icebergs in the clouds the other risks of cloud computing
play

Icebergs in the Clouds: the Other Risks of Cloud Computing Bryan - PowerPoint PPT Presentation

Mar 15, 2024 •243 likes •449 views

Icebergs in the Clouds: the Other Risks of Cloud Computing Bryan Ford Yale University http://dedis.cs.yale.edu/ USENIX HotCloud, June 12, 2012 Well-Known, Immediate Risks Traditional Information Security Security of data

  1. Icebergs in the Clouds: the Other Risks of Cloud Computing Bryan Ford Yale University http://dedis.cs.yale.edu/ USENIX HotCloud, June 12, 2012

  2. Well-Known, “Immediate” Risks ● Traditional Information Security – Security of data – Integrity of data, computation – Personal privacy – Malware defense – Availability, reliability – … ● Important, plenty more to be done, but not what this talk is about

  3. What risks might appear that we're not looking at yet/enough? Several potential risks... 1. Side-Channels Cloud key-dependent Acme Data, Inc. Host usage patterns Crypto (AES, RSA, ...) VMM Protection Eviltron watch memory Passive Attacker access timing

  4. Timing Channels The cloud exacerbates timing channel risks: 1.Routine co-residency 2.Massive parallelism 3.No intrusion alarms → hard to monitor/detect 4.Partitioning defenses defeat elasticity “ Determinating Timing Channels in Compute Clouds ” [CCSW '10]

  5. What risks might appear that we're not looking at yet/enough? Several potential risks... 1. Side-Channels 2. Reactive Stability Provider A (application provider) Load balancer Virtual Virtual feedback loop Server 1 Server 2 Power optimizer Provider B (infrastructure provider)

  6. Seen this before? BGP “dispute wheel” In the Cloud: ● uncoordinated ● providers want policies can loop max usage, profit → oversubscribe ● handle overloads A high → swap with peers? low Cloud dispute wheels? high D Credit default swaps? low low Speculation, bubbles? C B high

  7. Weather Forecast ● Cloudy with a chance of – Wild instabilities – Occasional collapses ● Accidents already happen – Mogul, “Emergent (mis)behavior…” [EuroSys'06] ● But cloud computing makes this risk systemic – Control theory might help given information – But incentives to keep algorithms secret → no one can analyze across providers!

  8. What risks might appear that we're not looking at yet/enough? Several potential risks... 1. Side-Channels 2. Reactive Stability 3. Cross-Layer Robustness 99.999% Cloud Application Provider A 99.9% 99.9% Cloud Storage Provider B Cloud Storage Provider C 99.9% Network Provider D

  9. Correlated Failures Already Happen ● Baltimore Howard Street Tunnel Fire of 2001 – Cut a bundle of fibre optic cables serving several major ISPs simultaneously – Risk wasn't apparent until train blew up

  10. What risks might appear that we're not looking at yet/enough? Several potential risks... 1. Side-Channels 2. Reactive Stability 3. Cross-Layer Robustness 4. The Always-Connected Assumption

  11. Ender's Game: the “Hive Mind” THEM US US Mother Nature

  12. A Disaster-Readiness Disaster ● The cloud model assumes “always-connected” – But in any disaster, connectedness is first to go ● Can't lookup “CPR instructions” on Wikipedia ● Can't find road out of town with Maps app ● Siri may be optional now, but for how long? – Can't launch “flashlight app” or “compass app” ● What happens to search/rescue drones without their ground-based logic, operators?

  13. What risks might appear that we're not looking at yet/enough? Several potential risks... 1. Side-Channels 2. Reactive Stability 3. Cross-Layer Robustness 4.The Always-Connected Assumption 5. Are We the Bad Guys?

  14. In 1000 years... Someone will still have a copy of:

  15. In 1000 years... Will anyone still have a usable “copy” of:

  16. Non-Preservability of the Cloud Conventional artifacts have a decentralized preservability property ● Book/music/video producers must make “complete copies” available to customers ● Customers can work together to preserve Cloud-based artifacts destroy this property ● No one but the app/service provider ever has code & data necessary to preserve history

  17. A Darker Digital Dark Age? Many culturally important artifacts are and will increasingly be cloud-based apps & services – But only the provider can preserve them, and usually have few/no incentives to – Does the Library of Congress, or anyone , have Google 1.0? Facebook 1.0? WoW 1.0? – What about the blogs, tweets, or email records of the next Homer/Newton/Marx/Einstein? Will cloud artifacts be the next “hole” in history?

  18. What risks might appear that we're not looking at yet/enough? At least five potential risks... 1. Side-Channels 2. Reactive Stability 3. Cross-Layer Robustness 4.The Always-Connected Assumption 5.Non-Preservability of the Cloud ...and no doubt not the end of the list!

