Formal Verification of Secure Information Flow in Cloud Computing

Zeng, Wen and Koutny, Maciej and Watson, Paul and Germanos, Vasileios (2016) Formal Verification of Secure Information Flow in Cloud Computing. Journal of Information Security and Applications, 27-28. pp. 103-116. ISSN 2214-2126

elsarticle-template-harv.pdf - Accepted Version

Download (1MB) | Preview


Federated cloud systems increase the reliability and reduce the cost of computational support to an organization. However, the resulting combination of secure private clouds and less secure public clouds impacts on the overall security of the system as applications need to be located within di�erent clouds. In this paper, the entities of a federated cloud system as well as the clouds are assigned security levels of a given security lattice. Then a dynamic

ow sensitive security model for a federated cloud system is introduced within
which the Bell-LaPadula rules and cloud security rule can be captured. The
rest of the paper demonstrates how Petri nets and the associated veri�cation
techniques could be used to analyze the security of information
ow in
federated cloud systems.

Item Type: Article
Additional Information and Comments: “NOTICE: this is the author’s version of a work that was accepted for publication in Journal of Information Security and Applications. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in Journal of Information Security and Applications, [VOL 27-28, (2016)] DOI#10.1016/j.jisa.2016.03.002�¨
Faculty / Department: Faculty of Science > Mathematics and Computer Science
Depositing User: Vasileios Germanos
Date Deposited: 11 May 2016 08:50
Last Modified: 11 Apr 2018 00:15

Actions (login required)

View Item View Item