Overview
Cloud computing is an amorphous and ill defined term. This lack of definitional precision might be a minor irritant for most IT professionals, as they know what they mean by "the cloud". However, from the perspective of cloud security, this lack of definition causes serious problems, as it makes it difficult for both buyers and vendors of cloud services to specify requirements and ensure they are being met.
The SafeMashups Cloud Trust Model is an attempt to create a less abstract, and more concrete, model, that will hopefully be easily approachable by any IT professional. SafeMashups is working with others to standardize this model and introduce it into other cloud frameworks. If not the entire model, we believe that some of the key concepts may prove useful for anyone interested in the space.
A notion central to cloud computing is the notion of applications and data-sets migrating, even dynamically, within and across clouds. This has two significant implications. First, it argues even more for mutual authentication and key exchange to become an application level concern as opposed to a transport level concern, as in a sense the application semantics should hold even as the transport beneath it changes. This makes MashSSL a very relevant security protocol for cloud computing. The second significant implication lies in the answers to questions of the type: "Who decides if an application or data-set can migrate from one part of a cloud to another part of the same cloud or to another cloud?" "Who decides if two portions of the same or different clouds are allowed to communicate?"
We believe the answer lies in the development of a new type of trust broker, namely a Cloud Trust Broker who facilitates the establishment of a session between two parts of the same or different clouds. This facilitation should be driven by the security policy. The SafeMashups Cloud Trust Broker is the first instance of such a policy establishment and enforcement engine.