Integrity Attestation for Software-as-a Service Clouds

Software-as-a service (SaaS) makes use of a cloud computing infrastructure to deliver their applications to many users regardless of their location. Because of this sharing nature SaaS clouds are vulnerable and provide more opportunities for attackers to exploit the system vulnerability and perform strategic attacks. In this paper, we present IntTest, an effective service integrity attestation framework for SaaS clouds. IntTest provides an integrated graph attestation analysis method that can pinpoint malicious service providers than existing methods. Also IntTest will automatically correct the corrupted result that are produced by the malicious service providers and replace it with good results produced by benign service providers. Our experimental results show that our scheme is effective and can achieve higher accuracy in pinpointing the attackers than the existing approaches.