Cloud computing is rapidly transforming information technology in both the private and public sectors. Cloud-based solutions provide significant scalability, realize significant cost effectiveness, can be quickly deployed and provisioned, and can enable full transparency in managing operational costs. Because of this, organizations face enormous pressure to incorporate cloud solutions into their operational environment. However, the novel combination of technologies used to implement cloud services introduces new vulnerabilities to malicious attack, which will only increase as more applications and platforms move to cloud environments.
Overview of the different types of cloud. Private Clouds are clouds where the underlying infrastructure is completely under the control of and dedicated to the consuming organization. Private Clouds allow for more finely grained security controls, however many of the cost efficiency potential of cloud cannot be realized. Public Clouds are external to the organization, and may involve co-tenancy on infrastructure offered to other customers of the Cloud Service Provider. While this offers cost savings, it can also invoke security concerns.
Motivation
Enterprises that are migrating systems to the cloud are often concerned about the risk the cloud platform poses. They are unable to evaluate those risks because the underlying cloud infrastructure is owned by another organization and vulnerabilities may not be readily apparent. Current cloud computing security approaches are based on virtualization, separation and access control. Compromised computing nodes must be manually identified and disinfected, and they cannot be quickly recovered in the face of automated and persistent attack.
Approach
A comprehensive cloud security solution must be resilient in the face of significant node corruption and must incorporate regenerative capabilities that can ensure the continued mission effectiveness of the system. Current solutions to prevent an attacker from stealing a compromised node’s data require unacceptably high bandwidth, which can significantly slow systems. These approaches also assume a static architecture, a situation that inherently favors the attacker since it provides them with time to discover the network’s architecture and layout and implement an effective attack.
In order to address these and other challenges, CSD will develop several technologies within the Security for Cloud-based Systems program. This work focuses on developing and deploying cloud investigation and auditing tools and capabilities, technologies that allow for advanced virtual machines (VM) management, methods that provide for secure multiparty computing as well as the development of other technologies to secure the end-points in a cloud system.
Contact
Program Manager: Edward Rhyne
Email: SandT-Cyber-Liaison@hq.dhs.gov
Performers
Prime: ATC-NY - Silverline
Prime: HRL Laboratories - Cloud-COP
Prime: Intelligent Automation Inc. - Self-shielding Dynamic Network Architecture (SDNA) in the Cloud
Prime: Private Machines - ARMOR