Silver Lining: Enforcing Secure Information Flow at the Cloud Edge

机译：一线希望：在云边缘加强安全信息流

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

SilverLine is a novel, exceptionally modular framework for enforcing mandatory information flow policies for Java computations on commodity, data-processing, Platform-as-a-Service clouds by leveraging Aspect-Oriented Programming (AOP) and In-lined Reference Monitors (IRMs). Unlike traditional system-level approaches, which typically require modifications to the cloud kernel software, OS/hypervisor, VM, or cloud file system, SilverLine automatically in-lines secure information flow tracking code into untrusted Java binaries as they arrive at the cloud. This facilitates efficient enforcement of a large, flexible class of information flow and mandatory access control policies without any customization of the cloud or its underlying infrastructure. The cloud and the enforcement framework can therefore be maintained completely separately and orthogonally (i.e., modularly). To demonstrate the approach's feasibility, a prototype implements and deploys SilverLine on a real-world data processing cloud-Hadoop MapReduce. Evaluation results demonstrate that SilverLine provides inter-process information flow security for Hadoop clouds with easy maintainability (through modularity) and low overhead.

机译：SilverLine是一个新颖的模块化模块框架，可通过利用面向方面的编程（AOP）和嵌入式参考监视器（IRM）来对商品，数据处理，平台即服务云上的Java计算实施强制性的信息流策略。。与传统的系统级方法不同，传统的系统级方法通常需要修改云内核软件，OS /管理程序，VM或云文件系统，而SilverLine在到达不受信任的Java二进制文件时，会自动将安全信息流跟踪代码插入到不受信任的Java二进制文件中。这有助于高效实施大型，灵活的信息流类别和强制性访问控制策略，而无需对云或其底层基础架构进行任何自定义。因此，可以完全独立地并且正交地（即，模块化地）维护云和执行框架。为了演示该方法的可行性，原型在实际数据处理云Hadoop MapReduce上实现并部署了SilverLine。评估结果表明，SilverLine为Hadoop云提供了进程间信息流安全性，具有易于维护的能力（通过模块化）和较低的开销。

著录项

来源
《IEEE International Conference on Cloud Engineering》|2014年|37-46|共10页
会议地点
作者
Khan Safwan Mahmud; Hamlen Kevin W.; Kantarcioglu Murat;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Access control; Cloud computing; Java; Monitoring; Programming; Runtime; Access control; Aspect-Oriented Programming; Cloud computing; In-lined Reference Monitors; Information flow control; Security;

机译：访问控制;云计算; Java;监控;编程;运行;访问控制;面向方面的编程;云计算;嵌入式参考监控器;信息流控制;安全;

相似文献

外文文献
中文文献
专利

1. Editorial Commentary: Every Cloud Has a Silver Lining…but Silver May Not Be the Currency of Choice: The Bioelectric Silver-Zinc Dressing Requires Additional Investigation [J] . Craig R. Bottoni Arthroscopy: the journal of arthroscopic & related surgery : official publication of the Arthroscopy Association of North America and the International Arthroscopy Association . 2018,第10期

机译：编辑评论：每一朵云都有一线希望......但银可能不是所选的货币：生物电银锌敷料需要额外的调查
2. Is Hybrid Cloud the New Silver Lining in Cloud Migration? [J] . Rajesh Awasthi Dataquest . 2020,第1期

机译：混合云在云迁移中新的银色衬里吗？
3. Every Silver Cloud Has a Dark Lining: a Primer on Cloud Computing, Regulatory and Data Security Risk [J] . Carl Cadregari, Alfonzo Cutaia Information Systems Control Journal . 2011,第期

机译：每一个银云都有黑暗的底线：有关云计算，法规和数据安全风险的入门知识
4. Silver Lining: Enforcing Secure Information Flow at the Cloud Edge [C] . Khan Safwan Mahmud, Hamlen Kevin W., Kantarcioglu Murat IEEE International Conference on Cloud Engineering . 2014

机译：银衬里：在云边缘执行安全信息流
5. Every Cloud Has a Silver Lining: An Investigation of Cancer Patients' Social Support, Coping Strategies, and Posttraumatic Growth. [D] . Cao, Weidan. 2017

机译：每一朵云都有一线希望：对癌症患者的社会支持，应对策略和创伤后增长的调查。
6. Medicare’s Mission to Change How Health Care is Paid for and Delivered: A Cloud with a Silver Lining or Just a Dark Cloud? [O] . Jeffrey Voigt -1

机译：Medicare的使命是改变医疗费用的支付方式和交付方式：一线云还是一线乌云？
7. Editorial Commentary: Every Cloud Has a Silver Lining…but Silver May Not Be the Currency of Choice: The Bioelectric Silver-Zinc Dressing Requires Additional Investigation [O] . Craig R. Bottoni 2018

机译：编辑评论：每一朵云都有一线希望......但银可能不是所选的货币：生物电银锌敷料需要额外的调查

Silver Lining: Enforcing Secure Information Flow at the Cloud Edge

摘要

著录项

相似文献

相关主题

期刊订阅