Security in a Cloud Bazaar

While cloud computing is transforming society, today's public clouds are black boxes, implemented and operated by a single provider that makes all business and technology decisions. In 2013 we launched the Mass Open Cloud (MOC) with the vision of creating a production cloud that would enable innovation by a broad industry and research community. This open cloud has become a laboratory for cloud research and innovation, resulting in hundreds of publications, contributions to open source software, and collaborations between researchers, open source developers, and production operations staff. Recently we launched the Open Research Cloud Initiative (ORCI) to provide a framework to coordinate the bazaar of interrelated projects and initiatives that have evolved since 2013, including the Red Hat Collaboratory@BU, Open Cloud Testbed (OCT), New England Research Cloud (NERC), Northeast Storage Exchange (NESE), Operate First, and OpenInfra Labs. With its launch, the MOC inspired and enabled research in cloud security. For example, the Modular Approach to Cloud Security (MACS) SaTC NSF frontier project, launched in 2014, brought together cryptographers, operating system, database and computer architecture researchers from BU, MIT, UConn and NEU. This security research resulted in new open-source software and products that are today enabling new services in the ORCI bazaar. This talk will discuss the ORCI cloud bazaar, some of the security research and projects it inspired, and some exciting new collaborations happening now to make the cloud both open and secure.