The February 2011 Federal Cloud Computing Strategy released by the U.S. Chief Information Officer reinforces the United States Government’s plans to move information technology away from traditional workstations and toward cloud computing environments. Where compelling incentives to do this exist, security implications of concentrating sensitive data and computation into computing clouds have yet to be fully addressed. The perimeter defense focus of traditional security solutions is not sufficient to secure existing enclaves. It could be further marginalized in cloud environments where there is a huge concentration of homogeneous hosts on high-speed networks without internal checks, and with implicit trust among hosts within those limited perimeter defenses.
The Mission-oriented Resilient Clouds (MRC) program aims to address some of these security challenges by developing technologies to detect, diagnose and respond to attacks in the cloud; effectively building a ‘community health system’ for the cloud. MRC also seeks technologies to enable cloud applications and infrastructure to continue functioning while under attack.
To achieve these goals the program will research development of innate distributed cloud defenses, construction of shared situational awareness and dynamic trust models, and introduction of manageable and taskable diversity into an otherwise homogeneous cloud, as well as development of mission aware adaptive networking technologies. MRC also aspires to develop resource allocation and optimization techniques that orchestrate interactions between components that maximize effectiveness while accounting for potential risk from perceived threats.
Preliminary results have already shown the utility of Nash bargaining techniques to rapidly adjust resource allocations while preserving critical mission expectations. The program hopes to produce new libraries for scalable, high-performance disruption-tolerant computation; new adaptive networking protocols and new techniques to detect, isolate and respond to intrusions in cloud computing environments.
You are now leaving the DARPA.mil website that is under the control and
management of DARPA. The appearance of hyperlinks does not constitute
endorsement by DARPA of non-U.S. Government sites or the information,
products, or services contained therein. Although DARPA may or may not
use these sites as additional distribution channels for Department of
Defense information, it does not exercise editorial control over all of
the information that you may find at these locations. Such links are
provided consistent with the stated purpose of this website.
After reading this message, click to continue