Securing the Cloud
The Massachusetts Open Cloud (MOC), a one-of-a-kind marketplace model for customizable public cloud offerings now being built a team of researchers from BU and several other universities, may soon claim another first: a modular cybersecurity system built from smaller, separate functional components, each asserting its own security individually. As a result, the security of the system as a whole will be derived from the security of its components, rather than from a single firewall, as is currently the case with most cloud systems.
The cutting-edge approach will be designed by researchers from Boston University, MIT, the University of Connecticut, and Northeastern University with funding from a five-year, $10 million Frontier grant from the National Science Foundation, $5.3 million of which will go to BU. The effort, known as the Modular Approach to Cloud Security (MACS), will be led by Ran Canetti, professor of computer science at the College of Arts & Sciences and director of the BU Center for Reliable Information Systems and Cyber Security.
“Our goal is to build a cloud with clear and transparent security properties,” says Canetti. “If successful, this project will transform the way we currently build and argue about secure systems.” Canetti says the goal involves more than developing hardware and software: it depends on understanding new ideas. Still, he says “we hope to build an actual system.”
Azer Bestavros, a CAS professor of computer science and the founding director of the Rafik B. Hariri Institute for Computing and Computational Science & Engineering, says that, to date, people have talked about modular security in a theoretical sense, but making it a practical reality remains “a dream.”
“The problem with typical security on a cloud is that there is no way to check everything,” says Bestavros. “The systems are too big, and there are too many different technologies. Trying to secure the whole thing is a lost cause.”
To understand the MACS modular approach, says Bestavros, imagine making a house secure by securing every room and then combining all of the secure pieces. “It’s a very difficult problem,” he says. “We hope to take it from theory to practice in a real cloud.”