Background

Attractive features and industry momentum make cloud computing inevitably destined to be the next dominant computing paradigm. However, moving critical data and computations onto the clouds presents potential risks neither widely recognized nor addressed by current research efforts. The EverCloud project is attempting to develop a highly resilient and practical cloud computing architecture which aims to address key risks.

First, clouds exacerbate information security risks from timing side-channels, which current security mechanisms cannot address without undermining the cloud business model. EverCloud introduces a timing information flow control (TIFC) model, which can limit timing channels despite fine-grained hardware resource multiplexing. TIFC works by labeling events in time separately from content such as messages or process sate, and offering primitives for rate-control and explicit declassification of information that might be leaked via timing channels.

Second, redundancy efforts in cloud services may build hardware/software infrastructures with unknown common dependencies, potentially leading to correlated failures and undermining redundancy. To address this pitfall, EverCloud explores methods of dependency collection and adapts fault tree analysis techniques to auditing cloud infrastructure.

Finally, clouds exacerbate digital preservation challenges, since no one but a cloud application's provider can archive a “working” copy of an application and its data. EverCloud enables any stakeholder, e.g., customer and librarian, to create and independently preserve fully-functional “snapshots” of cloud applications, while mitigating the computing, storage and bandwidth costs of preservation via proportionate cost-sharing among stakeholders.

A "Timing-Hardened Cloud"


Correlated Failures

Conference Publications

  • Deterministically Deterring Timing Attacks in Deterland, Weiyi Wu and Bryan Ford. TRIOS '15, October 4, 2015. Abstract PDF Slides: OpenOffice PDF
  • Heading Off Correlated Failures through Independence-as-a-Service, Ennan Zhai, Ruichuan Chen, David Isaac Wolinsky, and Bryan Ford. OSDI '14, October 7, 2014. Abstract PDF.

Technical Reports

  • Auditing the Structural Reliability of the Clouds, Ennan Zhai, David Isaac Wolinsky, Hongda Xiao, Hongqiang Liu,, Xueyuan Su, and Bryan Ford. YALEU/DCS/TR-1479, July 2013. PDF.

Workshop Publications

Acknowledgements

This material is based upon work supported by the National Science Foundation under grants CNS-1017206 and CNS-1149936.