CloudSafetyNet: End-to-End Application Security in the Cloud

Lead Research Organisation: University of Cambridge

Department Name: Computer Science and Technology

Abstract

Abstracts are not currently available in GtR for all funded research. This is normally because the abstract was not required at the time of proposal submission, but may be because it included sensitive information such as personal details.

Funded Value:

£441,015

Funded Period:

Jan 13 - Jun 16

Funder:

EPSRC

Project Status:

Closed

Project Category:

Research Grant

Project Reference:

EP/K011510/1

Principal Investigator:

Jon Crowcroft

Jean Bacon

Research Topic:

Unclassified

Organisations

University of Cambridge (Lead Research Organisation)

People	ORCID iD
Jon Crowcroft (Principal Investigator)
Jean Bacon (Principal Investigator)

Publications

Author Name

Title Publication Date Published

|< < 1 2 3 > >|

10 25 50

Bacon J (2014) Information Flow Control for Secure Cloud Computing in IEEE Transactions on Network and Service Management

Bacon J (2017) CloudSafetyNet in Impact

Han X (2020) Unicorn: Runtime Provenance-Based Detector for Advanced Persistent Threats

Hon W (2016) Policy, legal and regulatory implications of a Europe-only cloud in International Journal of Law and Information Technology

Pasquier T (2017) PHP2Uni: Building Unikernels Using Scripting Language Transpilation

Pasquier T (2015) Clouds of Things Need Information Flow Control with Hardware Roots of Trust

Pasquier T (2015) Managing Big Data with Information Flow Control

Pasquier T (2016) Information Flow Audit for PaaS Clouds

Pasquier T (2016) Information Flow Audit for Transparency and Compliance in the Handling of Personal Data

Pasquier T (2015) Expressing and Enforcing Location Requirements in the Cloud Using Information Flow Control

Key Findings
Impact Summary
Intellectual Property


Description	How to provide Information Flow Control (IFC) in Cloud Software so that applications do not need to be reengineered to use IFC. How to audit the operations carried out on data at the operating system level, across all running applications.
Exploitation Route	Making cloud computing more secure and demonstrating compliance with contracts between providers and tenants. Extending the audit aspect of the software (provided in CamFlow alongside IFC ) to provide data provenance.
Sectors	Digital/Communication/Information Technologies (including Software)
URL	http://www.cl.cam.ac.uk/research/srg/opera/projects/csn/


Description	Microsoft, as cloud providers, are being made aware of Information Flow Control through supporting further research on technology support for Cloud Law. The CamFlow open source software is one of the outcomes of this grant. CamFlow included both IFC and audit. The audit aspect has been developed by Dr Thomas Pasquier in subsequent research on provenance at Harvard, Cambridge and Bristol Universities. CamFlow is maintained as a git repository by Dr Thomas Pasquier. CamFlow is used at academic institutions (including Cambridge, Harvard, UIUC, Edinburgh, UT Austin, UBC and UNCC) as well as industrial partners (including NEC and SRI international). It led to publications in top-tier venues such as CSS and NDSS.
First Year Of Impact	2021
Sector	Digital/Communication/Information Technologies (including Software)
Impact Types	Economic,Policy & public services


Title	CamFlow flow control and audit
Description	Two Linux Security Modules (LSMs) for Information Flow Control and Audit as open source software under a GPL-3.0 license
IP Reference
Protection	Protection not required
Year Protection Granted	2016
Licensed	Yes
Impact	Thomas Pasquier is using the CamFlow audit LSM as a postdoc on a project on data provenance at Harvard University.

Abstract

Organisations

People

ORCID iD

Publications