Federal Data Center Consolidation Makes Progress

The Department of Defense (DoD) is funding research to create a cloud computing environment that can heal itself after a cyber attack.

Researchers at the Massachusetts Institute of Technology Computer Science and Artificial Intelligence Laboratory (CSAIL) are working on a new system that would help a cloud identify an attack and recover from it almost instantaneously, according to MIT.

The work is part of the Defense Advanced Research Project Agency (DARPA) Mission-oriented Resilient Clouds (MRC) project, which aims to create a cloud network, the resiliency of which is based on its ability to adapt.

Generally if a network is attacked, the entire system that's been infiltrated shuts down regardless of which system--PC, website, or server, for instance--the attack targeted.

MIT researchers at the Center for Resilient Software at CSAIL are trying to develop a system that can tell when something is amiss with a network and defend against it as soon as it happens.

[ Service-level agreements, privacy, and security are top priorities as Feds Offer Agencies Guidance On Cloud Implementation. ]

To enable a network to do this, researchers are providing a guideline for how the cloud computing environment's operations should normally function. The network can use this model to identify when it is under attack so it can return operations to normal as soon as possible, according to MIT.

Professor Martin Rinard, a principal investigator at CSAIL, likened a self-healing cloud network to the human body, which senses when it's being attacked by a virus and begins self-repair almost immediately. Rinard also is leading the work to create a network that will work this way, which at MIT is called the Cloud Intrusion Detection and Repair project.

"Much like the human body has a monitoring system that can detect when everything is running normally, our hypothesis is that a successful attack appears as an anomaly in the normal operating activity of the system," he said in a press statement. "By observing the execution of a 'normal' cloud system we're going to the heart of what we want to preserve about the system, which should hopefully keep the cloud safe from attack."

For the project to be successful, researchers must have an in-depth understanding of how a cloud-computing environment operates, which Rinard said is something the industry lacks at the moment. If researchers can understand how behavior of each system affects the cloud as a whole, they can prevent future attacks, he said.

Indeed, securing the cloud is of major concern for the U.S. military and the federal government in general as agencies ramp up their adoption of the cloud through a cloud first IT reform mandate. At the DoD specifically, the Army has been one of the earliest to jump on the cloud bandwagon; the military arm is in the process of moving its in-house email system to a private cloud hosted by the Defense Information Systems Agency.

How 10 federal agencies are tapping the power of cloud computing--without compromising security. Also in the new, all-digital InformationWeek Government supplement: To judge the success of the OMB's IT reform efforts, we need concrete numbers on cost savings and returns. Download our Cloud In Action issue of InformationWeek Government now. (Free registration required.)