Information flow control for secure cloud computing

Jean Bacon, David Eyers, Thomas F.J.M. Pasquier, Jatinder Singh, Ioannis Papagiannis, Peter Pietzuch

Research output: Contribution to journalArticle (Academic Journal)peer-review

87 Citations (Scopus)


Security concerns are widely seen as an obstacle to the adoption of cloud computing solutions. Information Flow Control (IFC) is a well understood Mandatory Access Control methodology. The earliest IFC models targeted security in a centralised environment, but decentralised forms of IFC have been designed and implemented, often within academic research projects. As a result, there is potential for decentralised IFC to achieve better cloud security than is available today. In this paper we describe the properties of cloud computing - Platform-as-a-Service clouds in particular - and review a range of IFC models and implementations to identify opportunities for using IFC within a cloud computing context. Since IFC security is linked to the data that it protects, both tenants and providers of cloud services can agree on security policy, in a manner that does not require them to understand and rely on the particulars of the cloud software stack in order to effect enforcement.

Original languageEnglish
Article number6701293
Pages (from-to)76-89
Number of pages14
JournalIEEE Transactions on Network and Service Management
Issue number1
Publication statusPublished - 1 Jan 2014


  • Cloud
  • data security
  • information flow
  • information flow control (IFC)


Dive into the research topics of 'Information flow control for secure cloud computing'. Together they form a unique fingerprint.

Cite this