Auditing Deployed Software Licenses on Cloud using a Secure Loopback Protocol

The rapidly growing cloud-centric focuses among organizations and enterprises have thrown into sharp relief the pressing need to progressively upgrade security within a cloud infrastructure. While a significant portion of threat perception emanates from malicious software that can infiltrate a cloud computing infrastructure, the risk of unlicensed software deployments in infrastructure-as-a-service model can expose an affected cloud service provider to a host of legal and statutory issues. The task of managing software licenses and conducting license validation checks can be an intense activity. The onus of tracking and managing licenses of software that have been deployed on an infrastructure-as-a-service cloud model is on both cloud service provider as well as its customers. However, the business of effectively managing software licenses is contingent upon the ease and use of an effective license auditing management tool to which auditors can connect through a secure conduit. In this paper, we propose a model that would allow cloud service providers to securely track software deployments and tally corresponding usage of appropriate licenses within an infrastructure-as-a-service model. Using the proposed model a cloud service provider can match all software licenses that have been deployed by a customer within the IaaS cloud space allotted. Further, a license auditor can securely connect to cloud service provider’s console and generate reports on license usage and software deployments from any modern browser. At the core of our model, lies a secure loopback connection framework that prevents access to any other web site once a secure connection to the primary console for monitoring and tracking software deployments has been established.