A Secure Cloud-Based IDPS Using Cryptographic Traces and Revocation Protocol

• Published in: Codes, Cryptology and Information Security pp. 365 - 382
• Main Authors: Idrissi, Hind, Ennahbaoui, Mohammed, El Hajji, Said, Souidi, El Mamoun
• Format: Book Chapter
• Language: English
• Published: Cham Springer International Publishing
• Series: Lecture Notes in Computer Science
• Subjects: Cloud computing; Cryptographic traces; IDPS; Mobile agent; Revocation protocol
• ISBN: 9783319555881; 331955588X
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/978-3-319-55589-8_24

Cloud computing is a revolutionary information technology, that aims to provide reliable, customized and quality of service guaranteed environments, where virtualized and dynamic data are stored and shared among cloud users. Thanks to its significant benefits such as: on demand resources and low maintenance costs, cloud computing becomes a trend in the area of new technologies that facilitates communication and access to information. Despite the aforementioned facts, the distributed and open nature of this paradigm makes privacy and security of the stored resources a major challenge, that limits the use and agreement of cloud computing in practice. Among the strong security policies adopted to address this problem, there are Intrusion Detection and Prevention Systems (IDPS), that enable the cloud architecture to detect anomalies through monitoring the usage of stored resources, and then reacting prevent their expansion. In this paper, we propose a secure, reliable and flexible IDPS mainly based on autonomous mobile agents, that are associated with tracing and revocation protocol. While roaming among multiple cloud servers, our mobile agent is charged with executing requested tasks and collecting needed information. Thus, on each cloud server a “cryptographic trace” is produced in which all behaviors, results and data involved in the execution are recorded, which allow to identify any possible intrusions and hence predict a response to prevent them or end their processing, through using a server revocation technique based on trust threshold.