  19. Conclusion What are the risks beyond information security? What could happen if we don't address them? What research should we do to address them? Bryan Ford – Yale DeDiS group http://dedis.cs.yale.edu

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CLOUD COMPUTING Overview of Use, Benefits, and Risks of Commercial Cloud Computing Commercial

CLOUD COMPUTING Overview of Use, Benefits, and Risks of Commercial Cloud Computing Commercial

CLOUD COMPUTING Overview of Use, Benefits, and Risks of Commercial Cloud Computing Commercial Cloud Computing PRESENTED TO HOUSE COMMITTEE ON GOVERNMENT TRANSPARENCY & OPERATION LEGISLATIVE BUDGET BOARD STAFF April 5, 2016 Statement of

373 views • 8 slides
Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste

Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste

Towards Supercloud Computing: User-Centric Security Management for Clouds of Clouds Marc Lacoste Orange Labs SEC2 ComPAS15 Workshop on Cloud Security Lille, June 30, 2015 Cloud Security Today Security = key concern in cloud adoption for the

2.73k views • 33 slides
Cloud Computing Jay Urbain, Ph.D. Credits: Michael Ambrust, et. al., Above the Clouds: A Berkley

Cloud Computing Jay Urbain, Ph.D. Credits: Michael Ambrust, et. al., Above the Clouds: A Berkley

Cloud Computing Jay Urbain, Ph.D. Credits: Michael Ambrust, et. al., Above the Clouds: A Berkley View of Cloud Computing . Hamilton, J. Cost of Power in Large-Scale Data Centers. November, 2008.

1.09k views • 47 slides
Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud

Security in Cloud Computing A survey of the unique challenges and risks inherent to the Cloud Computing model. Presented By: Marissa Hollingsworth Overview What is Cloud Computing? Unique Security Concerns in the Cloud

556 views • 34 slides
Cloud Computing: Issues and Risks BC Risk & Insurance Management Association April 18, 2012

Cloud Computing: Issues and Risks BC Risk & Insurance Management Association April 18, 2012

Cloud Computing: Issues and Risks BC Risk & Insurance Management Association April 18, 2012 David Spratley & Tamara Hunter The Plan introduction to cloud computing general issues and risks e-discovery cloud

448 views • 19 slides
Condos and Clouds Patterns in SaaS Applications Thinking about Cloud Computing by Looking at

Condos and Clouds Patterns in SaaS Applications Thinking about Cloud Computing by Looking at

Condos and Clouds Patterns in SaaS Applications Thinking about Cloud Computing by Looking at Condominiums Presenter Moderator Pat Helland Yannis Ioannidis Salesforce.com University of Athens Extended Version: Jan 2012 1 ACM Learning

675 views • 42 slides
Research in an Open Cloud Exchange CLOUD COMPUTING IS HAVING A DRAMATIC IMPACT On-demand

Research in an Open Cloud Exchange CLOUD COMPUTING IS HAVING A DRAMATIC IMPACT On-demand

Research in an Open Cloud Exchange CLOUD COMPUTING IS HAVING A DRAMATIC IMPACT On-demand access Economies of scale All compute/storage will move to the cloud? Todays IaaS clouds One company responsible for implementing and

1.11k views • 65 slides
Overview! Based!on!Above!the!Clouds:!A!Berkeley!View!of!Cloud!CompuBng,!2009! 2%

Overview! Based!on!Above!the!Clouds:!A!Berkeley!View!of!Cloud!CompuBng,!2009! 2%

! ! Cloud&Computing& ECPE!293A! Overview! Based!on!Above!the!Clouds:!A!Berkeley!View!of!Cloud!CompuBng,!2009! 2% Schedule& ! Tue,!Jan!21 st !What!is!Cloud!CompuBng?! ! ConBnuaBon!of!todays!discussion! ! Your%Homework:

940 views • 55 slides
Selected Topics in Cloud Computing Marko Vukoli Distributed Systems and Cloud Computing This

Selected Topics in Cloud Computing Marko Vukoli Distributed Systems and Cloud Computing This

Selected Topics in Cloud Computing Marko Vukoli Distributed Systems and Cloud Computing This part of the course Sample distributed systems that power clouds Amazon Dynamo Apache Cassandra Apache Zookeeper To complement HDFS,

961 views • 60 slides
cloud computing Ridwaan Boda Director | Technology, Media and Telecommunications Overview

cloud computing Ridwaan Boda Director | Technology, Media and Telecommunications Overview

cloud computing Ridwaan Boda Director | Technology, Media and Telecommunications Overview What is cloud computing? Types of cloud computing services Benefits of cloud computing Key risks associated with cloud computing

553 views • 37 slides
Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing Understanding: Distributed Application Design Resource Management Automation Virtualized Computing Environments High-performance Computing

1.02k views • 49 slides
StratoSphere Above the Clouds The Stratosphere Project * Explore the power of Cloud

StratoSphere Above the Clouds The Stratosphere Project * Explore the power of Cloud

Massively Parallel Analytics beyond Map/Reduce Stephan Ewen Fabian Hske Odej Kao Volker Markl Daniel Warneke StratoSphere Above the Clouds The Stratosphere Project * Explore the power of Cloud computing for Use Cases complex

493 views • 34 slides
On Computing the Minimal Generator Family for Concept Lattices and Icebergs e 1 , Petko Valtchev 1

