Information flow control in cloud computing

Ruoyu Wu, Gail-Joon Ahn, Hongxin Hu, Mukesh Singhal

Research output: Chapter in Book/Report/Conference proceedingConference contribution

44 Citations (Scopus)

Abstract

Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. A fundamental problem is the existence of insecure information flows due to the fact that a service provider can access multiple virtual machines in clouds. Sensitive information may be leaked to unauthorized customers and such critical information flows could raise conflict-of-interest issues in cloud computing. In this paper, we propose an approach to enforce the information flow policies at Infrastructure-as-a-Service (IaaS) layer in a cloud computing environment. Especially, we adopt Chinese Wall policies to address the problems of insecure information flow. We implement a proof-of-concept prototype system based on Eucalyptus open source packages to show the feasibility of our approach. This system facilitates the cloud management modules to resolve the conflict-of-interest issues for service providers in clouds.

Original languageEnglish (US)
Title of host publicationProceedings of the 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2010
StatePublished - 2010
Event6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2010 - Chicago, IL, United States
Duration: Oct 9 2010Oct 12 2010

Other

Other6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2010
CountryUnited States
CityChicago, IL
Period10/9/1010/12/10

Fingerprint

Cloud computing
Flow control
Security of data
Access control
Servers
Internet

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications

Cite this

Wu, R., Ahn, G-J., Hu, H., & Singhal, M. (2010). Information flow control in cloud computing. In Proceedings of the 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2010 [5767047]

Information flow control in cloud computing. / Wu, Ruoyu; Ahn, Gail-Joon; Hu, Hongxin; Singhal, Mukesh.

Proceedings of the 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2010. 2010. 5767047.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Wu, R, Ahn, G-J, Hu, H & Singhal, M 2010, Information flow control in cloud computing. in Proceedings of the 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2010., 5767047, 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2010, Chicago, IL, United States, 10/9/10.
Wu R, Ahn G-J, Hu H, Singhal M. Information flow control in cloud computing. In Proceedings of the 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2010. 2010. 5767047
Wu, Ruoyu ; Ahn, Gail-Joon ; Hu, Hongxin ; Singhal, Mukesh. / Information flow control in cloud computing. Proceedings of the 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2010. 2010.
@inproceedings{90e0b339c440400e87680d3e51b16b88,
title = "Information flow control in cloud computing",
abstract = "Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. A fundamental problem is the existence of insecure information flows due to the fact that a service provider can access multiple virtual machines in clouds. Sensitive information may be leaked to unauthorized customers and such critical information flows could raise conflict-of-interest issues in cloud computing. In this paper, we propose an approach to enforce the information flow policies at Infrastructure-as-a-Service (IaaS) layer in a cloud computing environment. Especially, we adopt Chinese Wall policies to address the problems of insecure information flow. We implement a proof-of-concept prototype system based on Eucalyptus open source packages to show the feasibility of our approach. This system facilitates the cloud management modules to resolve the conflict-of-interest issues for service providers in clouds.",
author = "Ruoyu Wu and Gail-Joon Ahn and Hongxin Hu and Mukesh Singhal",
year = "2010",
language = "English (US)",
isbn = "9780984589326",
booktitle = "Proceedings of the 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2010",

}

TY - GEN

T1 - Information flow control in cloud computing

AU - Wu, Ruoyu

AU - Ahn, Gail-Joon

AU - Hu, Hongxin

AU - Singhal, Mukesh

PY - 2010

Y1 - 2010

N2 - Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. A fundamental problem is the existence of insecure information flows due to the fact that a service provider can access multiple virtual machines in clouds. Sensitive information may be leaked to unauthorized customers and such critical information flows could raise conflict-of-interest issues in cloud computing. In this paper, we propose an approach to enforce the information flow policies at Infrastructure-as-a-Service (IaaS) layer in a cloud computing environment. Especially, we adopt Chinese Wall policies to address the problems of insecure information flow. We implement a proof-of-concept prototype system based on Eucalyptus open source packages to show the feasibility of our approach. This system facilitates the cloud management modules to resolve the conflict-of-interest issues for service providers in clouds.

AB - Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. A fundamental problem is the existence of insecure information flows due to the fact that a service provider can access multiple virtual machines in clouds. Sensitive information may be leaked to unauthorized customers and such critical information flows could raise conflict-of-interest issues in cloud computing. In this paper, we propose an approach to enforce the information flow policies at Infrastructure-as-a-Service (IaaS) layer in a cloud computing environment. Especially, we adopt Chinese Wall policies to address the problems of insecure information flow. We implement a proof-of-concept prototype system based on Eucalyptus open source packages to show the feasibility of our approach. This system facilitates the cloud management modules to resolve the conflict-of-interest issues for service providers in clouds.

UR - http://www.scopus.com/inward/record.url?scp=79957821947&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=79957821947&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:79957821947

SN - 9780984589326

BT - Proceedings of the 6th International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom 2010

ER -