:46:27Repositório Institucional da UFPE - Universidade Federal de Pernambuco (UFPE)false
dc.title.none.fl_str_mv Cloudacc: a cloud-based accountability framework for federated cloud
title Cloudacc: a cloud-based accountability framework for federated cloud
spellingShingle Cloudacc: a cloud-based accountability framework for federated cloud
RODRIGUES, Thiago Gomes
Federação de nuvens
Accountability
Segurança em nuvem
Transparência
Conformidade com a lei
Cloud federation
Accountability
Cloud security
Transparency
Law compliance
title_short Cloudacc: a cloud-based accountability framework for federated cloud
title_full Cloudacc: a cloud-based accountability framework for federated cloud
title_fullStr Cloudacc: a cloud-based accountability framework for federated cloud
title_full_unstemmed Cloudacc: a cloud-based accountability framework for federated cloud
title_sort Cloudacc: a cloud-based accountability framework for federated cloud
author RODRIGUES, Thiago Gomes
author_facet RODRIGUES, Thiago Gomes
author_role author
dc.contributor.none.fl_str_mv KELNER, Judith
ENDO, Patricia Takako
http://lattes.cnpq.br/4205356718868779
http://lattes.cnpq.br/7532050172035129
dc.contributor.author.fl_str_mv RODRIGUES, Thiago Gomes
dc.subject.por.fl_str_mv Federação de nuvens
Accountability
Segurança em nuvem
Transparência
Conformidade com a lei
Cloud federation
Accountability
Cloud security
Transparency
Law compliance
topic Federação de nuvens
Accountability
Segurança em nuvem
Transparência
Conformidade com a lei
Cloud federation
Accountability
Cloud security
Transparency
Law compliance
description The evolution of software service delivery has changed the way accountability is performed. The complexity related to cloud computing environments increases the difficulty in properly performing accountability, since the evidences are spread through the whole infrastructure, from different servers, in physical, virtualization and application layers. This complexity increases when the cloud federation is considered because besides the inherent complexity of the virtualized environment, the federation members may not implement the same security procedures and policies. The main objective of this thesis is to propose an accountability framework named CloudAcc, that supports audit, management, planning and billing process in federated cloud environments, increasing trust and transparency. Furthermore, CloudAcc considers the legal safeguard requirements presented in Brazilian Marco Civil da Internet. We confirm the CloudAcc effectiveness when some infrastructure elements were submitted against Denial of Service (DoS) and Brute Force attacks, and our framework was able to detect them. Facing the results obtained, we can conclude that CloudAcc contributes to the state-of-the-art once it provides the holistic vision of the cloud federated environment through the evidence collection considering the three layers, supporting audit, management, planning and billing process in federated cloud environments.
publishDate 2016
dc.date.none.fl_str_mv 2016-09-08
2017-04-19T15:09:08Z
2017-04-19T15:09:08Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/doctoralThesis
format doctoralThesis
status_str publishedVersion
dc.identifier.uri.fl_str_mv https://repositorio.ufpe.br/handle/123456789/18590
url https://repositorio.ufpe.br/handle/123456789/18590
dc.language.iso.fl_str_mv eng
language eng
dc.rights.driver.fl_str_mv Attribution-NonCommercial-NoDerivs 3.0 Brazil
http://creativecommons.org/licenses/by-nc-nd/3.0/br/
info:eu-repo/semantics/openAccess
rights_invalid_str_mv Attribution-NonCommercial-NoDerivs 3.0 Brazil
http://creativecommons.org/licenses/by-nc-nd/3.0/br/
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Universidade Federal de Pernambuco
UFPE
Brasil
Programa de Pos Graduacao em Ciencia da Computacao
publisher.none.fl_str_mv Universidade Federal de Pernambuco
UFPE
Brasil
Programa de Pos Graduacao em Ciencia da Computacao
dc.source.none.fl_str_mv reponame:Repositório Institucional da UFPE
instname:Universidade Federal de Pernambuco (UFPE)
instacron:UFPE
instname_str Universidade Federal de Pernambuco (UFPE)
instacron_str UFPE
institution UFPE
reponame_str Repositório Institucional da UFPE
collection Repositório Institucional da UFPE
repository.name.fl_str_mv Repositório Institucional da UFPE - Universidade Federal de Pernambuco (UFPE)
repository.mail.fl_str_mv attena@ufpe.br
_version_ 1856042052362436608

Registros relacionados