Nublu: Assured Information Sharing in Clouds

ABSTRACT: We propose to develop an assured information sharing framework for cloud-based systems that leverages our ongoing work in the areas of policy-based usage management and semantic interoperability. The development of this framework will involve the creation of a novel approach to information sharing that treats security as a commodity that can be dynamically provisioned within the cloud, along with other cloud resources. Currently, the security of networked infrastructures tends to be managed statically. That is, security requirements are developed and implemented within the networking environment, and all of the information that traverses the network will have these hard-coded security policies applied to it. The proposed research addresses this issue by logically separating security policies from security implementations within the network. This approach is vital if the true capabilities of the cloud are to be realized in DoD environments; indeed, it naturally meshes with the philosophy behind cloud computing. Specifically, the main advantage of cloud systems is the automatic provisioning of resources according to current demands. In a DoD setting there will be multiple missions currently interacting with the cloud infrastructure, and the proposed framework will allow each mission to do so according to the current security demands. BENEFIT: The anticipated benefits resulting from this project, which involves providing assured information sharing capabilities using flexible cloud computing based architectures, are the ability to: (a) dynamically and securely share information across multiple domains; (b) deliver the power of information to ensure mission success; (c) create an agile enterprise with freedom of maneuverability across the information environment; and (d) leverage legacy system investment. The potential to apply this work to commercial opportunities is easy to see. The framework is applicable in any networked environment where assured information sharing is needed. Therefore much of our work on this project should translate naturally to commercial settings.