University of Tasmania
Over the last few years, cloud services have been steadily gaining traction in their use by commercial and noncommercial entities. As more and more sensitive or valuable processes, business functions and data move into the cloud, the need to improve threat identification and response, via auditing cloud transactions, increases. At the same time, the need for cloud users to protect the security and privacy of their resources has also intensified. In this paper, the problem of simultaneously supporting privacy and auditing in cloud systems is studied. Specifically, the paper discusses the guiding principles, fundamental concepts, and threat models for current cloud computing systems.