Integrating messaging middleware and Information Flow Control

Jatinder Singh; Thomas F.J.M. Pasquier; Jean Bacon; David Eyers

doi:10.1109/IC2E.2015.13

Integrating messaging middleware and Information Flow Control

Jatinder Singh, Thomas F.J.M. Pasquier, Jean Bacon, David Eyers

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

18 Citations (Scopus)

Abstract

Security is an ongoing challenge in cloud computing. Currently, cloud consumers have few mechanisms for managing their data within the cloud provider's infrastructure. Information Flow Control (IFC) involves attaching labels to data, to govern its flow throughout a system. We have worked on kernel-level IFC enforcement to protect data flows within a virtual machine (VM). This paper makes the case for, and demonstrates the feasibility of an IFC-enabled messaging middleware, to enforce IFC within and across applications, containers, VMs, and hosts. We detail how such middleware can integrate with local (kernel) enforcement mechanisms, and highlight the benefits of separating data management policy from application/service-logic.

Original language	English
Title of host publication	Proceedings - 2015 IEEE International Conference on Cloud Engineering, IC2E 2015
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Pages	54-59
Number of pages	6
ISBN (Electronic)	9781479982189
DOIs	https://doi.org/10.1109/IC2E.2015.13
Publication status	Published - 1 Jan 2015
Event	2015 IEEE International Conference on Cloud Engineering, IC2E 2015 - Tempe, United States Duration: 9 Mar 2015 → 12 Mar 2015

Conference

Conference	2015 IEEE International Conference on Cloud Engineering, IC2E 2015
Country/Territory	United States
City	Tempe
Period	9/03/15 → 12/03/15

Keywords

Cloud computing
Distributed systems
Information Flow Control
Middleware
Policy
Security

Access to Document

10.1109/IC2E.2015.13

Handle.net

Persistent link

Cite this

@inproceedings{36b0d1ad2bf24270b662f61df46ef207,

title = "Integrating messaging middleware and Information Flow Control",

abstract = "Security is an ongoing challenge in cloud computing. Currently, cloud consumers have few mechanisms for managing their data within the cloud provider's infrastructure. Information Flow Control (IFC) involves attaching labels to data, to govern its flow throughout a system. We have worked on kernel-level IFC enforcement to protect data flows within a virtual machine (VM). This paper makes the case for, and demonstrates the feasibility of an IFC-enabled messaging middleware, to enforce IFC within and across applications, containers, VMs, and hosts. We detail how such middleware can integrate with local (kernel) enforcement mechanisms, and highlight the benefits of separating data management policy from application/service-logic.",

keywords = "Cloud computing, Distributed systems, Information Flow Control, Middleware, Policy, Security",

author = "Jatinder Singh and Pasquier, \{Thomas F.J.M.\} and Jean Bacon and David Eyers",

year = "2015",

month = jan,

day = "1",

doi = "10.1109/IC2E.2015.13",

language = "English",

pages = "54--59",

booktitle = "Proceedings - 2015 IEEE International Conference on Cloud Engineering, IC2E 2015",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

address = "United States",

note = "2015 IEEE International Conference on Cloud Engineering, IC2E 2015 ; Conference date: 09-03-2015 Through 12-03-2015",

}

Singh, J, Pasquier, TFJM, Bacon, J & Eyers, D 2015, Integrating messaging middleware and Information Flow Control. in Proceedings - 2015 IEEE International Conference on Cloud Engineering, IC2E 2015., 7092899, Institute of Electrical and Electronics Engineers (IEEE), pp. 54-59, 2015 IEEE International Conference on Cloud Engineering, IC2E 2015, Tempe, United States, 9/03/15. https://doi.org/10.1109/IC2E.2015.13

Integrating messaging middleware and Information Flow Control. / Singh, Jatinder; Pasquier, Thomas F.J.M.; Bacon, Jean et al.
Proceedings - 2015 IEEE International Conference on Cloud Engineering, IC2E 2015. Institute of Electrical and Electronics Engineers (IEEE), 2015. p. 54-59 7092899.

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

TY - GEN

T1 - Integrating messaging middleware and Information Flow Control

AU - Singh, Jatinder

AU - Pasquier, Thomas F.J.M.

AU - Bacon, Jean

AU - Eyers, David

PY - 2015/1/1

Y1 - 2015/1/1

N2 - Security is an ongoing challenge in cloud computing. Currently, cloud consumers have few mechanisms for managing their data within the cloud provider's infrastructure. Information Flow Control (IFC) involves attaching labels to data, to govern its flow throughout a system. We have worked on kernel-level IFC enforcement to protect data flows within a virtual machine (VM). This paper makes the case for, and demonstrates the feasibility of an IFC-enabled messaging middleware, to enforce IFC within and across applications, containers, VMs, and hosts. We detail how such middleware can integrate with local (kernel) enforcement mechanisms, and highlight the benefits of separating data management policy from application/service-logic.

AB - Security is an ongoing challenge in cloud computing. Currently, cloud consumers have few mechanisms for managing their data within the cloud provider's infrastructure. Information Flow Control (IFC) involves attaching labels to data, to govern its flow throughout a system. We have worked on kernel-level IFC enforcement to protect data flows within a virtual machine (VM). This paper makes the case for, and demonstrates the feasibility of an IFC-enabled messaging middleware, to enforce IFC within and across applications, containers, VMs, and hosts. We detail how such middleware can integrate with local (kernel) enforcement mechanisms, and highlight the benefits of separating data management policy from application/service-logic.

KW - Cloud computing

KW - Distributed systems

KW - Information Flow Control

KW - Middleware

KW - Policy

KW - Security

UR - https://www.scopus.com/pages/publications/84944314473

U2 - 10.1109/IC2E.2015.13

DO - 10.1109/IC2E.2015.13

M3 - Conference Contribution (Conference Proceeding)

AN - SCOPUS:84944314473

SP - 54

EP - 59

BT - Proceedings - 2015 IEEE International Conference on Cloud Engineering, IC2E 2015

PB - Institute of Electrical and Electronics Engineers (IEEE)

T2 - 2015 IEEE International Conference on Cloud Engineering, IC2E 2015

Y2 - 9 March 2015 through 12 March 2015

ER -

Integrating messaging middleware and Information Flow Control

Abstract

Conference

Keywords

Access to Document

Handle.net

Other files and links

Fingerprint

Cite this