Cloud cyber-security

Empowering the audit trail

Robert Anderson Keith Duncan, Mark Whittington

Research output: Contribution to journalArticle

Abstract

Cyber-security presents a serious challenge. Cyber- security in the cloud presents a far more serious challenge, due to the multi-tenant nature of cloud relationships and the transitory nature of cloud instances.We have identified a fundamental weakness when undertaking cloud audit, namely the misconceptions surrounding the purpose of audit, what comprises a proper audit trail, what should be included, and how it should be achieved and maintained. A properly specified audit trail can provide a powerful tool in the armoury against cyber-crime, yet it is all too easy to throw away the benefits offered by this simple tool through lack of understanding, incompetence, mis-configuration or sheer laziness. A major weakness is the need to ensure the audit trail is properly preserved. We propose that some simple changes in approach are undertaken, which can considerably improve the status quo, while radically improving the ability to conduct forensic examination in the event of a breach, but of course, merely having an effective audit trail is not enough — we actually have to analyse it regularly to realise the potential benefits it offers.
Original languageEnglish
Article number8
Pages (from-to)169-183
Number of pages15
JournalInternational Journal on Advances in Security
Volume9
Issue number3 & 4
Publication statusPublished - 2016

Fingerprint

Crime

Keywords

  • cloud cyber security
  • compliance
  • audit
  • audit trail

Cite this

Cloud cyber-security : Empowering the audit trail. / Duncan, Robert Anderson Keith; Whittington, Mark.

In: International Journal on Advances in Security, Vol. 9, No. 3 & 4, 8, 2016, p. 169-183.

Research output: Contribution to journalArticle

Duncan, Robert Anderson Keith ; Whittington, Mark. / Cloud cyber-security : Empowering the audit trail. In: International Journal on Advances in Security. 2016 ; Vol. 9, No. 3 & 4. pp. 169-183.
@article{2455be8314614e82875cb9df3ec3eb30,
title = "Cloud cyber-security: Empowering the audit trail",
abstract = "Cyber-security presents a serious challenge. Cyber- security in the cloud presents a far more serious challenge, due to the multi-tenant nature of cloud relationships and the transitory nature of cloud instances.We have identified a fundamental weakness when undertaking cloud audit, namely the misconceptions surrounding the purpose of audit, what comprises a proper audit trail, what should be included, and how it should be achieved and maintained. A properly specified audit trail can provide a powerful tool in the armoury against cyber-crime, yet it is all too easy to throw away the benefits offered by this simple tool through lack of understanding, incompetence, mis-configuration or sheer laziness. A major weakness is the need to ensure the audit trail is properly preserved. We propose that some simple changes in approach are undertaken, which can considerably improve the status quo, while radically improving the ability to conduct forensic examination in the event of a breach, but of course, merely having an effective audit trail is not enough — we actually have to analyse it regularly to realise the potential benefits it offers.",
keywords = "cloud cyber security, compliance, audit, audit trail",
author = "Duncan, {Robert Anderson Keith} and Mark Whittington",
year = "2016",
language = "English",
volume = "9",
pages = "169--183",
journal = "International Journal on Advances in Security",
issn = "1942-2636",
publisher = "IARIA",
number = "3 & 4",

}

TY - JOUR

T1 - Cloud cyber-security

T2 - Empowering the audit trail

AU - Duncan, Robert Anderson Keith

AU - Whittington, Mark

PY - 2016

Y1 - 2016

N2 - Cyber-security presents a serious challenge. Cyber- security in the cloud presents a far more serious challenge, due to the multi-tenant nature of cloud relationships and the transitory nature of cloud instances.We have identified a fundamental weakness when undertaking cloud audit, namely the misconceptions surrounding the purpose of audit, what comprises a proper audit trail, what should be included, and how it should be achieved and maintained. A properly specified audit trail can provide a powerful tool in the armoury against cyber-crime, yet it is all too easy to throw away the benefits offered by this simple tool through lack of understanding, incompetence, mis-configuration or sheer laziness. A major weakness is the need to ensure the audit trail is properly preserved. We propose that some simple changes in approach are undertaken, which can considerably improve the status quo, while radically improving the ability to conduct forensic examination in the event of a breach, but of course, merely having an effective audit trail is not enough — we actually have to analyse it regularly to realise the potential benefits it offers.

AB - Cyber-security presents a serious challenge. Cyber- security in the cloud presents a far more serious challenge, due to the multi-tenant nature of cloud relationships and the transitory nature of cloud instances.We have identified a fundamental weakness when undertaking cloud audit, namely the misconceptions surrounding the purpose of audit, what comprises a proper audit trail, what should be included, and how it should be achieved and maintained. A properly specified audit trail can provide a powerful tool in the armoury against cyber-crime, yet it is all too easy to throw away the benefits offered by this simple tool through lack of understanding, incompetence, mis-configuration or sheer laziness. A major weakness is the need to ensure the audit trail is properly preserved. We propose that some simple changes in approach are undertaken, which can considerably improve the status quo, while radically improving the ability to conduct forensic examination in the event of a breach, but of course, merely having an effective audit trail is not enough — we actually have to analyse it regularly to realise the potential benefits it offers.

KW - cloud cyber security

KW - compliance

KW - audit

KW - audit trail

M3 - Article

VL - 9

SP - 169

EP - 183

JO - International Journal on Advances in Security

JF - International Journal on Advances in Security

SN - 1942-2636

IS - 3 & 4

M1 - 8

ER -