PhD Oral Exam - Suryadipta Majumdar, , Information and System Engineering
When studying for a doctoral degree (PhD), candidates submit a thesis that provides a critical review of the current state of knowledge of the thesis subject as well as the student’s own contributions to the subject. The distinguishing criterion of doctoral graduate research is a significant and original contribution to knowledge.
Once accepted, the candidate presents the thesis orally. This oral exam is open to the public.
Cloud computing is emerging as a promising IT solution for enabling ubiquitous, convenient, and on-demand accesses to a shared pool of configurable computing resources. However, the widespread adoption of cloud is still being hindered by the lack of transparency and accountability, which has traditionally been ensured through security auditing techniques. Security auditing in cloud poses many unique challenges in data collection and processing (e.g., data format inconsistency and lack of correlation due to the heterogeneity of cloud infrastructures), and in verification (e.g., prohibitive performance overhead due to the sheer scale of cloud infrastructures and need of runtime verification for the dynamic nature of cloud). To this extent, existing security auditing solutions can mainly be categorized into three types: retroactive, intercept-and-check and proactive. The retroactive auditing approach is the traditional auditing technique, which audits after the fact and cannot prevent irreversible damages (e.g., leakage of sensitive information and denial of service attacks). The intercept-and-check approach offers runtime auditing and performs all the auditing steps after the occurrence of a critical event (i.e., which may potentially violate a security property). However, this approach results significant delay in responding each critical event. On the other hand, the existing proactive approach requires the changes (in the cloud configurations) planned for the future in advance to verify its compliance; however, this approach is not practical, because the future change plan is not always available due to cloud’s dynamic and ad-hoc nature. In this thesis, we address all the above-mentioned limitations of the existing works by proposing a proactive security auditing system, which potentially can prevent irreversible damages, respond in significantly less time and offer a practical approach without requiring any future change plan. To this purpose, we conduct our work into three main phases. During the first phase, we propose a runtime security auditing system for the user level of the cloud; where our proposed system audits wide range of security properties relevant to different authentication and authorization mechanisms, such as role-based access control (RBAC), attribute-based access control (ABAC) and single sing-on (SSO), and enhances the existing intercept-and-check solutions by adopting an incremental approach to improve the efficiency. In the second phase of our work, we propose a novel approach of proactive security auditing; which leverages the dependency relationship among cloud events and pre-computes the most expensive parts of the auditing process to keep the response time of the solution to a practical level. In our final phase, we utilize learning techniques to automatically capture these probabilistic dependency relationships, and propose an automated log processing approach to prepare the raw logs collected from cloud deployments for these learning methods to significantly enhance the practicality of our proactive security auditing system. Also, to demonstrate the applicability, scalability and efficiency of our proposed system, we integrate it to OpenStack, a major cloud platform, and evaluate it using both synthetic and real data. In summary, this thesis contributes towards enhancing security, efficiency and practicality of security auditing in the cloud environment.