Optimal Framework for Level Based Access Control for VM Auditing on Cloud

Main Article Content

S. Rekha Garikamukkala
V. Ravi Sankar


The growth in the cloud computing have motivated and enable lot of application developer to deploy the applications on cloud. The major challenge of hosting on cloud is the service provider or the application provider must comply to a good number of rules. These compliance reports are time to time validated and checked by external auditors. The auditing process for the cloud services are critical and the access controls must be enabled. Due to the higher complexity and less flexibility of the virtual machines, most of the cases this access control mechanism is compromised. This work proposes four algorithms to identify and enhance the LBAC mechanism for cloud services with access updates based on time variant characteristics analysis and predictive analysis with selective cryptographic methods. The proposed model produces significantly improved results to overcome three major issues in the cloud service management as selective LBAC, static privileges and open access control for the auditors.   

Article Details

How to Cite
Garikamukkala, S. R. ., & Sankar, V. R. . (2023). Optimal Framework for Level Based Access Control for VM Auditing on Cloud. International Journal on Recent and Innovation Trends in Computing and Communication, 11(9s), 209–219. https://doi.org/10.17762/ijritcc.v11i9s.7412


G. Eason, B. Noble, and I. N. Sneddon, “On certain integrals of Z. Birnbaum, B. Liu, A. Dolgikh, Y. Chen and V. Skormin, "Cloud Security Auditing Based on Behavioral Modeling," 2013 IEEE Ninth World Congress on Services, Santa Clara, CA, USA, pp. 268-273, 2013.

A. Ganapathy, G. Soman, Godwin Manoj VM and R. Lekshamana, "Online Energy Audit and Renewable Energy Management System," 2016 International Conference on Computing Communication Control and automation (ICCUBEA), Pune, India, pp. 1-6, 2016.

S. Shetty, "Auditing and Analysis of Network Traffic in Cloud Environment," 2013 IEEE Ninth World Congress on Services, Santa Clara, CA, USA, pp. 260-267, 2013.

R. Houlihan, X. Du, C. C. Tan, J. Wu and M. Guizani, "Auditing cloud service level agreement on VM CPU speed," 2014 IEEE International Conference on Communications (ICC), Sydney, NSW, Australia, pp. 799-803, 2014.

M. Oqaily et al., "SegGuard: Segmentation-Based Anonymization of Network Data in Clouds for Privacy-Preserving Security Auditing," in IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 5, pp. 2486-2505, 1 Sept.-Oct. 2021.

F. Doelitzscher, C. Fischer, D. Moskal, C. Reich, M. Knahl and N. Clarke, "Validating Cloud Infrastructure Changes by Cloud Audits," 2012 IEEE Eighth World Congress on Services, Honolulu, HI, USA, pp. 377-384, 2012.

Johri, P. ., Dhingra, M. ., Babu M., D. ., Sule, B. ., Kumar Pandey, A. ., & Karale, A. V. . (2023). Reuse Attack Prevention Through Randomization Traversal Algorithm with the Code Reduction Technique for Operating System Security. International Journal of Intelligent Systems and Applications in Engineering, 11(3s), 29–34. Retrieved from https://ijisae.org/index.php/IJISAE/article/view/2528

D. Zhu, Z. Fan and N. Pang, "A Dynamic Supervisory Mechanism of Process Behaviors Based on Dalvik VM," 2015 International Conference on Computational Intelligence and Communication Networks (CICN), Jabalpur, India, pp. 1203-1210, 2015.

S. Thorpe, T. Grandison, A. Campbell, J. Williams, K. Burrell and I. Ray, "Towards a Forensic-Based Service Oriented Architecture Framework for Auditing of Cloud Logs," 2013 IEEE Ninth World Congress on Services, Santa Clara, CA, USA, pp. 75-83, 2013.

