“Supercloud” to the Rescue? New Architecture Could Make Cloud Computing More Secure

May 10, 2017  |  Computing

Recent reports[1] show hybrid cloud adoption growth tripled in the last year, and 80 percent of all IT budgets are expected to be committed to cloud solutions in the next 15 months. The message is pretty clear: cloud computing isn’t going anywhere and will only become more widespread.

The same could be said, however, for the hesitations many have about transferring valuable data – everything from employee information to financial records – to cloud-service providers. The high maintenance costs of private data centers are causing many providers to employ distributed cloud computing systems, which can pose reliability and security issues.

Could a “Supercloud” save the day? One team of European researchers thinks so and presents a solution in their IEEE article, “User-Centric Security and Dependability in the Clouds-of-Clouds”.

User-focused and self-managed, the Supercloud is the team’s new vision of security and dependability management for distributed cloud computing.

Challenges of Distributed Cloud Computing Systems


Distributed cloud computing systems are complex and under the complete control of providers. Users have no influence over the security, pricing or reliability of their clouds. Furthermore, the researchers say having one provider host the cloud causes it to be more vulnerable to hacking, and cloud services become less stable if the user isn’t located near one of the provider’s data centers.

The multi-cloud architecture of the Supercloud uses the distributed cloud systems of multiple providers. This better ensures users have their data hosted in the nearest data centers for all providers in the system, not just the nearest data center of a single provider.

As part of the Supercloud’s multi-cloud architecture, a security layer provides separation between the customer’s cloud and the provider-controlled cloud. This layer allows the Supercloud architecture to host user-centric clouds, or “U-Clouds,” which are specifically encrypted for each individual user, whether it is a person or corporation.

U-Clouds can be hosted through the same public or private provider, but are separated from other U-Clouds through U-Cloud boundaries created by the Supercloud security layer. As seen in the figure below, this increases the reliability of each cloud. If a U-Cloud is functioning incorrectly or is infected by a virus, the isolation of each U-Cloud prevents them from affecting others that use the same provider.

Figure 1: Diagram of the Supercloud concept

 

“This à la carte approach to cloud security enables full protection customizability as the customer can choose which security and availability services to deploy in his or her own cloud,” said Marc Lacoste, a Senior Research Scientist at Orange Labs.

The Supercloud architecture has four different planes (see below in red) designed to use various security and dependability services maintained by the service providers. These planes would give users control of their personal clouds, rather than surrendering control to providers. While it requires some knowledge from users, they control who can access their data and can easily transfer their data between different providers in the Supercloud architecture.

Figure 2: Sample Supercloud workflow

 

New Business Opportunities


The researchers believe the design of the Supercloud will create business opportunities for providers and many companies. Any establishment handling sensitive data would have incentive to transition to U-Clouds, since they provide the ability to better protect data from outside parties.

Additionally, the Supercloud architecture would allow cloud providers to offer new services as users would have more trust in cloud computing security. “The Supercloud offers business opportunities across dimensions, out of which cloud brokerage is probably the most immediate,” said Marko Vukolić, a Research Staff Member at IBM Research in Zurich. “Technology developed in the Supercloud allows the creation of value-added services that bring together resources from several, possibly untrusted, cloud providers to give users better service, more security and dependability guarantees.”

Healthcare is one example of an industry that can benefit from the Supercloud. As the volume of diagnostic imaging continues to rise, a cloud solution would keep data storage costs down. The Supercloud could provide a hospital with a secure online archive of all its images and ensure even the hospital’s provider didn’t have access to the data in their private cloud.

Though still in development, the research team has been implementing different components of the Supercloud architecture to achieve integrated proofs of concepts. Beyond healthcare, other predicted applications and business domains include cloud brokerage, blockchain and smart home security.

Amidst the development of cloud computing and the growing concern of data breaches, the Supercloud will soon be able to offer individual consumers and businesses a unique multi-cloud architecture that is more secure and dependable than other cloud computing systems.

Learn more about multi-cloud architecture in IEEE Xplore.

Follow the research team’s progress in developing the Supercloud. See their latest results at https://supercloud-project.eu/.


[1] McAfee (Ed.). (n.d.). Building Trust in a Cloudy Sky. Retrieved May 02, 2017, from https://www.mcafee.com/us/solutions/lp/cloud-security-report.html

 

Read the first page of this article for free on IEEE Xplore.

View the full-text article on IEEE Xplore. Read the first page for free. Full article available with purchase or subscription.