Affiliations: [a] Concordia Institute for Information Systems Engineering, Concordia University, Quebec, Canada. E-mails: n_alheb@ciise.concordia.ca, wang@ciise.concordia.ca | [b] Faculty of Computing and Information Technology, King Abdulaziz University, Jeddag, KSA | [c] Center for Secure Information Systems, George Mason University, VA, USA. E-mail: jajodia@gmu.edu | [d] Computer Security Division, National Institute of Standards and Technology, MD, USA. E-mail: anoop.singhal@nist.gov
Abstract: Today’s cloud providers strive to attract customers with better services and less downtime in a highly competitive market. The need for minimizing the operational cost unavoidably leads cloud providers to rely on third party remote administrators for fulfilling regular maintenance tasks. In such a scenario, the lack of trust in those third party remote administrators paired with the extra privileges granted to them to complete the maintenance tasks usually implies undesirable security threats. A dishonest remote administrator, or an attacker armed with the stolen credential of a remote administrator, can pose severe insider threats to both the cloud provider and its tenants. In this paper, we take the first step towards understanding and mitigating such insider threats of remote administrators in clouds. Specifically, we first model the maintenance task assignments and their corresponding security impact due to privilege escalation. We then mitigate such impact through optimizing the task assignments with respect to given constraints. Finally, the simulation results demonstrate the effectiveness of our solution in various scenarios.
