Perhaps the greatest single impediment to the broad adoption of public clouds is concerns about security. Reasoning about all the security aspects of complex modern information systems is enormously difficult. Security is especially problematic in the cloud, where a customer must place their trust in opaque complicated services that they do not understand or control and that are shared with many other customers. Yet, in today's public clouds, the assumption is that providers of cloud services can be fully trusted to provide systems secure against any threat. An architecture that exposes the security properties of the underlying services will enable a community of researchers to innovate in the implementation of secure cloud services. It will also provide customers visibility and control of the security in the services they use. Confidence in the security of the cloud will enable transformational societal benefits as the massive public cloud infrastructure becomes more broadly adopted.
This project defines a modular security architecture for cloud services where providers of different services each expose the security properties of their service, and the consumer can construct a compositional service that matches their application requirements and then reason about the security of the compositional service. The investigators extend existing cloud infrastructures to support this architecture, and explore secure modular networking and operating system technologies in the context of this architecture.