@article {159, title = {Information Flow Control for Secure Cloud Computing}, journal = {IEEE Transactions on Network and Service Management}, year = {2014}, abstract = {

Security concerns are widely seen as an obstacle to the adoption of cloud computing solutions. Information Flow Control (IFC) is a well understood Mandatory Access Control methodology. The earliest IFC models targeted security in a centralised environment, but decentralised forms of IFC have been designed and implemented, often within academic research projects. As a result, there is potential for decentralised IFC to achieve better cloud security than is available today.

In this paper we describe the properties of cloud computing{\textemdash} Platform-as-a-Service clouds in particular{\textemdash}and review a range of IFC models and implementations to identify opportunities for using IFC within a cloud computing context. Since IFC security is linked to the data that it protects, both tenants and providers of cloud services can agree on security policy, in a manner that does not require them to understand and rely on the particulars of the cloud software stack in order to effect enforcement.

}, keywords = {csn}, author = {Jean Bacon and David Eyers and Thomas F. J.-M. Pasquier and Jatinder Singh and Ioannis Papagiannis and Peter Pietzuch} }