Enforcing End-to-End Application Security in the Cloud
Abstract
Security engineering must be integrated with all
stages of application specification and development to be effective.
Doing this properly is increasingly critical as organisations rush to
offload their software services to cloud providers. Service-level
agreements (SLAs) with these providers currently focus on
performance-oriented parameters, which runs the risk of exacerbating an
impedance mismatch with the security middleware. Not only do we want
cloud providers to isolate each of their clients from others, we also
want to have means to isolate components and users within each client's
application. We propose a principled approach to designing and deploying
end-to-end secure, distributed software by means of thorough, relentless
tagging of the security meaning of data, analogous to what is already
done for data types. The aim is to guarantee that--above a small trusted
code base--data cannot be leaked by buggy or malicious software
components. This is crucial for cloud infrastructures, in which the
stored data and hosted services all have different owners whose
interests are not aligned (and may even be in competition). We have
developed data tagging schemes and enforcement techniques that can help
form the aforementioned trusted code base. Our big idea--cloud-hosted
services that have end-to-end information flow control--preempts worries
about security and privacy violations retarding the evolution of
large-scale cloud computing.
Origin | Files produced by the author(s) |
---|
Loading...