CloudSafetyNet: End-to-End Application Security in the Cloud
Lead Research Organisation:
University of Cambridge
Department Name: Computer Science and Technology
Abstract
Abstracts are not currently available in GtR for all funded research. This is normally because the abstract was not required at the time of proposal submission, but may be because it included sensitive information such as personal details.
Organisations
Publications
Bacon J
(2014)
Information Flow Control for Secure Cloud Computing
in IEEE Transactions on Network and Service Management
Bacon J
(2017)
CloudSafetyNet
in Impact
Hon W
(2016)
Policy, legal and regulatory implications of a Europe-only cloud
in International Journal of Law and Information Technology
Pasquier T
(2017)
PHP2Uni: Building Unikernels Using Scripting Language Transpilation
Pasquier T
(2015)
Managing Big Data with Information Flow Control
Pasquier T
(2016)
Information Flow Audit for PaaS Clouds
Pasquier T
(2017)
Data provenance to audit compliance with privacy policy in the Internet of Things
in Personal and Ubiquitous Computing
Pasquier T
(2016)
Data-Centric Access Control for Cloud Computing
Pasquier T
(2018)
Runtime Analysis of Whole-System Provenance
Pasquier T
(2017)
Practical whole-system provenance capture
Pasquier T
(2014)
FlowR
Pasquier T
(2017)
Camflow: Managed Data-Sharing for Cloud Services
in IEEE Transactions on Cloud Computing
Pasquier T
(2014)
FlowK: Information Flow Control for the Cloud
Singh J
(2015)
Data Flow Management and Compliance in Cloud Computing
in IEEE Cloud Computing
Singh J
(2014)
On middleware for emerging health services
in Journal of Internet Services and Applications
Singh J
(2016)
Big ideas paper
Singh J
(2016)
Twenty Security Considerations for Cloud-Supported Internet of Things
in IEEE Internet of Things Journal
Thomas Pasquier
(2013)
Information Flow Control for a Medical Records Web Portal
in IADIS e-Society 2013 (ES 2013)
Xueyuan Han
(2021)
SIGL: Securing Software Installations Through Deep Graph Learning
| Description | How to provide Information Flow Control (IFC) in Cloud Software so that applications do not need to be reengineered to use IFC. How to audit the operations carried out on data at the operating system level, across all running applications. |
| Exploitation Route | Making cloud computing more secure and demonstrating compliance with contracts between providers and tenants. Extending the audit aspect of the software (provided in CamFlow alongside IFC ) to provide data provenance. |
| Sectors | Digital/Communication/Information Technologies (including Software) |
| URL | http://www.cl.cam.ac.uk/research/srg/opera/projects/csn/ |
| Description | Microsoft, as cloud providers, are being made aware of Information Flow Control through supporting further research on technology support for Cloud Law. The CamFlow open source software is one of the outcomes of this grant. CamFlow included both IFC and audit. The audit aspect has been developed by Dr Thomas Pasquier in subsequent research on provenance at Harvard, Cambridge and Bristol Universities. CamFlow is maintained as a git repository by Dr Thomas Pasquier. CamFlow is used at academic institutions (including Cambridge, Harvard, UIUC, Edinburgh, UT Austin, UBC and UNCC) as well as industrial partners (including NEC and SRI international). It led to publications in top-tier venues such as CSS and NDSS. |
| First Year Of Impact | 2021 |
| Sector | Digital/Communication/Information Technologies (including Software) |
| Impact Types | Economic,Policy & public services |
| Title | CamFlow flow control and audit |
| Description | Two Linux Security Modules (LSMs) for Information Flow Control and Audit as open source software under a GPL-3.0 license |
| IP Reference | |
| Protection | Protection not required |
| Year Protection Granted | 2016 |
| Licensed | Yes |
| Impact | Thomas Pasquier is using the CamFlow audit LSM as a postdoc on a project on data provenance at Harvard University. |