Cloud computing r esearch
This presentation is the property of its rightful owner.
Sponsored Links
1 / 41

Cloud Computing R esearch PowerPoint PPT Presentation


  • 83 Views
  • Uploaded on
  • Presentation posted in: General

Cloud Computing R esearch. Roy H. Campbell Director of Assured Cloud Center University of Illinois at Urbana-Champaign August 8 th 2012 Chicago, IL. Security at UIUC. ITI – Information Trust Institute 100+ faculty/students/staff Areas Cloud (Air Force) Power grid (DOE)

Download Presentation

Cloud Computing R esearch

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Cloud computing r esearch

Cloud Computing Research

Roy H. Campbell

Director of Assured Cloud Center

University of Illinois at Urbana-Champaign

August 8th 2012 Chicago, IL


Cloud computing r esearch

  • Security at UIUC

  • ITI – Information Trust Institute

  • 100+ faculty/students/staff

  • Areas

    • Cloud (Air Force)

    • Power grid (DOE)

    • Health IT (SHARPS DHHS)

    • Data Science

    • Evaluation

    • Systems and Networking (Boeing)

    • Science of Security (NSA)

    • Education (ICSSP – NSF, NSA)

  • iti.illinois.edu


Cloud computing r esearch

  • Outline

    Assured Cloud Center (Air Force)

    Cloud Computing

    Current Research Challenges

    Future challenges


Cloud computing r esearch

  • Assured Cloud Center (Air Force) – [email protected]

  • Goal:

    Undertake core research and development to address challenges for emerging architectures, algorithms, and techniques to achieve secure and reliable cloud infrastructures and applications

  • Research focus:

    • New algorithms and techniques to provide reliability and security

    • Formal analysis and reasoning about system configurations

    • Design and experimental evaluation of prototypes

    • Workforce development including education, and technology exchange


Cloud computing r esearch

  • Assured Cloud Center – [email protected]

  • Organization structure:


Cloud computing r esearch

  • Outline

    • Assured Cloud Center

      Cloud Computing

      Current Research Challenges

      Future challenges


Cloud computing r esearch

  • What is cloud computing?

  • 5th generation of computing

1970s 1980s 1990s 2000s 2009+

Monolithic Client-Server Web SOA Cloud Services


Cloud computing r esearch

  • Pros and Cons


Cloud computing r esearch

  • Growing interest in cloud computing

  • Increasing number of outages

Google Insight for Search: Cloud Computing

Jul 08: Amazon S3 down 8.5h due to one single bit flip in Gossip message

Outage in:

Oct 09: MS Azure down 22h due to malfunction in the hypervisor

Apr 11: Amazon EC2 US East down 4 days due to Network problem and replicas algorithm

Feb 11: 40K Gmail Account down 4 days due to a bug in a storage software update

2007

2008

2009

2010

2011

Providing a higher level of reliability and availability is one of the biggest challenges of Cloud computing


Cloud computing r esearch

  • Incidents with Cloud Computing

  • - Providers:

    • “I discovered that several systems on the Amazon EC2 network were preforming brute force attacks, against our VoIP servers.”[1]

    • “Complaints of rampant SIP Brute Force Attacks coming from servers with Amazon EC2 IP Addresses cause many admins to simply drop all Amazon EC2 traffic.”[2]

    • No guarantee that providers will financially survive. What will happen if your provider liquidates? “Cassatt, the San Jose, Calif.-based provider of cloud computing environments, has sold its assets to public IT management firm CA for an undisclosed sum. ”[3]

  • - Attacks:

    • BitBucket, DDoS’s Off The Air. “Starting Friday evening, our network storage became virtually unavailable to us, and the site crawled to a halt.”[4]


Cloud computing r esearch

  • Incidents with Cloud Computing

  • - Maintenance:

    • Maintenance Induced Cascading Failures. “Gmail's web interface had a widespread outage earlier today, lasting about 100 minutes”[5]

  • - Storage:

    • T-Mobile: we probably lost all your Sidekick data “Well, this is shaping up to be one of the biggest disasters in the history of cloud computing, and certainly the largest blow to Danger and the Sidekick platform: T-Mobile's now reporting that personal data stored on Sidekicks has "almost certainly has been lost as a result of a server failure at Microsoft/Danger."”[6]

  • - Power:

    • Lightning Strike Triggers Amazon EC2 Outage “Some customers of Amazon’s EC2 cloud computing service were offline for more than four hours Wednesday night after an electrical storm damaged power equipment at one of the company’s data centers[7]


Cloud computing r esearch

  • Magnitude and complexity in Cloud Computing

  • Five-Minute Snapshot of In-and-Out Traffic within NCSA


Cloud computing r esearch

  • Outline

    • Assured Cloud Center

    • Cloud Computing

      Current Research Challenges

      Future challenges


Cloud computing r esearch

  • Current Research Challenges

  • Can we trust a virtual machine infrastructure?

