Toggle Main Menu Toggle Search

ePrints

A Multi-Level Security Model for Partitioning Workflows over Federated Clouds

Lookup NU author(s): Professor Paul Watson

Downloads

Full text for this publication is not currently held within this repository. Alternative links are provided below where available.


Abstract

Cloud computing has the potential to provide lowcost, scalable computing, but cloud security is a major area ofconcern. Many organizations are therefore considering usinga combination of a secure internal cloud, along with (whatthey perceive to be) less secure public clouds. However, thisraises the issue of how to partition applications across a setof clouds, while meeting security requirements. Currently, thisis usually done on an ad-hoc basis, which is potentially errorprone, or for simplicity the whole application is deployed ona single cloud, so removing the possible performance andavailability benefits of exploiting multiple clouds within a singleapplication. This paper describes an alternative to ad-hocapproaches – a method that determines all ways in whichapplications structured as workflows can be partitioned overthe set of available clouds such that security requirements aremet. The approach is based on a Multi-Level Security modelthat extends Bell-LaPadula to encompass cloud computing.This includes introducing workflow transformations that areneeded where data is communicated between clouds. In specificcases these transformations can result in security breaches, butthe paper describes how these can be detected. Once a set ofvalid options has been generated, a cost model is used to rankthem. The method has been implemented in a tool, which isbriefly described in the paper.


Publication metadata

Author(s): Watson P

Publication type: Conference Proceedings (inc. Abstract)

Conference Name: Third IEEE International Conference on Cloud Computing Technology and Science (CloudCom)

Year of Conference: 2011

Pages: 180-188

Publisher: IEEE

URL: http://dx.doi.org/10.1109/CloudCom.2011.33

DOI: 10.1109/CloudCom.2011.33

Library holdings: Search Newcastle University Library for this item

Sponsor(s): IEEE

ISBN: 9781467300902


Actions

Link to this publication


Share