Abstract
In this talk, I will describe some of the many efforts conducted in pursuit of the Modular Approach to Cloud Security project, an NSF Frontier effort to develop techniques and tools for building information systems with meaningful multi-layered security guarantees. Arguably, reasoning about all the security aspects of systems in one blow is not feasible. The approach we take is thus modular: We aim at systems that are built from smaller and separable functional components, where the security of each component is asserted individually, and where security of the system as a whole can be derived from the security of its components. Because this composition can be performed in multiple ways, we also aim to inform and empower consumers so they can personalize the security guarantees offered by the cloud to suit their objectives.