A CLOUD SECURITY MODEL (CSM) FOR FINE GRAINED EFFICIENT INFORMATION FLOW TRACKING (EIFT)
Alqahtani, Fahad. (2023-05). A CLOUD SECURITY MODEL (CSM) FOR FINE GRAINED EFFICIENT INFORMATION FLOW TRACKING (EIFT). Theses and Dissertations Collection, University of Idaho Library Digital Collections. https://www.lib.uidaho.edu/digital/etd/items/alqahtani_idaho_0089e_12495.html
- Title:
- A CLOUD SECURITY MODEL (CSM) FOR FINE GRAINED EFFICIENT INFORMATION FLOW TRACKING (EIFT)
- Author:
- Alqahtani, Fahad
- Date:
- 2023-05
- Embargo Remove Date:
- 2025-06-08
- Program:
- Computer Science
- Subject Category:
- Computer science
- Abstract:
-
The primary concern of Cloud service consuming organizations is the kind of control that they may have over their data. Companies are legally required to monitor and maintain confidential, a subset of sensitive data, crucial to both their business and customers/consumers. Conversely, Cloud Service Providers are not showing commitment (i.e., compliance or capable, e.g., Twitter) towards securely handling such confidential data and this may put sensitive data at risk. Hence, consumers are expected to maintain control over their sensitive data both at their local infrastructure and in the cloud. To achieve this, companies (i.e., consumers of Cloud services) are practicing methods that would typically block access to Cloud services at the network level to protect sensitive data stored in their local infrastructure. However, such restrictions may limit employee performance, and at the same time may not combat malicious activities of authorized/unauthorized employees (e.g., corporate espionage). This study proposes a model (i.e., CloudMonitor) that enables consumers and providers to transparently track data in the Cloud environment. In this way, consumers can have greater control over their data: i) conduct an audit to assess the treatment of their data by third-party services, and ii) simultaneously employees have full use of such Cloud services. This research developed mechanisms used by the CloudMonitor to enable transparent data tracking. The model uses the known concept of centralized Information Flow Tracking (IFT), fundamental to protecting Cloud. Additionally, this work expanded the IFC concept by developing and validating both centralized and a decentralized IFT systems (i.e., together these provide a higher confidence protection). As a result, we determined through experimentation that the CloudMonitor can achieve better Cloud security using the decentralized Information IFT approach. Though, utilizing both provides greater defense in depth. CloudMonitor is mainly designed for ensuring that data stored in the cloud is secure. Consequently, the description here focuses on the unique decentralized IFT tracking capabilities (i.e., software as a service [SAAS]) in particular. Using CloudMonitor both consumers and providers of such a SAAS can agree on concrete security policies for secure data storage enforcement. On this basis, this study orchestrates and evaluates, based on a set of real-world experiments, the confluence of these unique tracking capabilities in achieving a greater level of security compared to other reported results. Utilizing several experiments, the CloudMonitor was evaluated for input/output performance, execution time, and resources utilization. The outcome demonstrates that the size of the analyzed input/output data has no effect on the performance. The execution time increases nonlinearly as the volume of data increases. The system's execution time did not exceed one second. According to the reported data, the system achieves an effective CPU and memory consumption profile of 8% and 37% of average utilization respectively.
- Description:
- doctoral, Ph.D., Computer Science -- University of Idaho - College of Graduate Studies, 2023-05
- Major Professor:
- Frederick, Sheldon
- Committee:
- Xiaogang, (Marshall) Ma; Song, Jia; Chakhchoukh, Yacine; Soule, Terry
- Defense Date:
- 2023-05
- Identifier:
- Alqahtani_idaho_0089E_12495
- Type:
- Text
- Format Original:
- Format:
- application/pdf
- Rights:
- In Copyright - Educational Use Permitted. For more information, please contact University of Idaho Library Special Collections and Archives Department at libspec@uidaho.edu.
- Standardized Rights:
- http://rightsstatements.org/vocab/InC-EDU/1.0/