DARPA funds MIT's self-healing cloud security

While the market for cloud computing continues to swell, doubts remain over the security of highly sensitive data.

Governments in the UK and US may have already launched cloud services for use by their state departments, but fears of catastrophic security breaches have not gone away.

With high-profile data breaches at companies such as Sony last year, there is a possibility that valuable information kept on the servers of government departments will become targets for both criminals and other states up to a bit of mischief.

However, cloud service providers are keen to express the safety of information and there is a lot vested in convincing users of adequate defences.

In the US, the Defense Advanced Research Projects Agency (DARPA) has been funding research at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) into making security in the cloud water-tight.

The researchers are now developing a system which would allow the cloud to identify and recover from an attack almost straight away.

According to the team, the “freedom and fluidity” of cloud services make it vulnerable to attack.  With attacks typically involving the shutdown of an entire infected system to stop a virus from spreading, the underlying infrastructure is often disabled until a full clean up is complete.

However, the researchers believe that they are able to develop a self-healing system that would be able to figure out the nature of an attack and then react accordingly, fixing it as it goes.

By drawing up a blueprint of how a cloud should typically function, the team hopes to automatically detect when something is out of place, allowing the system to react immediately.

At the moment, there is a lack of a full understanding as to how cloud computing infrastructure works. But by monitoring normal behavioural patterns it should be possible to create a better understanding of problems that can occur, rather than looking out for signatures of known viruses.

The team says that this would allow the cloud to “independently detect and recover from new attacks”, something that is not currently possible on cloud systems.   If this can be done then a cloud system should be able to survive an attack and continue operating “without a problem”.