In an ideal world, organizations “share” the cloud, logically separated from each other by the cloud provider, operating independently of each other in a sandbox, pulling resources only when needed, and respecting the separation put in place by the cloud provider. In the real world, applications uploaded to the cloud are trying to break out of their sandbox, attempting to gain access to other applications and hardware and trying to consume resources. The attackers know they have complete control of what the cloud runs; they know cloud security is immature and developing.
Cloud computing creates new security problems that must be dealt with in addition to the existing problems.
This research line explores these security problems.