Título: Secure Cloud Storage: Auditing and Monitoring Mechanisms for Detecting Violations of Security Properties.

Data: 06/07/2017 Horário: 10h Local: Sala de Seminários do Bloco 942-A - Campus do Pici

Resumo:

A cloud storage service implements security mechanisms to protect users' data. Moreover, due to the loss of control over the cloud infrastructure, it is essential to provide security mechanisms, increasing the trust and transparency in cloud services. Normally, auditing and monitoring mechanisms are used to detect violations of security properties. Due to the customers' needs, the secure data sharing is an essential security issue highlighted in literature. However, an analysis of the literature reveals flaws in existing solutions that do not identify all attacks. Then, a secure storage service for cloud computing is proposed in this work to address these issues, combining security mechanisms for providing access control and violation detection. The proposed solution includes auditing and monitoring mechanisms to detect and prove violations of security properties. Colored Petri Nets (CPNs) are used for the proposal evaluation. As results, the provider cannot deny a violation and attacks are detected in real-time, except collusion attacks, which are identified, in our proposal, in the auditing phase. The proposed storage service improves the detection of violations and offers security guarantees over the data stored in the cloud.

Banca:

• Prof.ª Dr.ª Rossana Maria de Castro Andrade (MDCC/UFC - Orientadora)
• Prof. Dr. Miguel Franklin de Castro (MDCC/UFC - Coorientador)
• Prof. Dr. Nazim Algoumine (UEVE-França)
• Prof. Dr. Danielo Gonçalves Gomes (UFC)
• Prof. Dr. José Neuman de Souza (MDCC/UFC)