On Computing the Minimal Generator Family for Concept Lattices and Icebergs e 1 , Petko Valtchev 1

On Computing the Minimal Generator Family for Concept Lattices and Icebergs e 1 , Petko Valtchev 1 , Mohamed H. Rouane 1 , and Robert Godin 2 Kamal Nehm 1 DIRO, Universit e de Montr eal, Montr eal (Qc), Canada 2 D epartement

275 views • 16 slides
Export Controls and Cloud Computing: Legal Risks Complying with ITAR, EAR and Sanctions Laws When

Export Controls and Cloud Computing: Legal Risks Complying with ITAR, EAR and Sanctions Laws When

Presenting a live 90-minute webinar with interactive Q&A Export Controls and Cloud Computing: Legal Risks Complying with ITAR, EAR and Sanctions Laws When Using Cloud Storage and Services TUESDAY, APRIL 2, 2013 1pm Eastern | 12pm

461 views • 42 slides
Overview Based on Above the Clouds: A Berkeley View of

Overview Based on Above the Clouds: A Berkeley View of

Cloud Computing ECPE 276 Overview Based on Above the Clouds: A Berkeley View of Cloud CompuBng, 2009 2 Schedule Tue, Jan 26 th

1.09k views • 56 slides
Q-Clouds: Managing Performance Interference Effects for QoS-Aware Clouds Ripal Nathuji Aman

Q-Clouds: Managing Performance Interference Effects for QoS-Aware Clouds Ripal Nathuji Aman

Q-Clouds: Managing Performance Interference Effects for QoS-Aware Clouds Ripal Nathuji Aman Kansal Alireza Ghaffarkhah Presented by Joshua Davis Motivation and Background Cloud computing Off load processing and storage Charged per

549 views • 28 slides
Broadband Expansion Grant Program FY 2018 Round 2 Broadband Expansion Grant Webinar Dennis

Broadband Expansion Grant Program FY 2018 Round 2 Broadband Expansion Grant Webinar Dennis

Broadband Expansion Grant Program FY 2018 Round 2 Broadband Expansion Grant Webinar Dennis Klaila & Jaron McCallum Public Service Commission of Wisconsin November 2017 Broadband Expansion Grant Program Purpose: To encourage the

419 views • 25 slides
Introduction to Cloud Computing Grid Computing Def combination of computer resources from

Introduction to Cloud Computing Grid Computing Def combination of computer resources from

Introduction to Cloud Computing Grid Computing Def combination of computer resources from multiple administrative domains applied to a common task* Core idea distributed parallel computation super virtual computer 2 *

1.06k views • 63 slides
The Platform as a Service Model for Networking Eric Keller, Jennifer Rexford Princeton

The Platform as a Service Model for Networking Eric Keller, Jennifer Rexford Princeton

The Platform as a Service Model for Networking Eric Keller, Jennifer Rexford Princeton University INM/WREN 2010 Hosted Infrastructures Shift towards hosted and shared infrastructures Cloud computing Benefits: Dynamically

437 views • 31 slides
Deploying Python Applications with httpd Jeff Trawick http://emptyhammock.com/ May 28, 2015

Deploying Python Applications with httpd Jeff Trawick http://emptyhammock.com/ May 28, 2015

Introduction Generalities 2.4. what Brass Tacks Configuration/deployment example For Further Study Deploying Python Applications with httpd Jeff Trawick http://emptyhammock.com/ May 28, 2015 TriPython Triangle Python Users Group

1.3k views • 93 slides
FIT Workshop Panel Dirk Kutscher Enter Network Slicing Current Problems Main problem:

FIT Workshop Panel Dirk Kutscher Enter Network Slicing Current Problems Main problem:

FIT Workshop Panel Dirk Kutscher Enter Network Slicing Current Problems Main problem: economic tussle between network operators and application service provider over-shadows technical discussion Google, Facebook etc. push TLS e2e, QUIC

506 views • 13 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper The cloud business model is growing at an unparalleled pace without any limit in sight In the future everything will be on the cloud

945 views • 65 slides
Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S.

Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S.

Using Digital Certificates to Establish Federated Trust chris.brown@enspier.com U.S. E-Authentication Interoperability Lab Engineer Agenda U.S. Federal E-Authentication Background Current State of PKI in E-Authentication Future of

675 views • 52 slides
INVESTMENT IN MENTAL HEALTH WELLNESS GRANT PROGRAM FOR CHILDREN AND YOUTH APPLICATION TECHNICAL

INVESTMENT IN MENTAL HEALTH WELLNESS GRANT PROGRAM FOR CHILDREN AND YOUTH APPLICATION TECHNICAL

INVESTMENT IN MENTAL HEALTH WELLNESS GRANT PROGRAM FOR CHILDREN AND YOUTH APPLICATION TECHNICAL ASSISTANCE WEBINAR DECEMBER 11, 2018 CALIFORNIA HEALTH FACILITIES FINANCING AUTHORITY 915 CAPITOL MALL, ROOM 435 SACRAMENTO, CA 95814 PHONE:

891 views • 51 slides

More recommend