Title :
Verifying Secure Information Flow in Federated Clouds
Author :
Wen Zeng ; Koutny, Maciej ; Watson, Paul
Author_Institution :
Sch. of Comput. Sci., Newcastle Univ., Newcastle upon Tyne, UK
Abstract :
Federated cloud systems increase the reliability and reduce the cost of computational support to an organization. However, the resulting combination of secure private clouds and less secure public clouds impacts on the security requirements of the system. Therefore, applications need to be located within different clouds, which strongly affects the information flow security of the entire system. In this paper, the entities of a federated cloud system as well as the clouds are assigned security levels of a given security lattice. Then a dynamic flow sensitive security model for a federated cloud system is proposed within which the Bell-La Padula rules and cloud security rule can be captured. As a result, one can track and verify the security information flow in federated clouds. Moreover, an example is used to explain how Petri nets could be used to represent such a system, making it possible to verify secure information flow in federated clouds using the existing Petri net techniques.
Keywords :
Petri nets; cloud computing; formal verification; security of data; Bell-La Padula rules; Petri net techniques; cloud security rule; dynamic flow sensitive security model; federated cloud system; secure information flow verification; secure private clouds; secure public clouds; security lattice; Access control; Cloud computing; Computational modeling; Data models; Lattices; Petri nets; Bell-La Padula; Petri nets; federated clouds; information flow security; verification;
Conference_Titel :
Cloud Computing Technology and Science (CloudCom), 2014 IEEE 6th International Conference on
Conference_Location :
Singapore
DOI :
10.1109/CloudCom.2014.104
