Abstract
Conventional web based systems present a multiplicity of attack vectors. One of the main components, the database, is frequently configured incorrectly, often using default settings, which leave the system wide open to attack. Once a system has been attacked, valuable audit trail and system log data is usually deleted to cover the trail of the perpetrator. Given the average industry time between breach and discovery, there is often little forensic trail left to follow. Of equal importance is that in cloud settings, where new instances are automatically spooled and shut down to follow the demand curve, any data stored on the running instance before shut down is lost. We demonstrate how the configuration of a simple immutable database, running on a separate private system can go a long way to resolving this problem.
| Original language | English |
|---|---|
| Title of host publication | Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece |
| Place of Publication | Athens, Greece |
| Publisher | IARIA |
| Pages | 54-59 |
| Number of pages | 6 |
| ISBN (Print) | 978-1-61208-529-6 |
| Publication status | Published - 20 Feb 2017 |
| Event | Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece - Novotel Athens Hotel, Athens, Greece Duration: 19 Feb 2017 → 23 Mar 2017 http://www.iaria.org/conferences2017/ProgramCLOUDCOMPUTING17.html |
Publication series
| Name | |
|---|---|
| ISSN (Print) | 2308-4294 |
Conference
| Conference | Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 19 February 2017 - 23 February 2017, Athens, Greece |
|---|---|
| Abbreviated title | Cloud Computing |
| Country/Territory | Greece |
| City | Athens |
| Period | 19/02/17 → 23/03/17 |
| Internet address |
Keywords
- Cloud security and privacy
- immutable database
- forensic trail