Research On The Method Of Multi-level And Granularity Controllable Security Audit Under Cloud Environment

With the development of computer and Internet technology, cloud computing services spread widely which also comes along many security risks while bringing us convenience. And the existing technology is not enough to deal with the threatens in cloud computing platform. Security audit technology plays a very important role in the field of security attack and defense. And it can provide strong support for supervising the content of cloud computing, tracing attack and collecting evidence.This paper focused on the cloud computing platform, analyzed the advantages and disadvantages of the existing security auditing technology and proposed a multi-level and controllable granularity method combined with the characteristics of multi-layer and multi-user of cloud computing platform which fulfilled with the needs of users flexibly, complemented and verified the audit data of different levels and eliminated semantic gap and enriched semantic information.Firstly,this paper introduces the research significance of the security audit technology in the cloud environment, the relevant background, and the domestic and foreign research status. Then we introduce the characteristics and differences of the security audit technology under the traditional computer architecture and cloud environment. By researching on the existing security audit method,this paper presents the research scheme of security audit in cloud environment. For the multilevel pattern of Cloud Architecture, we use VMI to carry out security audit in the VM OS layer and the VMM management layer. In order to combine the multi-level audit logs together, this paper presents the way that shared memory based on serial number. For the characteristics of multi-users in cloud environment, according to the different needs of different users, we establish the security audit model of controllable granularity. In order to reduce the performance consumption of output of audit log, this paper presents a method for establishing memory buffer which was verified by experiments. Finally, we introduced the system structure and workflow of the security audit system. And we verify the effectiveness of the audit system through experiments. Through the analysis of the system performance overhead, we prove that the method of multi-level and granularity controllable security audit can reduce the performance consumption of the system.