Toggle Main Menu Toggle Search

Open Access padlockePrints

A Multi-Level Security Model for Partitioning Workflows over Federated Clouds

Lookup NU author(s): Professor Paul WatsonORCiD


Full text for this publication is not currently held within this repository. Alternative links are provided below where available.


Cloud computing has the potential to provide low-cost, scalable computing, but cloud security is a major area of concern. Many organizations are therefore considering using a combination of a secure internal cloud, along with (what they perceive to be) less secure public clouds. However, this raises the issue of how to partition applications across a set of clouds, while meeting security requirements. Currently, this is usually done on an ad-hoc basis, which is potentially error-prone, or for simplicity the whole application is deployed on a single cloud, so removing the possible performance and availability benefits of exploiting multiple clouds within a single application. This paper describes an alternative to ad-hoc approaches -- a method that determines all ways in which applications structured as workflows can be partitioned over the set of available clouds such that security requirements are met. The approach is based on a Multi-Level Security model that extends Bell-LaPadula to encompass cloud computing. This includes introducing workflow transformations that are needed where data is communicated between clouds. In specific cases these transformations can result in security breaches, but the paper describes how these can be detected. Once a set of valid options has been generated, a cost model is used to rank them. The method has been implemented in a tool, which is described in the paper.

Publication metadata

Author(s): Watson P

Publication type: Article

Publication status: Published

Journal: Journal of Cloud Computing: Advances, Systems and Applications

Year: 2012

Volume: 1

Issue: 1

Print publication date: 28/07/2012

ISSN (electronic): 2192-113X

Publisher: SpringerOpen


DOI: 10.1186/2192-113X-1-15


Altmetrics provided by Altmetric