Towards A Multi-Tiered Knowledge-Based System for Autonomous Cloud Security Auditing

Every cloud platform has a large number of software components, making it difficult to manage the security of the entire system. This paper discusses the requirement for an intelligent cloud security auditing solution, and an expert system architecture is presented. The solution can identify data confidentiality threats in the OpenStack cloud platform, as well as propose solutions to remove vulnerabilities before an attack occurs. Data confidentiality threats cover a wide range of security risks where attackers usually try to steal/corrupt personal data and are a major concern of users. For this reason, cloud infrastructures need frequent security auditing. The key features of the proposed expert system architecture include: acquisition of information detailing the latest cloud security threats and solutions, the conversion of acquired raw data into usable format, the application of a forward chaining inference algorithm, and the ability for the user to add/modify knowledge, which is then utilised to provide feasible solutions in ranked order. These components provide an automated mechanism to generate human-readable audit reports, improving the overall security status without the need for expert knowledge.