Architectural Support for Improving Cloud Computing Security

Sponsored by NSF Computing and Communication Foundations (CCF) Program

Sushil Jajodia
George Mason University, Fairfax, Virginia

The rapid deployment of cloud computing services and their attraction for small and medium businesses requires a thorough examination of security issues.  Indeed cloud computing brings a host of new security issues that have not been addressed in the past research, namely the lack of trust between the infrastructure provider and customers (e.g., service providers) and potential for misuse of cloud computing resources for data exposure or service disruption.  In this research we address major security issues brought about by cloud computing.  In particular, we consider three main approaches to addressing the cloud computing security issues: (a) simultaneous encryption and access control to protect service provider’s data from infrastructure provider, (b) securing cloud resident data by scattering the data, meta-data, or encryption keys in the cloud, and (c) coordinated monitoring of both incoming and outgoing traffic of VM’s in the cloud in order to detect “spyware” installed in the cloud. 

The proposed solutions could significantly affect the application performance and thus come in the way of real-world deployments.  It is therefore essential to consider hardware and architectural support that can significantly reduce the overhead of the schemes.  Thus, the main focus of this proposal is to examine architectural support for cloud computing security.