  • Can clouds be real-time?

  • How do we asses trust in clouds?

  • Can we monitor the security properties of a cloud?

  • How do we assess End to End issues?

  • How do we build resilient virtual machines?

  • How do we verify assuredness in clouds?

  • What are the likely attacks?

  • Are there any legal and privacy concerns?

  • How do we educate an appropriate workforce?


Cloud computing r esearch

  • Can we trust a virtual machine infrastructure?

    Verifying Trustworthiness of Virtual Appliances Based on Software Whitelists (Rakesh Bobba)


Cloud computing r esearch

  • Current Research Challenges

  • Can we trust a virtual machine infrastructure?

  • Can clouds be real-time?

  • How do we asses trust in clouds?

  • Can we monitor the security properties of a cloud?

  • How do we assess End to End issues?

  • How do we build resilient virtual machines?

  • How do we verify assuredness in clouds?

  • What are the likely attacks?

  • Are there any legal and privacy concerns?

  • How do we educate an appropriate workforce?


Cloud computing r esearch

  • Can clouds be real-time?

    Design of Algorithms and Techniques for Real-time Assuredness in Cloud Computing (Indranil Gupta, Brian Cho)


Cloud computing r esearch

  • Current Research Challenges

  • Can we trust a virtual machine infrastructure?

  • Can clouds be real-time?

  • How do we asses trust in clouds?

  • Can we monitor the security properties of a cloud?

  • How do we assess End to End issues?

  • How do we build resilient virtual machines?

  • How do we verify assuredness in clouds?

  • What are the likely attacks?

  • Are there any legal and privacy concerns?

  • How do we educate an appropriate workforce?


Cloud computing r esearch

  • How do we assess trust in clouds?

    Trust Calculus for assured Cloud Computing (David Nicol, JingweiHuang)


Cloud computing r esearch

  • Current Research Challenges

  • Can we trust a virtual machine infrastructure?

  • Can clouds be real-time?

  • How do we asses trust in clouds?

  • Can we monitor the security properties of a cloud?

  • How do we assess End to End issues?

  • How do we build resilient virtual machines?

  • How do we verify assuredness in clouds?

  • What are the likely attacks?

  • Are there any legal and privacy concerns?

  • How do we educate an appropriate workforce?


Cloud computing r esearch

  • Can we monitor the security properties of a cloud?

    Cyber Infrastructure Security: Dynamic Policy Monitoring with inference in clouds (Roy Campbell)


Cloud computing r esearch

  • Current Research Challenges

  • Can we trust a virtual machine infrastructure?

  • Can clouds be real-time?

  • How do we asses trust in clouds?

  • Can we monitor the security properties of a cloud?

  • How do we assess End to End issues?

  • How do we build resilient virtual machines?

  • How do we verify assuredness in clouds?

  • What are the likely attacks?

  • Are there any legal and privacy concerns?

  • How do we educate an appropriate workforce?


Cloud computing r esearch

  • How do we assess End to End issues?

    ACC-UCoE: Application-aware Checking for Dependable and Secure Applications: Information Flow Signatures K-Y (Tseng, V. Sidea, R. Iyer, Z. Kalbarczyk)


Cloud computing r esearch

  • Current Research Challenges

  • Can we trust a virtual machine infrastructure?

  • Can clouds be real-time?

  • How do we asses trust in clouds?

  • Can we monitor the security properties of a cloud?

  • How do we assess End to End issues?

  • How do we build resilient virtual machines?

  • How do we verify assuredness in clouds?

  • What are the likely attacks?

  • Are there any legal and privacy concerns?

  • How do we educate an appropriate workforce?


Cloud computing r esearch

  • How do we build resilient virtual machines?

    ACC-UCoE: Building Resilient Virtual Machines: Protection Against Failures and Attacks (C. Pham, P. Cao, R. Iyer, Z. Kalbarczyk)


Cloud computing r esearch

  • Current Research Challenges

  • Can we trust a virtual machine infrastructure?

