IEEE 2013 First International Workshop on Cloud Security Auditing

Description

Security concerns are a major impediment to the widespread adoption of cloud services. Cloud services often deal with sensitive information and operations. Thus, cloud service providers must provision services to rapidly identify security threats for increased information assurance. In addition, when a threat is identified or an attack is detected, incident reporting should be timely and precise to allow cloud tenants and users to respond appropriately. Detection and reporting require meta-information to be captured across the cloud in order to audit and monitor it for potential threats that may lead to attacks and to discern when and where an attack has already occurred.

Capturing security relevant information and auditing the results to determine the existence of security threats in the cloud is challenging for multiple reasons. Cloud tenants rely on the cloud for diverse tasks and have services and data that may require isolation or be provisioned for composition with other services in cloud applications. Organizations may not have the logging capabilities in place for their services or may not be predisposed to share the information. Cloud management services are needed to log relevant events at their endpoints, including user interactions and interactions within the cloud federation. Consistent formats for capturing events and generating logs to be hosted within the cloud are not specified as part of current service level agreements (SLAs). Near real-time analysis is needed for prediction of potential threats in order to respond quickly to prevent an attack. Centralized analysis of information captured may present too much overhead for timely alerts and incident reporting. But distributed analysis must guarantee that the partial information it uses is sufficient to determine a threat. All analyses must consider the configuration of the cloud and its tenant services and resources.

The goal of this one day workshop is to bring together researchers and practitioners to explore and assess varied and viable technologies for capturing security relevant events throughout the cloud and performing monitoring and analyses on the captured information to detect, prevent, and mitigate security threats.

Topics of interest of CSAW2013 include, but are not limited to

• Languages and protocols for specifying, composing, and analyzing security-relevant, distributed logs of audit data from a cloud-wide perspective

• Cloud security, threat modeling, and analysis, including centralized/distributed attack detection and prediction/prevention algorithms based on audited information, and automated tools for capturing, integrating, and analyzing cloud audit data

• Algorithms and protocols for audit data stream delivery, manipulation, and analysis for big cloud audit data

• Access control and information flow control models for disclosure and modification of sensitive cloud audit data

• Methods for expressing and representing the cloud infrastructure and configuration to influence logging and monitoring processes

• Information assurance (authenticity, integrity, confidentiality and availability) of cloud audit data, including security and privacy policies and compliance with security controls such as NIST sp800-53 and Cloud Security Alliance guidance 3.0

• Service-level agreements that formalize and guarantee logging and analysis capabilities

Important Dates

Paper Submission Deadline: March 18, 2013, April 16, 2013 (extended)
Decision Notification: April 5, 2013, April 25, 2013 (extended)
Camera Ready Copy and Pre-registration Deadline: May 1, 2013 (extended)

Paper Submission

Authors are invited to submit full papers (maximum 8 pages) or short papers (maximum 4 pages) as per IEEE 8.5 x 11 manuscript guidelines (download Word templates or LaTeX templates). The submitted papers can only be in the format of PDF or WORD. Please follow the IEEE Computer Society Press Proceedings Author Guidelines to prepare your papers, respectively. At least one author of each accepted paper is required to attend the workshop and present the paper. All papers must be submitted via the confhub submission system for the CSA Workshop. In addition, authors of accepted papers will have the opportunity to display a poster during the workshop to foster continued discussion.

First time users need to register with the system first (see these instructions for details). All the accepted papers by the workshops will be included in the Proceedings of the Ninth IEEE 2013 World Congress on Services (SERVICES 2013) which will be published by IEEE Computer Society.

Workshop Chairs

Rose Gamble, University of Tulsa, gamble@utulsa.edu
Indrakshi Ray, Colorado State University, iray@cs.colostate.edu
Keesook J. Han, Air Force Research Laboratory, keesook.han@rl.af.mil

Program Committee

Atul Prakash, University of Michigan, USA
Chin-Tser Huang, University of South Carolina, USA
E. Paul Ratazzi, Air Force Research Laboratory, USA
Feng Li, Indiana University-Purdue University Indianapolis, USA
Frédéric Cuppens, Telecom Bretagne, France
Gail-Joon Ahn, Arizona State University, USA
Giovanni Livraga, Università degli Studi di Milano, Italy
Indrajit Ray, Colorado State University, USA
Matthew Hale, University of Tulsa, USA
Murat Kantarcioglu: University of Texas at Dallas, USA
Negar Kiyavash, University of Illinois at Urbana-Champaign, USA
Nora Cuppens, Telecom Bretagne, France
Norman Ahmed, Air Force Research Laboratory, USA
Ravi Jhawar, Università degli Studi di Milano, Italy
Shouhuai Xu, University of Texas at San Antonio, USA
Yu Chen, Binghamton University, USA

Contacts

The Call for Papers can be downloaded here. Any questions or problems should be directed to the workshop chairs at the email addresses above or to the webmaster matt-hale@utulsa.edu.