A light weight centralized file monitoring approach for securing files in Cloud environment

Security of Cloud infrastructure and its resources is a recent area of research for computer scientist now days. One of the resource to look after in Cloud environment are the important configuration and system specific files which are accessed by remote entities such as VM users and whose manipulation can lead to compromise in the security of Cloud. We have designed and successfully developed a lightweight and platform independent low cost file monitoring approach and tool for securing important files from modifications in Cloud environment. The tool solves the issue of tampering with important files from VM users even if the user is intelligent enough to exploit operating system specific vulnerabilities for getting elevated privileges to perform such operations. The tool is light weight and independent as it does not require any support for file signature management that requires hash databases for storage of file integrity, and can be applied to any platform and environment with minimal changes and support. The novelty of approach lies in storing the signature of the file contents which is utilized for integrity monitoring in the file itself. The implemented tool is taken into practice on a private Cloud and initial results have been verified, which shows that the scheme is efficient and can be applied as a utility tool over a fully functional cloud deployment.