  • Can clouds be real-time?

  • How do we asses trust in clouds?

  • Can we monitor the security properties of a cloud?

  • How do we assess End to End issues?

  • How do we build resilient virtual machines?

  • How do we verify assuredness in clouds?

  • What are the likely attacks?

  • Are there any legal and privacy concerns?

  • How do we educate an appropriate workforce?


Cloud computing r esearch

  • How do we verify assuredness in clouds?

  • Formal Analysis of Cloud Systems (José Meseguer)


Cloud computing r esearch

  • How do we verify assuredness in clouds?

  • Coordination and Probabilistic Consistency (Gul Agha)


Cloud computing r esearch

  • Current Research Challenges

  • Can we trust a virtual machine infrastructure?

  • Can clouds be real-time?

  • How do we asses trust in clouds?

  • Can we monitor the security properties of a cloud?

  • How do we assess End to End issues?

  • How do we build resilient virtual machines?

  • How do we verify assuredness in clouds?

  • What are the likely attacks?

  • Are there any legal and privacy concerns?

  • How do we educate an appropriate workforce?


Cloud computing r esearch

  • What are the likely attacks?

    What Incidents Data Tell us About Attackers? R. Bonilla, H. Lin, Z. Kalbarczyk, R. Iyer


Cloud computing r esearch

  • Current Research Challenges

  • Can we trust a virtual machine infrastructure?

  • Can clouds be real-time?

  • How do we asses trust in clouds?

  • Can we monitor the security properties of a cloud?

  • How do we assess End to End issues?

  • How do we build resilient virtual machines?

  • How do we verify assuredness in clouds?

  • What are the likely attacks?

  • Are there any legal and privacy concerns?

  • How do we educate an appropriate workforce?


Cloud computing r esearch

  • Are there any legal and privacy concerns?

    Cloud computing Privacy and Legal Aspects (Masooda Bashir)


Cloud computing r esearch

  • Current Research Challenges

  • Can we trust a virtual machine infrastructure?

  • Can clouds be real-time?

  • How do we asses trust in clouds?

  • Can we monitor the security properties of a cloud?

  • How do we assess End to End issues?

  • How do we build resilient virtual machines?

  • How do we verify assuredness in clouds?

  • What are the likely attacks?

  • Are there any legal and privacy concerns?

  • How do we educate an appropriate workforce?


Cloud computing r esearch

  • How do we educate an appropriate workforce?

    Educational initiatives (Masooda Bashir)


Cloud computing r esearch

  • Outline

    • Assured Cloud Center

    • Cloud Computing

    • Current Research Challenges

      Future challenges


Cloud computing r esearch

  • Future challenges

    How can we offer Security as a Service in the cloud?

Cloud Infrastructure

IaaS

PaaS

SaaS

SSaaS

Software Security as a Service

(SSaaS)

Architectures


Cloud computing r esearch

Commercialization Startups from ITI

  • Technology Transfer: Scott Pickard 217-333-3437 [email protected]


Cloud computing r esearch

  • Thank you for your attention

    Contact information:

    • Roy H. Campbell

    • [email protected]

    • http://assured-cloud-computing.illinois.edu

    • http://srg.cs.illinois.edu


Cloud computing r esearch

  • References

    • http://www.stuartsheldon.org/blog/2010/04/sip-brute-force-attack-originating-from-amazon-ec2-hosts

    • http://www.voiptechchat.com/voip/457/amazon-ec2-sip-brute-force-attacks-on-rise

    • http://venturebeat.com/2009/06/04/cloud-provider-cassatt-sells-out-to-ca-to-avoid-bankruptcy

    • http://blog.bitbucket.org/2009/10/04/on-our-extended-downtime-amazon-and-whats-coming

    • http://gmailblog.blogspot.com/2009/09/more-on-todays-gmail-issue.html

    • http://www.engadget.com/2009/10/10/t-mobile-we-probably-lost-all-your-sidekick-data

    • http://www.datacenterknowledge.com/archives/2009/06/11/lightning-strike-triggers-amazon-ec2-outage


Cloud computing r esearch1

Cloud Computing Research

Roy H. Campbell

Director of Assured Cloud Center

University of Illinois at Urbana-Champaign

August 8th 2012 Chicago, IL


  • Login