kth.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Secure Partitioning of Composite Cloud Applications
Univ Pisa, Pisa, Italy..
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Theoretical Computer Science, TCS.ORCID iD: 0000-0002-8069-6495
Univ Pisa, Pisa, Italy..ORCID iD: 0000-0002-4159-8761
Univ Pisa, Pisa, Italy..
Show others and affiliations
2022 (English)In: Service-Oriented and Cloud Computing / [ed] Montesi, F Papadopoulos, GA Zimmermann, W, Springer Nature , 2022, Vol. 13226, p. 47-64Conference paper, Published paper (Refereed)
Abstract [en]

The security of Cloud applications is always a major concern for application developers and operators. Protecting their users' data confidentiality requires methods to avoid leakage from vulnerable software and unreliable cloud providers. Recently, hardware-based technologies emerged in the Cloud setting to isolate applications from the privileged access of cloud providers. One of those technologies is the Separation Kernel which aims at isolating safely the software components of applications. In this article, we propose a declarative methodology supported by a running prototype to determine the partitioning of a Cloud multi-component application in order to allow its placement on a Separation Kernel. We employ information-flow security techniques to determine how to partition the application, and showcase the methodology and prototype over a motivating scenario from an IoT application deployed to a central Cloud.

Place, publisher, year, edition, pages
Springer Nature , 2022. Vol. 13226, p. 47-64
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 13226
Keywords [en]
Data Confidentiality, Separation Kernel, Information-flow Security
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:kth:diva-321265DOI: 10.1007/978-3-031-04718-3_3ISI: 000876716400003Scopus ID: 2-s2.0-85128987312OAI: oai:DiVA.org:kth-321265DiVA, id: diva2:1710151
Conference
9th IFIP WG 6.12 European Conference on Service-Oriented and Cloud Computing (ESOCC), MAR 22-24, 2022, ELECTR NETWORK
Note

QC 20221111

Part of proceedings: ISBN 978-3-031-04718-3; 978-3-031-04717-6

Available from: 2022-11-11 Created: 2022-11-11 Last updated: 2022-11-11Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Guanciale, Roberto

Search in DiVA

By author/editor
Guanciale, RobertoForti, Stefano
By organisation
Theoretical Computer Science, TCS
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 35 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf