Research Article
Information flow control in cloud computing
@INPROCEEDINGS{10.4108/icst.trustcol.2010.1, author={Ruoyu Wu and Gail-Joon Ahn and Hongxin Hu and Mukesh Singhal}, title={Information flow control in cloud computing}, proceedings={The Fifth International Workshop on Trusted Collaboration}, publisher={IEEE}, proceedings_a={TRUSTCOL}, year={2011}, month={5}, keywords={Authentication Cloud computing Companies Computational modeling Contracts Databases}, doi={10.4108/icst.trustcol.2010.1} }- Ruoyu Wu
Gail-Joon Ahn
Hongxin Hu
Mukesh Singhal
Year: 2011
Information flow control in cloud computing
TRUSTCOL
ICST
DOI: 10.4108/icst.trustcol.2010.1
Abstract
Cloud computing is an emerging computing paradigm where computing resources are provided as services over Internet while residing in a large data center. Even though it enables us to dynamically provide servers with the ability to address a wide range of needs, this paradigm brings forth many new challenges for the data security and access control as users outsource their sensitive data to clouds, which are beyond the same trusted domain as data owners. A fundamental problem is the existence of insecure information flows due to the fact that a service provider can access multiple virtual machines in clouds. Sensitive information may be leaked to unauthorized customers and such critical information flows could raise conflict-of-interest issues in cloud computing. In this paper, we propose an approach to enforce the information flow policies at Infrastructure-as-a-Service (IaaS) layer in a cloud computing environment. Especially, we adopt Chinese Wall policies to address the problems of insecure information flow. We implement a proof-of-concept prototype system based on Eucalyptus open source packages to show the feasibility of our approach. This system facilitates the cloud management modules to resolve the conflict-of-interest issues for service providers in clouds.