Verma, D. N. . (2022). Access Control-Based Cloud Storage Using Role-Fully Homomorphic Encryption Scheme. Research Journal of Computer Systems and Engineering, 3(1), 78–83. Retrieved from https://technicaljournals.org/RJCSE/index.php/journal/article/view/46

J. Schiffman, Y. Sun, H. Vijayakumar and T. Jaeger, "Cloud Verifier: Verifiable Auditing Service for IaaS Clouds," 2013 IEEE Ninth World Congress on Services, Santa Clara, CA, USA, pp. 239-246, 2013.

Mr. Dharmesh Dhabliya, Ms. Ritika Dhabalia. (2014). Object Detection and Sorting using IoT. International Journal of New Practices in Management and Engineering, 3(04), 01 - 04. Retrieved from http://ijnpme.org/index.php/IJNPME/article/view/31

J. Lau, M. Arnold, M. Hind and B. Calder, "A Loop Correlation Technique to Improve Performance Auditing," 16th International Conference on Parallel Architecture and Compilation Techniques (PACT 2007), Brasov, Romania, pp. 259-269, 2007.

M. K. Srinivasan, K. Sarukesi and P. Revathy, "Architectural design for iCloudIDM Layer-II (iCloudIDM-LII) Subsystem of eCloudIDS generic security framework," 2013 International Conference on Advances in Computing, Communications and Informatics (ICACCI), Mysore, India, pp. 1668-1674, 2013.

Yubin Xia, Yutao Liu, H. Chen and B. Zang, "Defending against VM rollback attack," IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN 2012), Boston, MA, USA, pp. 1-5, 2012.

Elena Petrova, Predictive Analytics for Customer Churn in Telecommunications , Machine Learning Applications Conference Proceedings, Vol 1 2021.

M. K. Srinivasan, K. Sarukesi and P. Revathy, "eCloudIDS Tier-1 iCloudIDM Layer-I (iCloudIDM-LI) Subsystem Design and Implementation through User-centric Identity Management Approach for Secure Cloud Computing Environment," 2013 IEEE 14th International Conference on Mobile Data Management, Milan, Italy, pp. 206-211, 2013.

H. Litz, B. Braun and D. Cheriton, "EXCITE-VM: Extending the virtual memory system to support snapshot isolation transactions," 2016 International Conference on Parallel Architecture and Compilation Techniques (PACT), Haifa, Israel, pp. 401-412, 2016.

P. Massonet, S. Naqvi, C. Ponsard, J. Latanicki, B. Rochwerger and M. Villari, "A Monitoring and Audit Logging Architecture for Data Location Compliance in Federated Cloud Infrastructures," 2011 IEEE International Symposium on Parallel and Distributed Processing Workshops and Phd Forum, Anchorage, AK, USA, pp. 1510-1517, 2011.

S. Barjatiya and P. Saripalli, "BlueShield: A Layer 2 Appliance for Enhanced Isolation and Security Hardening among Multi-tenant Cloud Workloads," 2012 IEEE Fifth International Conference on Utility and Cloud Computing, Chicago, IL, USA, pp. 195-198, 2012.

Anna, G., Jansen, M., Anna, J., Wagner, A., & Fischer, A. Machine Learning Applications for Quality Assurance in Engineering Education. Kuwait Journal of Machine Learning, 1(1). Retrieved from http://kuwaitjournals.com/index.php/kjml/article/view/109

T. F. J. Pasquier, J. Singh, D. Eyers and J. Bacon, "Camflow: Managed Data-Sharing for Cloud Services," in IEEE Transactions on Cloud Computing, vol. 5, no. 3, pp. 472-484, 1 July-Sept. 2017.

A. Ochani and N. Dongre, "Security issues in cloud computing," 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), Palladam, India, pp. 783-787, 2017.

Basaligheh, P. (2021). A Novel Multi-Class Technique for Suicide Detection in Twitter Dataset. Machine Learning Applications in Engineering Education and Management, 1(2), 13–20. Retrieved from http://yashikajournals.com/index.php/mlaeem/article/view/14

K. Ravindran, K. Fayzullaev and Y. Wardei, "Model-based techniques for QoS assessment of cloud-hosted CDN services," 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS), Beijing, China, pp. 1-6, 2016.

PlanetLab. http://www.planet-lab.org/.