Abstract
With more cloud customers are storing their data in multiple Cloud Service Providers (CSPs), they are responsible for managing the data in the multi-cloud storage environment, including monitoring the events on the cloud. They could monitor various cloud storage services by collecting, processing, and analyzing the cloud storage log files generated by multiple CSPs. In this paper, we investigate the feasibility of log-based monitoring for multi-cloud storage systems. We evaluate the current state of cloud object storage services and their logging functionality by analyzing cloud storage log files generated by a proof-of-concept cloud storage broker system using the three largest public CSPs: Amazon Web Services, Google Cloud Platform, and Microsoft Azure. We discover the logging functionality of cloud storage services could create severe security and reliability issues for cloud customers monitoring the multi-cloud storage systems due to cloud storage log files might not record unauthenticated and unauthorized requests with unpredictable delivery time.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
References
De Marco, L., Ferrucci, F., Kechadi, T.: Slafm: A service level agreements formal model for cloud computing. In: The 5th International Conference on Cloud Computing and Service Science (CLOSER 2015), Lisbon, Portugal, 20–22 May 2015 (2015)
Devarajan, A.A., SudalaiMuthu, T.: Cloud storage monitoring system analyzing through file access pattern. In: 2019 International Conference on Computational Intelligence in Data Science (ICCIDS), pp. 1–6. IEEE (2019)
Garion, S., Kolodner, H., Adir, A., Aharoni, E., Greenberg, L.: Big data analysis of cloud storage logs using spark. In: Proceedings of the 10th ACM International Systems and Storage Conference, p. 1 (2017)
Huang, W., Ganjali, A., Kim, B.H., Oh, S., Lie, D.: The state of public infrastructure-as-a-service cloud security. ACM Comput. Surv. (CSUR) 47(4), 1–31 (2015)
Khan, S., Gani, A., Wahab, A.W.A., Bagiwa, M.A., Shiraz, M., Khan, S.U., Buyya, R., Zomaya, A.Y.: Cloud log forensics: foundations, state of the art, and future directions. ACM Comput. Surv. (CSUR) 49(1), 1–42 (2016)
Nachiappan, R., Javadi, B., Calheiros, R.N., Matawie, K.M.: Cloud storage reliability for big data applications: a state of the art survey. J. Netw. Comput. Appl. 97, 35–47 (2017)
Pichan, A., Lazarescu, M., Soh, S.T.: Cloud forensics: technical challenges, solutions and comparative analysis. Digit. Invest. 13, 38–57 (2015)
Rafique, A., Van Landuyt, D., Reniers, V., Joosen, W.: Towards an adaptive middleware for efficient multi-cloud data storage. In: Proceedings of the 4th Workshop on CrossCloud Infrastructures & Platforms, pp. 1–6 (2017)
Amazon Web Services: Amazon s3 server access logging (2020). https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html. Accessed 09 Jun 2020
Amazon Web Services: logging amazon s3 API calls using aws cloudtrail (2020). https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudtrail-logging.html. Accessed 18 Jun 2020
Amazon Web Services: shared responsibility model (2020). https://aws.amazon.com/compliance/shared-responsibility-model/. Accessed 19 Nov 2020
Google Cloud Platform: access logs & storage logs (2020). https://cloud.google.com/storage/docs/access-logs. Accessed 05 Jun 2020
Google Cloud Platform: cloud audit logs with cloud storage (2020). https://cloud.google.com/storage/docs/audit-logs. Accessed 23 Jun 2020
Microsoft Azure: Azure storage analytics logging|microsoft docs (2020). https://docs.microsoft.com/en-us/azure/storage/common/storage-analytics-logging?tabs=dotnet. Accessed 09 Jun 2020
Microsoft Azure: create diagnostic settings to send platform logs and metrics to different destinations (2020). https://docs.microsoft.com/en-us/azure/azure-monitor/platform/diagnostic-settings. Accessed 18 Sep 2020
Sukmana, M.I., Torkura, K.A., Graupner, H., Cheng, F., Meinel, C.: Unified cloud access control model for cloud storage broker. In: 2019 International Conference on Information Networking (ICOIN), pp. 60–65. IEEE (2019)
Sukmana, M.I., Torkura, K.A., Prasetyo, S.D., Cheng, F., Meinel, C.: A brokerage approach for secure multi-cloud storage resource management. In: 16th EAI International Conference on Security and Privacy in Communication Networks (SecureComm) 2020. Springer (2020)
Syed, H.J., Gani, A., Ahmad, R.W., Khan, M.K., Ahmed, A.I.A.: Cloud monitoring: a review, taxonomy, and open research issues. J. Netw. Comput. Appl. 98, 11–26 (2017)
Thales: 2019 global cloud security study (2019). https://cpl.thalesgroup.com/cloud-security-research. Accessed 19 Oct 2020
Torkura, K.A., Sukmana, M.I.H., Cheng, F., Meinel, C.: Slingshot - automated threat detection and incident response in multi cloud storage systems. In: 2019 IEEE 18th International Symposium on Network Computing and Applications (NCA), pp. 1–5 (2019). https://doi.org/10.1109/NCA.2019.8935040
Torkura, K.A., Sukmana, M.I.H., Meinig, M., Kayem, A.V.D.M., Cheng, F., Graupner, H., Meinel, C.: Securing cloud storage brokerage systems through threat models. In: 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA), pp. 759–768 (2018). https://doi.org/10.1109/AINA.2018.00114
Wang, C., Ren, K., Lou, W., Li, J.: Toward publicly auditable secure cloud data storage services. IEEE Netw. 24(4), 19–24 (2010)
Yu, X., Joshi, P., Xu, J., Jin, G., Zhang, H., Jiang, G.: Cloudseer: workflow monitoring of cloud infrastructures via interleaved logs. ACM SIGARCH Comput. Archit. News 44(2), 489–502 (2016)
Acknowledgment
We would like to thank Bundesdruckerei GmbH for the support for this paper.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Sukmana, M.I.H., Cöster, J., Puenter, W., Torkura, K.A., Cheng, F., Meinel, C. (2021). A Feasibility Study of Log-Based Monitoring for Multi-cloud Storage Systems. In: Barolli, L., Woungang, I., Enokido, T. (eds) Advanced Information Networking and Applications. AINA 2021. Lecture Notes in Networks and Systems, vol 226. Springer, Cham. https://doi.org/10.1007/978-3-030-75075-6_37
Download citation
DOI: https://doi.org/10.1007/978-3-030-75075-6_37
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-75074-9
Online ISBN: 978-3-030-75075-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)