Secure serverless computing using dynamic information flow control
نویسندگان
چکیده
منابع مشابه
Secure Serverless Computing Using Dynamic Information Flow Control
The rise of serverless computing provides an opportunity to rethink cloud security. We present an approach for securing serverless systems using a novel form of dynamic information flow control (IFC). We show that in serverless applications, the termination channel found in most existing IFC systems can be arbitrarily amplified via multiple concurrent requests, necessitating a stronger terminat...
متن کاملInformation Flow Control to Secure Dynamic Web Service Composition
The vision of a landscape of heterogeneous web services deployed as encapsulated business software assets in the Internet is currently becoming a reality as part of the Semantic Web. When pro-active agents handle the context-aware discovery, acquisition, composition, and management of application services and data, ensuring the security of customers’ data becomes a principle task. To dynamicall...
متن کاملInformation flow control for secure web sites
Sometimes Web sites fail in the worst ways. They can reveal private data that can never be retracted [60, 72, 78, 79]. Or they can succumb to vandalism, and subsequently show corrupt data to users [27]. Blame can fall on the off-the-shelf software that runs the site (e.g., the operating system, the application libraries, the Web server, etc.), but more frequently (as in the above references), t...
متن کاملFormal verification of secure information flow in cloud computing
Federated cloud systems increase the reliability and reduce the cost of computational support to an organisation. However, the resulting combination of secure private clouds and less secure public clouds impacts on the overall security of the system as applications need to be located within different clouds. In this paper, the entities of a federated cloud system as well as the clouds are assig...
متن کاملSecure Information Flow Using Compiler Techniques
Protecting confidential data in computer systems is an actively researched problem with no complete solution. While access control and encryption prevent confidential information from being read or modified by unauthorized users, they do not regulate the information propagation after it has been released for execution. An approach proposed to handle this is secure information flow which has bee...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Proceedings of the ACM on Programming Languages
سال: 2018
ISSN: 2475-1421
DOI: 10.1145/3276488