CFP last date
20 January 2025
Reseach Article

Enhancing Cloud Security using Decentralized Information Flow Control

Published on May 2016 by Priyanka S. Mane, Yogesh B. Gurav
National Conference on Advancements in Computer & Information Technology
Foundation of Computer Science USA
NCACIT2016 - Number 1
May 2016
Authors: Priyanka S. Mane, Yogesh B. Gurav
58754825-90d4-459e-b61c-771e9ed015eb

Priyanka S. Mane, Yogesh B. Gurav . Enhancing Cloud Security using Decentralized Information Flow Control. National Conference on Advancements in Computer & Information Technology. NCACIT2016, 1 (May 2016), 5-10.

@article{
author = { Priyanka S. Mane, Yogesh B. Gurav },
title = { Enhancing Cloud Security using Decentralized Information Flow Control },
journal = { National Conference on Advancements in Computer & Information Technology },
issue_date = { May 2016 },
volume = { NCACIT2016 },
number = { 1 },
month = { May },
year = { 2016 },
issn = 0975-8887,
pages = { 5-10 },
numpages = 6,
url = { /proceedings/ncacit2016/number1/24696-3029/ },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Proceeding Article
%1 National Conference on Advancements in Computer & Information Technology
%A Priyanka S. Mane
%A Yogesh B. Gurav
%T Enhancing Cloud Security using Decentralized Information Flow Control
%J National Conference on Advancements in Computer & Information Technology
%@ 0975-8887
%V NCACIT2016
%N 1
%P 5-10
%D 2016
%I International Journal of Computer Applications
Abstract

There is major demand to introduce cloud computing in many organizations today. The reason is cloud's sharing infrastructure, multi-tenancy and huge storage facilities ensures increase in computing efficiency, flexibility, generality and cost effectiveness. But with this, organizations want that the computing platform should be secured and should satisfy all the important rules and regulations. So security is the key point for the success of cloud computing. It is examined that cloud computing is less satisfactory in providing security due to its heterogeneity. In this paper a solution named - Decentralized Information Flow Control (DIFC) is defined to solve the problem of security specifically of Software as a Service (SaaS) level. DIFC is a Mandatory Access Control method which is able to provide better security and integrity than is provided by other approaches available today. DIFC enforce general policies by using proper labeling and checking methods. DIFC gives a way to control and monitor the flow of data continuously according to the policy. Hence we believe that DIFC is a powerful tool to enhance SaaS cloud security and to help cloud providers to satisfy rules and regulations and audit this compliance with easy in future.

References
  1. Jean Bacon, David Eyers, Thomas F. J. -M. Pasquier, Jatinder Singh, Ioannis Papagiannis, and Peter Pietzuch, Information Flow Control for Secure Cloud Computing, IEEE Transactions On Network And Service Management, Vol. 11, No. 1, March 2014.
  2. David Schultz, Barbara Liskov, IFDB: Decentralized Information Flow Control for Databases, ACM , Eurosys'13 April 15–17, 2013.
  3. l. Foster, C. Kesselman, J. Nick, and S. Tuecke. The physiology of the grid: An open grid services architecture for distributed systems integration. In Open Grid Service infrastructure WG, Global Grid Forum, volume 22, pages 1-5. Edinburgh, 2002.
  4. l. Foster, Y. Zhao, l. Raicu, and S. Lu. Cloud computing and grid computing 360-degree compared. ArXiv e-prints, 901:131, 2008.
  5. T. Ert. Service-oriented architecture: concepts, technology, and design. Prentice Hall PTR Upper Saddle River, NJ, USA, 2005.
  6. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In Proceedings of the nineteenth ACM sympOSium on Operating systems principles, page 177. ACM, 2003.
  7. M. Vouk. Cloud computing Issues, research and implementations. In 30th International Conference on Information Technology Intel!aces, 2008. ITI 2008, pages 31-40, 2008.
  8. C. J. Millard, Ed. , Cloud Computing Law. OUP, 2013.
  9. T. F. J. -M. Pasquier, J. Bacon, and D. Eyers, "FlowK: Information Flow Control for the Cloud," in 6th International Conference on Cloud Computing Technology and Science (CloudCom). IEEE, Dec 2014.
  10. J. Singh, T. Pasquier, J. Bacon, H. Ko, and D. Eyers, "20 Cloud Security Considerations for Supporting the Internet of Things," under review.
  11. J. McLean. Security models and information flow. 1990.
  12. Jatinder Singh, Thomas F. J. -M. Pasquier, Jean Bacon, "Integrating Messaging Middleware and Information Control", IEEE , 2015
  13. Ruoyu Wu, Gail-Joon Ahn, Hongxin Hu, Mukesh Singhal, " Information Flow Control For Cloud Computing", IEEE Conference publications , 2010.
  14. Safwan Mahmud Khan, Kevin W. Hamlen, Murat Kantarcioglu, "Silver Lining: Enforcing Secure Information Flow at the Cloud Edge" , IEEE, march 2014, pp. 37-46.
  15. "ApacheHadoop",http://hadoop. apache. org,2013.
  16. Thomas F. J. -M. Pasquier, Jatinder Singh, Jean Bacon, "Information flow control for strong protection with flexible sharing in Paas", IEEE, 2015.
  17. Abdulrahaman A. Almutairi and Muhammad I. Sarfraz, saleh Basalamah, walid g. Aref Ghafoor, "A distributed access control architecture for cloud computing " ,IEEE, 2012, pp. 36-44.
  18. Thomas F. J. -M. Pasquier, J Bacon, " FlowR: Aspect Oriented Programming for Information Flow Control In Ruby", IEEE, 2014, pp. 37-47
  19. Abdulrahaman A. Almutairi and Muhammad I. Sarfraz, saleh Basalamah, walid g. Aref Ghafoor, "A distributed access control architecture for cloud computing " ,IEEE, 2012, pp. 36-44.
Index Terms

Computer Science
Information Sciences

Keywords

Decentralized Information Flow Control Information Flow Control Access Control Secure Cloud Computing Data Security Labelling.