This story originally appeared on the Texas Science Web site.
The future of the Internet could look like this: The bulk of the world’s computing is outsourced to “the cloud” — to massive data centers that house tens or even hundreds of thousands of computers. Rather than doing most of the heavy lifting themselves, our PCs, laptops, tablets and smart phones act like terminals, remotely accessing data centers through the Internet while conserving their processing juice for tasks like rendering HD video and generating concert-quality sound.
What needs to be figured out for this cloud-based future to emerge are three big things. One is how the computers within these data centers should talk to each other. Another is how the data centers should talk to each other within a super-secure cloud core. The third is how the cloud should talk to everyone else, including the big Internet service providers, the local ISPs and the end-of-the-line users (i.e. us).
This last channel, in particular, interests Michael Walfish, an assistant professor of computer science and one of the principal investigators of the NEBULA Project, which was awarded $7.5 million by the National Science Foundation to develop an architecture for making the Internet more cloud-friendly. If we’re going to be trusting so much of our computing lives to the cloud, he believes, we need to develop a more secure model for how information travels.
“A sender should be able to determine the path that information packets should take,” Walfish said. “A receiver should not have to accept traffic that she does not want. An intermediate provider should be able to know where the packet’s been and should be able to exercise its policies about the downstream provider that’s going to handle the flow next.”
Walfish’s system for providing such capacities, which he’s developing with colleagues at Stanford, the Stevens Institute of Technology and University of California-Berkeley, is called ICING. It’s a set of protocols that allow every packet of information not only to plot out a path from beginning to end, choosing every provider along the way, but also to establish a chain of provenance as it goes that proves, to both the intermediaries and the final recipients, that it came from where it said it was coming from.
“What we do is take a packet, a unit of data, and we add some fields to the head of the packet,” Walfish said, who in 2009 won an Air Force Young Investigator Award for work related to ICING.
“These fields contain enough cryptographic information to be able to communicate to every realm along the way, and back to the sender, where the packet’s been. So when a packet shows up, I know where it’s been. I know whether it obeys the policies of everyone along the path. That property does not exist today.”
The advantages of such knowledge, Walfish said, should be considerable. Senders, for instance, could contract with intermediate providers for a kind of expressway through the Internet. Recipients would have an easier time sorting their incoming traffic into different levels of priority depending on the routes the packets took.
Perhaps the greatest advantage of adopting a system like ICING, Walfish said, would come in the area of security. Targets of various kinds of Internet attacks, like denial-of-service attacks, would be able to sever traffic from their attackers faster and with much greater precision. Governments would be able to set up channels of communication that pass through only well-vetted and highly-trusted service providers. Internet security companies could, from anywhere in the world, inspect your traffic for viruses.
“Right now, there are ways to deal with attackers, but they’re crude, and they’re reactive,” said Walfish. Once the traffic enters the victim’s network link, you’re hosed. All you can do is shut it all down. It would be like if you had a huge line of people coming into your office, not letting you get work done. You could kick them all out, but you still wouldn’t get any work done because you’d spend all your time kicking them out. What you really need is for them to not show up in the first place.”
Resources for People
[...] This post was mentioned on Twitter by Yuly Stevsky, DAVID L JOHNSON and Cloud Models, Domain-inventory.com. Domain-inventory.com said: Securing the cloud - http://www.utexas.edu/know/2011/01/20/cloud_computing/ [...]
I too agree. Company's will continue to consolidate systems in efforts of being cost-centric. The cost of doing busines is rising. It's as clear as an led sign relentlesly capturing its audiences attention. Currently where I work we have consolidated everything but the heavy i/o databases into our cloud. It has saved our company thousands of dollars in electricity, hardware, and after hours support.
Thanks for this great article. I really enjoyed it.
Its like you read my mind! You seem to know so much about this, like you wrote the book in it or something. I think that you can do with a few pics to drive the message home a bit, but other than that, this is great blog. An excellent read. I'll definitely be back. parfum
51. What i don't realize is in fact how you're no longer really a lot more smartly-favored than you may be right now. You're very intelligent. You realize therefore considerably relating to this topic, made me in my view consider it from a lot of various angles. Its like men and women don't seem to be fascinated until it is something to accomplish with Lady gaga! Your individual stuffs excellent. Always take care of it up!
Very insightful article, not the typical fluff piece that we always see nowadays. The writing was very concise and had loads of useful info. Thanks a lot for sharing this. I Will be coming back pretty soon to learn more !
It’s onerous to seek out educated individuals on this subject, but you sound like you recognize what you’re talking about! Thanks
muy informativo post relacionado de este problema yo espero volver a contemplar comunicado tan educativo como este. muchas gracias
Michael I wish you all the best for your research. Cloud Computing is the Future of Internet and no one can disagree with it. As an entrepreneur i totally relay on Cloud and I personally think it needs more security. Make it Safe.
+1 It’s onerous to seek out educated individuals on this subject, but you sound like you recognize what you’re talking about! Thanks