Print this page

Hasan to make cloud computing more secure

Written by 
  • April 17, 2014

Ragib Hasan sizedAs a world-renowned doctoral research university, UAB expects its teacher-scholars to win competitive grants and other awards to support their research. And they do not disappoint. This year, four professors have been chosen to receive National Science Foundation Career Awards — a prize the foundation describes among its most prestigious.

The NSF awards are provided to support the early career-development activities of professors who most effectively integrate research and education within the context of the mission of their organization. At UAB, those faculty include Thamar Solorio, Ph.D., and Ragib Hasan, Ph.D., assistant professors of computer and information sciences, Eugenia Kharlampieva, Ph.D., assistant professor of chemistry, and Karolina Mukhtar, Ph.D., assistant professor of biology.

The UAB Reporter will feature each of these outstanding researchers during the next few weeks and provide insight into their work and its promise. This week we focus on Hasan’s work to make cloud computing more secure.

Cloud computing has not been adopted widely by industries that require a high level of security — such as health care and defense — because the technology cannot be held accountable and does not comply with data-protection regulations. Hasan is working to change that by finding ways to leverage provenance — the history of data, applications and cloud state — as a first-class property of clouds. The cloud architecture, he says, provides mechanisms for collecting, storing and creating a secure access mechanism for provenance and he’ll use his $485,897 NSF Career Award to advance this work.

Q. What was your reaction to being selected for this honor by the NSF?

A: This came as a pleasant surprise to me. Junior faculty get only three chances to apply for a Career Award, and it is quite rare to get it on a first attempt. So, I was not expecting it. I got the email right as I was picking up my 3-year-old son Zaayan from UAB Childcare, so he was the first to know. Though I doubt he understands what this is, he was very excited and told my wife Jaria, a doctor and researcher at UAB, that his dad got a career award.

Q: What is the hypothesis of your research?

A: At a very high level, my research focuses on making provenance a first-class and fundamental property of cloud-computing systems. My hypothesis is that by making secure provenance a fundamental part of clouds, we can make clouds more accountable and trustworthy.

Q: What are the current challenges, and how do you plan to address them?

A: Cloud computing has emerged as one of the most successful computing models in recent years. However, lack of accountability and non-compliance with data-protection regulations prevent major users such as business, health care and defense organizations from using clouds for sensitive data and applications. Because of the lack of information about cloud internals and the inability to perform trustworthy audits, today's clouds often are not used in regulated industries, which prevents their widespread adoption.

The main focus of my research is to make clouds more accountable by leveraging provenance —or the history of data, applications and cloud state — as a first-class property. The cloud provenance architecture provides mechanisms for collecting, storing and securing provenance and creating a secure access mechanism for provenance. I am implementing this architecture using OpenStack — a popular cloud platform — and standard benchmarks to evaluate performance. During the next five years, my research will result in algorithms, provably secure information assurance techniques and practical implementations of a provenance-aware, secure and accountable cloud.

Q: How did you become interested in this type of research?

A: Even as a child, I was deeply interested in history. I strongly believe that our past, our history, plays a major role in what we become and how we behave. But then after high school, I found computer science and fell in love with bits and algorithms. Later when I was doing my doctoral work and was searching for a problem to solve, I came back to my original interest in history. I suddenly realized that the history or provenance of digital objects is very important for many practical purposes. My doctoral research at the University of Illinois focused on making the history and provenance of digital objects trustworthy. While at Johns Hopkins University with a prestigious Computing Innovation Fellowship from the National Science Foundation, I worked to protect the history of mobile devices and physical objects.

At UAB, I shifted my focus to cloud computing, which has become the dominant computing paradigm in recent years, and I've been teaching a graduate course on cloud security for the past five years. During this time, I have explored the state-of-the-art research and found that today's clouds are extremely insecure and that prevents widespread adoption. At the same time, I had a hunch that proper use of provenance or history of data objects and applications in clouds will solve many of these security problems. As a result, I became very interested in applying techniques of secure provenance in the area of cloud computing.

In short, my deep attraction to history kind of merged with my love for computer science and practical problem-solving.

Q: What impact do you hope your research will have on cloud computing?

Eugenia Kharlampieva's research on shape responses of ultra-thin hydrogel microcapsules was featured this past week, read itThalmar Solorio’s research on cross-domain authorship analysis was also featured, read it.  

A: A secure provenance-based cloud advances the state of the art in several ways — it makes clouds more accountable and trustworthy leads to increased adoption by large organizations, ultimately lowers cost, provides law-enforcement with support for digital forensics investigations and allows innovations such as novel authentication and access-control schemes.

Q: What does this award mean to you both professionally and personally?

A: Professionally, a prestigious award like the NSF Career award will be a major milestone in my academic career. Besides giving me funding for the next five years to pursue my research on cloud security, it also will enable me to mentor two doctoral students and help integrate my research with my teaching and educational activities. On a personal level, it gives me more freedom to pursue research and gain more recognition in a community of computer scientists and researchers. I also plan to author the first academic textbook on cloud security as part of this award.

Q: How does your research tie into the local community? How will you integrate it into educational and mentoring components?

A: Clouds are everywhere, whether we can or can't see them. Any computing service we use is backed by clouds, so this will affect everyone in the local community in one way or another. During the next five years, it will bring close to a half-million dollars to UAB in terms of research funds, support two doctoral students at my lab and enable me to mentor local high-school and undergraduate students. The findings of my research will usher a new era of security and accountability in cloud computing.

A major part of my Career proposal was the integrated educational and mentoring plan, which includes development of new curricula, textbook and an online course. The project also includes mentoring of K-12, undergraduate, graduate and postdoctoral researchers, summer camps and involving women and minorities to increase the diversity of our nation's workforce.

I am the founder of the award-winning educational platform — a massive online open course, which has won four major international awards in the past year, including a Google RISE Award. I will leverage the experience of building this course to create innovative and free online educational resources on cloud security. This will benefit the student community at UAB and the whole community of students, scholars and educators around the world.