'CSCAN Network' Research Student Profile

Home People Profile...

Dr Frank Doelitzscher PhD

CSCAN Network Research Student

Brief biographical information

frank.doelitzscher@hs-furtwangen.de

Access thesis on-line

Security Audit Compliance for Cloud Computing

Cloud computing has grown largely over the past three years and is widely popular
amongst today's IT landscape. In a comparative study between 250 IT decision makers
of UK companies they said, that they already use cloud services for 61% of their
systems. Cloud vendors promise "infinite scalability and resources" combined with
on-demand access from everywhere. This lets cloud users quickly forget, that there is
still a real IT infrastructure behind a cloud. Due to virtualization and multi-tenancy
the complexity of these infrastructures is even increased compared to traditional data
centers, while it is hidden from the user and outside of his control. This makes management
of service provisioning, monitoring, backup, disaster recovery and especially
security more complicated. Due to this, and a number of severe security incidents at
commercial providers in recent years there is a growing lack of trust in cloud infrastructures.

This thesis presents research on cloud security challenges and how they can be addressed
by cloud security audits. Security requirements of an Infrastructure as a
Service cloud are identified and it is shown how they differ from traditional data centres.
To address cloud specific security challenges, a new cloud audit criteria catalogue
is developed. Subsequently, a novel cloud security audit system gets developed, which
provides a flexible audit architecture for frequently changing cloud infrastructures. It
is based on lightweight software agents, which monitor key events in a cloud and trigger
specific targeted security audits on demand - on a customer and a cloud provider
perspective.

To enable these concurrent cloud audits, a Cloud Audit Policy Language is developed
and integrated into the audit architecture. Furthermore, to address advanced cloud
specifc security challenges, an anomaly detection system based on machine learning
technology is developed. By creating cloud usage profiles, a continuous evaluation of
events - customer specifc as well as customer overspanning - helps to detect anomalies
within an IaaS cloud. The feasibility of the research is presented as a prototype and its
functionality is presented in three demonstrations. Results prove, that the developed
cloud audit architecture is able to mitigate cloud specific security challenges.

Dr Frank Doelitzscher

Director of studies: Prof. Dr Christoph Reich
Other supervisors: Prof. Dr Martin Knahl, Dr Nathan L Clarke

Journal papers

Sun Behind Clouds - On Automatic Cloud Security Audits and a Cloud Audit Policy Language
Doelitzscher F, Rübsamen T, Karbe T, Reich C, Knahl MH, Clarke NL
International Journal on Advances in Networks and Services, vol 6 no 1 & 2, ISSN: 1942-2644, pp1-16, 2013
More details | External link available

An agent based business aware incident detection system for cloud environments
Doelitzscher F, Reich C, Knahl MH, Passfall A, Clarke NL
Journal of Cloud Computing: Advances, Systems and Applications, 1:9, ISSN: 2192-113X, 2012
More details | External link available

Private Cloud for Collaboration and e-Learning Services: from IaaS to SaaS
Doelitzscher F, Sulistio A, Reich C, Kuijs H, Wolf D
Computing, Vol. 91, No. 1, pp23-42, ISSN: 0010-485X, 2011
More details | External link available

Sicherheitsprobleme für IT Outsourcing basierend auf Cloud Computing
Doelitzscher F, Ardelt M, Knahl MH, Reich C
Praxis der Wirtschaftsinformatik, Volume 281, ISSN 1436-3011, 2011
More details | External link available

4 Journal papers

Conference papers

Anomaly Detection In IaaS Clouds
Doelitzscher F, Knahl MH, Reich C, Clarke NL
5th IEEE International Conference on Cloud Computing Technology and Science (CloudCom2013), Bristol, UK, Dec 2-5, ISBN: 978-0-7695-5095-4, pp387-394, 2013
More details | External link available

Validating Cloud Infrastructure Changes by Cloud Audits
Doelitzscher F, Fischer C, Moskal D, Reich C, Knahl MH, Clarke NL
Proceedings of the 8th IEEE World Congress on Services (SERVICES2012), ISBN: 978-0-7695-4756-5/12, pp377-384, 2012
More details | External link available

ViteraaS: Virtual Cluster as a Service
Doelitzscher F, Sulistio A, Held M, Reich C
Proceedings of the 3rd IEEE International Conference on Cloud Computing Technology and Science (CloudCom2011), ISBN: 978-0-7695-4622-3/11, pp652-657, 2011
More details | External link available

Incident detection for cloud environments
Doelitzscher F, Reich C, Knahl MH, Clarke NL
Proceedings of the Third International Conference on Emerging Network Intelligence (EMERGING 2011), ISBN: 978-1-61208-174-8, pp100-105, 2011
More details | External link available

An autonomous agent based incident detection system for cloud environments
Doelitzscher F, Reich C, Knahl MH, Clarke NL
Proceedings of the 3rd IEEE International Conference on Cloud Computing Technology and Science (CloudCom2011), ISBN: 978-0-7695-4622-3/11, pp197-204, 2011
More details | External link available

Designing Cloud Services Adhering to Government Privacy Laws
Doelitzscher F, Reich C, Sulistio A
3rd IEEE International Symposium on Trust, Security and Privacy for Emerging Applications (TSP-10), June 29-July 1, Bradford, UK, pp930-935, 2010
More details | External link available

Cloud Infrastructure & Applications - CloudIA
Sulistio A, Reich C, Doelitzscher F
Proceedings of the 1st International Conference on Cloud Computing, ISBN: 978-3-642-10664-4, pp583-588, 2009
More details | External link available

7 Conference papers

Contributions to edited books

Understanding Cloud Audits
Doelitzscher F, Reich C, Knahl MH, Clarke NL
in "Privacy and Security for Cloud Computing", Pearson, S. and Yee, G. (Eds.), ISBN 978-1-4471-4188-4, 2012
More details | External link available

Automated Virtual Machine Creation with On-Demand Software Installation
Sulistio A, Doelitzscher F, Reich C
Computer Science Research and Technology, Vol. 3, pp159-177, ISBN: 978-1-61122-074-2, 2011
More details | External link available

2 Contributions to edited books

13 publication(s) - all categories.