Insider attack resistant system and method for cloud services integrity checking
First Claim
1. A system, comprising:
- a memory that stores instructions; and
a processor that executes the instructions to perform operations, the operations comprising;
activating, at a virtual machine executing a copy of a service, an integrity checking script for checking an integrity of the service, wherein the integrity checking script is activated at selected periodic intervals;
executing, by utilizing the integrity checking script and the virtual machine, a set of operations associated with the service to check the integrity of the service, wherein the set of operations are executed based on a minimum level of access to a peripheral that is required for each operation in the set of operations to be executed, wherein the minimum level of access to the peripheral comprises suspending access to network ports, wherein the set of operations are executed based on the minimum level of access to the peripheral when the system is in an integrity check mode;
logging each result for each operation in the set of operations after each operation is executed;
analyzing, by utilizing the virtual machine, each result to determine if a failure for an operation in the set of operations exists; and
determining, if the failure exists, that a change in an expected system behavior associated with the service has occurred.
1 Assignment
0 Petitions
Accused Products
Abstract
An insider attack resistant system for providing cloud services integrity checking is disclosed. In particular, the system utilizes an automated integrity checking script and virtual machines to check the integrity of a service. The system may utilize the integrity checking script and virtual machines to execute a set of operations associated with the service so as to check the integrity of the service. When executing the set of operations, the system may only have access to the minimum level of access to peripherals that is required for each operation in the set of operations to be executed. After each operation is executed, the system may log each result for each operation, and analyze each result to determine if a failure exists for any of the operations. If a failure exists, the system may determine that a change in an expected system behavior associated with the service has occurred.
-
Citations
20 Claims
-
1. A system, comprising:
-
a memory that stores instructions; and a processor that executes the instructions to perform operations, the operations comprising; activating, at a virtual machine executing a copy of a service, an integrity checking script for checking an integrity of the service, wherein the integrity checking script is activated at selected periodic intervals; executing, by utilizing the integrity checking script and the virtual machine, a set of operations associated with the service to check the integrity of the service, wherein the set of operations are executed based on a minimum level of access to a peripheral that is required for each operation in the set of operations to be executed, wherein the minimum level of access to the peripheral comprises suspending access to network ports, wherein the set of operations are executed based on the minimum level of access to the peripheral when the system is in an integrity check mode; logging each result for each operation in the set of operations after each operation is executed; analyzing, by utilizing the virtual machine, each result to determine if a failure for an operation in the set of operations exists; and determining, if the failure exists, that a change in an expected system behavior associated with the service has occurred. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method, comprising:
-
initializing, at a virtual machine executing a copy of a service, an integrity checking script for checking an integrity of the service, wherein the integrity checking script is activated at selected periodic intervals; executing, by utilizing the integrity checking script and the virtual machine, a set of operations associated with the service to check the integrity of the service, wherein the set of operations are executed based on a minimum level of access to a peripheral that is required for each operation in the set of operations to be executed, wherein the minimum level of access to the peripheral comprises suspending access to network ports, wherein the set of operations are executed based on the minimum level of access to the peripheral when the system is in an integrity check mode; storing each result for each operation in the set of operations after each operation is executed; analyzing, by utilizing the virtual machine, each result to determine if a failure for an operation in the set of operations exists, wherein the analyzing is performed by utilizing instructions from a memory that are executed by a processor; and determining, if the failure exists, that a change in an expected system behavior associated with the service has occurred. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer-readable device comprising instructions, which when executed by a processor, cause the processor to perform operations comprising:
-
launching, at a virtual machine executing a copy of a service, an integrity checking script for checking an integrity of the service, wherein the integrity checking script is activated at selected periodic intervals; executing, by utilizing the integrity checking script and the virtual machine, a set of operations associated with the service to check the integrity of the service, wherein the set of operations are executed based on a minimum level of access to a peripheral that is required for each operation in the set of operations to be executed, wherein the minimum level of access to the peripheral comprises suspending access to network ports, wherein the set of operations are executed based on the minimum level of access to the peripheral when the system is in an integrity check mode; determining each result for each operation in the set of operations after each operation is executed; analyzing, by utilizing the virtual machine, each result to determine if a failure for an operation in the set of operations exists; and determining, if the failure exists, that a change in an expected system behavior associated with the service has occurred. - View Dependent Claims (19, 20)
-
Specification