Abstract
The need to share data across applications is becoming increasingly evident. Current cloud isolation mechanisms focus solely on protection, such as containers that isolate at the OS-level, and virtual machines that isolate through the hypervisor. However, by focusing rigidly on protection, these approaches do not provide for controlled sharing. This paper presents how Information Flow Control (IFC) offers a flexible alternative. As a data-centric mechanism it enables strong isolation when required, while providing continuous, fine grained control of the data being shared. An IFC-enabled cloud platform would ensure that policies are enforced as data flows across all applications, without requiring any special sharing mechanisms.
Original language | English |
---|---|
Title of host publication | Proceedings - 2015 IEEE International Conference on Cloud Engineering, IC2E 2015 |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
Pages | 279-282 |
Number of pages | 4 |
ISBN (Electronic) | 9781479982189 |
DOIs | |
Publication status | Published - 1 Jan 2015 |
Event | 2015 IEEE International Conference on Cloud Engineering, IC2E 2015 - Tempe, United States Duration: 9 Mar 2015 → 12 Mar 2015 |
Conference
Conference | 2015 IEEE International Conference on Cloud Engineering, IC2E 2015 |
---|---|
Country/Territory | United States |
City | Tempe |
Period | 9/03/15 → 12/03/15 |