Abstract | ||
---|---|---|
Software-as-a-service (SaaS) cloud systems enable application service providers to deliver their applications via massive cloud computing infrastructures. However, due to their sharing nature, SaaS clouds are vulnerable to malicious attacks. In this paper, we present IntTest, a scalable and effective service integrity attestation framework for SaaS clouds. IntTest provides a novel integrated attestation graph analysis scheme that can provide stronger attacker pinpointing power than previous schemes. Moreover, IntTest can automatically enhance result quality by replacing bad results produced by malicious attackers with good results produced by benign service providers. We have implemented a prototype of the IntTest system and tested it on a production cloud computing infrastructure using IBM System S stream processing applications. Our experimental results show that IntTest can achieve higher attacker pinpointing accuracy than existing approaches. IntTest does not require any special hardware or secure kernel support and imposes little performance impact to the application, which makes it practical for large-scale cloud systems. |
Year | DOI | Venue |
---|---|---|
2014 | 10.1109/TPDS.2013.62 | IEEE Trans. Parallel Distrib. Syst. |
Keywords | Field | DocType |
inttest system,service integrity attestation,software-as-a-service clouds,benign service provider,production cloud computing infrastructure,attestation graph analysis scheme,data analysis,cloud computing infrastructures,effective service integrity attestation,distributed service integrity attestation,application service provider,large-scale cloud system,saas cloud systems,malicious attacks,scalable distributed service,attacker pinpointing accuracy,ibm system s,secure distributed data processing,massive cloud computing infrastructure,cloud computing,cloud system,application service providers,stream processing applications,security of data,integrated attestation graph analysis scheme,saas cloud,data processing,software as a service,security,hardware | IBM,Computer security,Computer science,Service provider,Power graph analysis,Software as a service,Application service provider,Stream processing,Distributed computing,Scalability,Cloud computing | Journal |
Volume | Issue | ISSN |
25 | 3 | 1045-9219 |
Citations | PageRank | References |
4 | 0.43 | 23 |
Authors | ||
5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Juan Du | 1 | 96 | 5.10 |
Daniel J. Dean | 2 | 102 | 5.88 |
Yongmin Tan | 3 | 169 | 7.58 |
Xiaohui Gu | 4 | 1975 | 103.57 |
Ting Yu | 5 | 2093 | 150.43 |