Cloud data needs to be tracked to ensure security

Cloud service providers should layer their infrastructure to better protect their data and alleviate security concerns, according to Imperial College London lecturer Dr Peter Pietzuch, who was speaking at a Westminster eforum event yesterday.

Pietzuch told delegates at the event, Cloud computing - security, market development and prospects for the g-cloud, that the current security model for the cloud is not transparent enough, meaning software developers that want to deploy their applications in the cloud do not have enough knowledge of that provider's security.

You are given certain guarantees in terms of data confidentiality, integrity, secure auditing and resource isolation, but what is not transparent is how cloud providers actually enforce these," he explained.

"Our research at Imperial College aims to provide a cloud platform that can automatically detect security violations caused by either a flaw in the applications or in the cloud platform being used," he added.

"We would like to move to a model where if you deploy a cloud application it comes with a cloud security policy.

"This means there will be a specification around the type of data protection guarantees required and the cloud infrastructure will automatically enforce a standardised set of policies."

Pietzuch argued that service providers should pursue a data-centric approach to security, which would see data being tracked across the different cloud software components.

"If you consider a multi-tenanted cloud environment, where there is a particular application that consists of multiple software components, what the cloud can do is actually track the path of the user data within the cloud infrastructure," said Pietzuch.

"So, now that the cloud understands which components were exposed to sensitive data, it can isolate those components and prevent security problems," he added.

"For example, if there is a flaw in an implementation of a software component that leads to an unauthorised leakage of sensitive data, the cloud infrastructure is able to prevent the flow of this information [essentially locking it down], because it understands that this component has had access to sensitive data."

He said it is "naive" to assume one security method will solve all data protection problems in the cloud, and that there needs to be "multiple layers of defence".

"We should also create individual compartments within the cloud infrastructure, so when there is a security incident we can essentially limit its scope," he explained.

Imperial College has been working with the NHS to use the ideas Pietzuch discussed at the eforum, in the hope of creating secure healthcare applications.

Despite Pietzuch's research and his arguments that security in the cloud could be improved, he also said the industry perception of cloud security is very "skewed".

"A good analogy would be the difference between plane travel and car travel. Objectively, we know plane travel is safer per mile travelled than car travel.

"However, at the same time, more people feel anxious when they board a plane than when they take a car," he said.

"Similarly, we know cloud providers invest a lot of energy on securing the cloud infrastructure.

"They have substantial resources and the type of security mechanisms they can provide are probably better than traditional in-house security solutions," he added.

"At the same time, of course, cloud providers are collecting sensitive data from many different users, so the surface of attack is much larger and there is more incentive for criminals to attack the cloud. A single big security incident could potentially ruin a cloud provider's reputation."