Securing the cloudDARPA building stronger cloud cyber defenses
Pentagon researchers are seeking to develop cloud-based computing networks that can remain operational even while under cyber attack; the Defense Advanced Research Projects Agency (DARPA), the Department of Defense’s advanced research department, is working on a project called Mission oriented Resilient Clouds (MRC) which aims to build resiliency into existing cloud networks to preserve “mission effectiveness” during a cyberattack; the project is still in its early phases of development
Locking down the cloud // Source: brianrowe.org
Pentagon researchers are seeking to develop cloud-based computing networks that can remain operational even while under cyber attack.
The Defense Advanced Research Projects Agency (DARPA), the Department of Defense’s advanced research department, is working on a project called Mission oriented Resilient Clouds (MRC) which aims to build resiliency into existing cloud networks to preserve “mission effectiveness” during a cyberattack.
MRC is part of DARPA’s broader cybersecurity efforts which include the Clean-slate design of Resilient, Adaptive, Secure Hosts (CRASH) program, a companion project to MRC. With CRASH researchers hope to increase security by limiting the vulnerabilities to the hosts of cloud-computing infrastructure.
In an announcement for MRC, Dave Mihelcic, the Defense Information Systems Agency’s CTO, said MRC will help the federal government’s decision to move to a “cloud-first policy.”
In December, Vivek Kundra, the chief information officer for the U.S. government, announced that federal agencies would be required to identify three existing systems that it could move to the cloud as well as considering cloud infrastructure for future projects.
The U.S. Army is already in the process of shifting several e-mail systems to a private cloud hosted by the Defense Information Systems Agency.
But before the U.S. military moves too far ahead with cloud based computing systems it wants to ensure that its sensitive and mission-critical data is not vulnerable to cyberattack.
“Today’s hosts, of course, are highly vulnerable, but even if the hosts within a cloud are reasonably secure, any residual vulnerability in the hosts will be amplified dramatically,” said an official DARPA statement. “DARPA believes that we must not only address host vulnerabilities but must also pursue clean-slate approaches to the design of networked computations and cloud-computing infrastructures.”
To help secure its networks, DARPA is exploring several defense mechanisms with MRC including redundant hosts, correlating attack information from across the ensemble, and providing for diversity across the network.
MRC is still in the early phases of development and DARPA has not revealed too much information about the program.
