Towards Intrusion Tolerant Clouds

(NCS logo)

Overview

Cloud computing paradigm made the global IT infrastructure become dependent on a relatively small number of very large distributed systems managed as clouds. To achieve adequate scale and availability, cloud computing systems need two distributed system capabilities: consistent global state replicated across the network; and a distributed messaging system that connects cloud components, transforming them to a cohesive system that mostly manages itself autonomously. However, both systems are vulnerable to intrusions and the algorithms and tools necessary to build them at cloud scale, guaranteeing their integrity and performance under intrusion attacks, do not exist in practice.

The goal of this project is to create and develop the replication and overlay messaging engines necessary to make public and private clouds resilient to intrusion attacks. In addition to facilitating cloud infrastructure builders, the same technologies will also enable application builders to make their cloud applications more resilient to intrusions.

Publications

    Journals

    Increasing Network Resiliency by Optimally Assigning Diverse Variants to Routing Nodes A. Newell, D. Obenshain, T. Tantillo, C. Nita-Rotaru, and Y. Amir. IEEE/ACM Transactions on Dependable and Secure Systems, accepted Nov. 2014. [PDF]

    Conferences

    Increasing Network Resiliency by Optimally Assigning Diverse Variants to Routing Nodes. Andrew Newell, Daniel Obenshain, Tom Tantillo, Cristina Nita-Rotuaru, and Yair Amir. In Proc. of The 43rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), 2013. [PDF] [BIBTEX]
    Intrusion-Tolerant Cloud Monitoring and Control. Daniel Obenshain, Tom Tantillo, Andrew Newell, Cristina Nita-Rotaru and Yair Amir. In Proc. of Large-Scale Distributed Systems and Middleware (LADIS), 2012. [PDF] [BIBTEX]

    Technical Reports

    Increasing Network Resiliency by Optimally Assigning Diverse Variants to Routing Nodes. Andrew Newell, Daniel Obenshain, Tom Tantillo, Cristina Nita-Rotuaru, and Yair Amir. Technical Report 2013. [PDF] [BIBTEX]

Students

Funding

This project is funded by the DARPA Mission Resilient Clouds Program and it is a collaboration with Johns Hopkins University, PI Prof. Yair Amir.