Verifying Secure Information Flow in Federated Clouds

Author

Wen Zeng ; Koutny, Maciej ; Watson, Paul

Author_Institution

Sch. of Comput. Sci., Newcastle Univ., Newcastle upon Tyne, UK

fYear

2014

fDate

15-18 Dec. 2014

Firstpage

78

Lastpage

85

Abstract

Federated cloud systems increase the reliability and reduce the cost of computational support to an organization. However, the resulting combination of secure private clouds and less secure public clouds impacts on the security requirements of the system. Therefore, applications need to be located within different clouds, which strongly affects the information flow security of the entire system. In this paper, the entities of a federated cloud system as well as the clouds are assigned security levels of a given security lattice. Then a dynamic flow sensitive security model for a federated cloud system is proposed within which the Bell-La Padula rules and cloud security rule can be captured. As a result, one can track and verify the security information flow in federated clouds. Moreover, an example is used to explain how Petri nets could be used to represent such a system, making it possible to verify secure information flow in federated clouds using the existing Petri net techniques.

Keywords

Petri nets; cloud computing; formal verification; security of data; Bell-La Padula rules; Petri net techniques; cloud security rule; dynamic flow sensitive security model; federated cloud system; secure information flow verification; secure private clouds; secure public clouds; security lattice; Access control; Cloud computing; Computational modeling; Data models; Lattices; Petri nets; Bell-La Padula; Petri nets; federated clouds; information flow security; verification;

fLanguage

English

Publisher

ieee

Conference_Titel

Cloud Computing Technology and Science (CloudCom), 2014 IEEE 6th International Conference on

Conference_Location

Singapore

Type

conf

DOI

10.1109/CloudCom.2014.104

Filename

7037651