What Does the US Military Want from Cloud Computing?
Polytetraflouroethylene or PTFE was an exotic substance accidentally invented by DuPont chemist Dr. Roy Plunkett in 1938. In spite of its less-than-ordinary origins, PTFE was found to have some extraordinary properties – high heat resistance, high corrosion resistance and the lowest coefficient of friction of any substance yet manufactured. At the height of WWII, its composition was a closely guarded secret, but today we know it as Teflon.
The reason behind this anecdote is to demonstrate the close relation between science and the military. After all, many of the greatest advances in science, whether in the field of arms, locomotion, medicine or computing, have occurred under military supervision. The Internet, GPS, jet aircraft – all these were developed for military purposes before finding civilian applications. In this context, it is only expected that the military will play an active role in the next major development in computational science – cloud computing.
(Defense Advanced Research Projects Agency), the research arm of the Department of Defense (DoD) and the same people who developed the Internet, have decided to get their hands dirty and rectify some of the current security shortcomings of cloud computing. As it explained, their interest lies in protecting military systems from cyber attacks over the cloud.
While DARPA already has a program to ensure security of network hosts, imaginatively named Clean-slate design of Resilient, Adaptive, Secure Hosts or CRASH, DARPA wants to enhance network security with a project called Mission-oriented Resilient Clouds (MRC).
DARPA had issued the following statement in this regard:
“Cloud computing infrastructures, in particular, tightly integrate large numbers of hosts using high speed interconnection fabrics that can serve to propagate attacks even more rapidly than conventional networked systems. Today’s hosts, of course, are highly vulnerable, but even if the hosts within a cloud are reasonably secure, any residual vulnerability in the hosts will be amplified dramatically. DARPA believes that we must not only address host vulnerabilities but must also pursue clean-slate approaches to the design of networked computations and cloud-computing infrastructures.”
This program will support federal CIO Vivek Kundra’s cloud-first policy, which is “accelerating DoD toward cloud computing and shared enterprise service,” said Dave Mihelcic, the Defense Information Systems Agency’s CTO. As per this policy, federal agencies are required to identify three existing systems that could move to the cloud and favorably consider the cloud computing option when developing new projects (See: The Architect of the Official Cloud Computing Revolution – CIO Vivek Kundra).
This is not the first time that the US military has dabbled in cloud computing. Late last year, NATO had tied up with IBM to improve information-sharing among member states using cloud-based solutions (See: NATO set to rule the cloud with IBM’s help). It is no secret that cloud computing does suffer from security issues, issues that the industry is actively trying to address (See: Can the RSA Conference Help Dispel Cloud Computing Security Fears?).
Considering that the DoD network is attacked 250,000 times every hour, as announced by Gen. Keith Alexander, NSA director and commander of the US Cyber Command, DARPA’s interest in a more secure cloud is understandable. And as with many other military innovations that have found civilian use, perhaps the general cloud computing industry will benefit from DARPA’s research.
Read More – Security Whitepaper Library
By Sourya Biswas