Title :
An architecture for a resilient cloud computing infrastructure
Author :
Baron, Joshua ; El Defrawy, Karim ; Nogin, Aleksey ; Ostrovsky, Rafail
Abstract :
This paper proposes an architecture for a resilient cloud computing infrastructure that provably maintains cloud functionality against persistent successful corruptions of cloud nodes. The architecture is composed of a self-healing software mechanism for the entire cloud, as well as hardware-assisted regeneration of compromised (or faulty) nodes from a pristine state. Such an architecture aims to secure critical distributed cloud computations well beyond the current state of the art by tolerating, in a seamless fashion, a continuous rate of successful corruptions up to certain corruption rate limit, e.g., 30% of all cloud nodes may be corrupted within a tunable window of time. The proposed architecture achieves these properties based on a principled separation of distributed task supervision from the computation of user-defined jobs. The task supervision and enduser communication are performed by a new software mechanism called the Control Operations Plane (COP), which builds a trustworthy and resilient, self-healing cloud computing infrastructure out of the underlying untrustworthy and faulty hosts. The COP leverages provably-secure cryptographic protocols that are efficient and robust in the presence of many corrupted participants - such a cloud regularly and unobtrusively refreshes itself by restoring COP nodes from a pristine state at regular intervals.
Keywords :
cloud computing; cryptographic protocols; fault tolerant computing; software architecture; COP; cloud functionality; cloud nodes; compromised nodes; control operations plane; corruption rate limit; critical distributed cloud computations; distributed task supervision; enduser communication; faulty nodes; hardware-assisted regeneration; principled separation; pristine state; provably-secure cryptographic protocols; resilient cloud computing infrastructure; self-healing cloud computing infrastructure; self-healing software mechanism; user-defined jobs; Cloud computing; Computational modeling; Computer architecture; Cryptography; Polynomials; Protocols; Cloud computing; proactive security; resilient computation; secure computation;
Conference_Titel :
Technologies for Homeland Security (HST), 2013 IEEE International Conference on
Conference_Location :
Waltham, MA
Print_ISBN :
978-1-4799-3963-3
DOI :
10.1109/THS.2013.6699036