TWC: TTP Option: Frontier: Collaborative: MACS: A Modular Approach to Cloud Security

TWC：TTP 选项：前沿：协作：MACS：云安全的模块化方法

• 批准号: 1413996
• 负责人: Marten van Dijk
• 金额: $ 80.02万
• 依托单位: University of Connecticut
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2014
• 资助国家: 美国
• 起止时间: 2014-10-01 至 2021-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1413996&HistoricalAwards=false
• 关键词: TWC; TTP; Option; Frontier; Collaborative

The goal of the Modular Approach to Cloud Security (MACS) project is to develop methods for building information systems with meaningful multi-layered security guarantees. The modular approach of MACS focuses on systems that are built from smaller and separable functional components, where the security of each component is asserted individually, and where the security of the system as a whole can be derived from the security of its components. The project concentrates on building outsourced, cloud-based information services with client-centric security guarantees. The MACS project addresses a diverse set of security challenges. These include the design of hardware with built-in secrecy and integrity properties, small and versatile operating systems that offer minimal functionality but are simpler and easier to analyze, privacy-preserving and verifiable memory access for outsourced applications, security-preserving overlay and software-defined networks, and algorithms for privacy-preserving verifiable outsourced computations and database systems. Crucially, we combine all of these security mechanisms with their piecemeal analyses into a global security guarantee. Furthermore, the analysis is modular, allowing the substitution of components with others that provide potentially comparable guarantees based on different techniques and trust assumptions. The research team comprises experts in different aspects of information security and cryptography. The research is highly collaborative and pools together key areas of expertise in order to provide overall security guarantees. A key component of the project is the Massachusetts Open Cloud, which provides the research team with a test-bed for deploying and testing the developed mechanisms in a production cloud. The project involves a significant outreach component with a number of goals. One goal is to introduce technology professionals to cybersecurity and its central role for our society and economy. Another goal is to introduce K-12 students to cybersecurity, and through it to computer science in general. The program targets students from both under-represented minorities and students with exceptional academic potential.

模块化的云安全方法(MACS)项目的目标是开发构建具有有意义的多层安全保证的信息系统的方法。互委会的模块化方法侧重于由较小和可分离的功能部件建立的系统，其中每个部件的安全性是单独断言的，而系统作为一个整体的安全性可以从其部件的安全性中得出。该项目专注于构建外包的、基于云的信息服务，并提供以客户为中心的安全保证。Mac项目解决了一系列不同的安全挑战。这些包括具有内置保密性和完整性属性的硬件设计，提供最少功能但更容易分析的小型和多功能操作系统，外包应用程序的隐私保护和可验证的内存访问，安全保护的覆盖和软件定义的网络，以及用于隐私保护的可验证的外包计算和数据库系统的算法。至关重要的是，我们将所有这些安全机制及其零敲碎打的分析结合在一起，形成全球安全保障。此外，分析是模块化的，允许使用基于不同技术和信任假设提供潜在可比较保证的其他组件来替换组件。研究团队由信息安全和密码学不同方面的专家组成。这项研究具有高度的协作性，并汇集了关键领域的专业知识，以提供全面的安全保障。该项目的一个关键组成部分是马萨诸塞州开放云，它为研究团队提供了一个试验台，用于在生产云中部署和测试开发的机制。该项目涉及一个重要的外联部分，具有若干目标。其中一个目标是向技术专业人士介绍网络安全及其对我们社会和经济的核心作用。另一个目标是向K-12的学生介绍网络安全，并通过它了解一般的计算机科学。该计划的目标学生既有来自代表性不足的少数族裔的学生，也有具有非凡学术潜力的学生。