1. Technical Field
This disclosure relates generally to cloud-based environments and, in particular, to techniques to produce customer-specific audit data for purposes of compliance analysis, reporting, problem determination, and forensics, among others.
2. Background of the Related Art
Businesses often have to provide information to show compliance with different external regulations including government and industry regulations and, in addition, to demonstrate compliance with internal policies and procedures. These external regulations include, for example, the Sarbanes-Oxley (SOX) Act, the Health Insurance Portability and Accountability Act (HIPAA), and the like. Often times, compliance with these and other regulations may be shown using information contained in audit logs maintained by information technology (IT) organizations. For compliance reasons, these audit logs often are maintained for years. Audit logs are useful for checking the enforcement and effectiveness of information technology controls, accountability, and vulnerability, and/or risk analysis. An information technology organization also may use auditing of security related critical activities to aid in forensic investigations, such as security incidents that may occur. When a security incident occurs, an audit log enables an analysis of the history of activities that occurred prior to the security incident occurring. These activities include, who did what, when, where, and how. With the analysis of an audit log, appropriate corrective actions may be taken. Audit logs are typically made available in relational databases to allow easy querying of the information by reporting programs or software to generate operational and trend reports.
While compliance may be seen to ensure the ability to ensure that a security policy is enforced, compliance may also be applied to other types of policy, such as service level agreements (e.g., using timestamps on audit logs to ensure that an overall Service Level Agreement (SLA) is satisfied), legislative compliance (e.g., on control or release of privacy-related information), or even policy management itself (e.g., who changed a policy, when and how, and was it in compliance with the policy for compliance-policy-management). Further, compliance with a particular policy, or a detailed forensics examination of actions within a system, may require more than just “audit” logs. It may also require access to error and trace logs, typically used within the scope of a problem determination examination.
An emerging information technology (IT) delivery model is cloud computing, by which shared resources, software and information are provided over the Internet to computers and other devices on-demand. Cloud computing can significantly reduce IT costs and complexities while improving workload optimization and service delivery. With this approach, an application instance can be hosted and made available from Internet-based resources that are accessible through a conventional Web browser over HTTP.
Emerging cloud environments are being created out of existing IT infrastructures that are being adapted to support cloud-based services. One key characteristic of cloud computing that is different from existing environments is the requirement for so-called “multi-tenant” support, sometimes referred to as multi-customer single deployment. To satisfy this requirement, service providers have to be able to isolate different customer usage of the cloud services. In particular, customers have compliance guidelines that they follow, and need to follow, when using cloud services. These customers look to service providers to support their compliance requirements, and they desire to obtain data from the service providers to use for compliance analysis. The service providers need to supply that data, but at the same time maintain isolation between and among their specific customers that are sharing cloud resources. Typically, IT infrastructures do not allow for separating out compliance data contained in log files and audit records.
In particular, auditing in a multi-tenant environment presents a number of challenges that broadly relate to providing individual tenants with appropriate visibility to audit information. One problem is that audit events in a multi-tenant environment frequently are not easily traceable back to individual tenants. Another problem is that audit logs are not easily disseminated to individual tenants. Moreover, the typical manner in which audit logs are generated and stored does not support the ability to prove that tenant information is compartmentalized. These problems are commonly identified by industry observers and customers alike as inhibitors to wider adoption of cloud computing. One approach to address this problem involves augmenting audit APIs in a cloud operational environment so that logs are annotated with an identifier for each tenant. This approach, while technically feasible and useful, requires changes to software components in the cloud environment to enable them to take advantage of these audit services. The attendant development cost and change management impact may make this approach less competitive in terms of time-to-market.
Thus, there remains a need to provide a multi-tenant audit solution that enables a cloud provider to provide audit services with a single tenant audit view and that sufficient proof that audit information from the tenant is not being leaked between or across tenants.