Towards A Multi-tiered Knowledge-based System for Autonomous Cloud Security Auditing

Every cloud platform has a large number of software compo-nents, making it difficult to manage the security of the entire system. This paper discusses the requirement for an intelli-gent cloud security auditing solution, and an expert system architecture is presented. The solution can identify data confi-dentiality threats in the OpenStack cloud platform, as well as propose solutions to remove vulnerabilities before an attack occurs. Data confidentiality threats cover a wide range of se-curity risks where attackers usually try to steal/corrupt per-sonal data and are a major concern of users. For this reason, cloud infrastructures need frequent security auditing. The key features of the proposed expert system architecture include: acquisition of information detailing the latest cloud security threats and solutions, the conversion of acquired raw data into usable format, the application of a forward chaining inference algorithm, and the ability for the user to add/modify knowledge, which is then utilised to provide feasible solu-tions in ranked order. These components provide an automat-ed mechanism to generate human-readable audit reports, im-proving the overall security status without the need for expert knowledge