There are at least two key features of the move to cloud computing that introduce the opportunity for significant leaps forward in computer security for tenant services. First, a compute cloud provides a common software, hardware and management basis for rolling out cross-cutting services en masse that have resisted incremental deployment in a one-service-at-a-time fashion. Second, compute clouds offer providers a broad view of activity across an unprecedented diversity of tenant services. This research project leverages these features to develop new approaches to a wide array of fundamental problems in computer security. By convening Cloud Security Horizons summits with industry stakeholders, this project further seeks to both contribute to industry directions in cloud computing and to be informed by them.
Particular longstanding security challenges addressed in this project include secure transport, authorization, user and software authentication, security monitoring, and incident analysis. Moreover, since modern clouds are not sufficiently extensible to support the envisioned capabilities, this project is constructing cloud software platforms that enable the flexibility, extensibility and security needed for this research to come to fruition in practice.