Attractive features and industry momentum make cloud computing inevitably destined to be the next dominant computing paradigm. However, moving critical data and computations onto the clouds presents potential risks neither widely recognized nor addressed by current research efforts. The EverCloud project is attempting to develop a highly resilient and practical cloud computing architecture which aims to address key risks.
First, clouds exacerbate information security risks from timing side-channels, which current security mechanisms cannot address without undermining the cloud business model. EverCloud introduces a timing information flow control (TIFC) model, which can limit timing channels despite fine-grained hardware resource multiplexing. TIFC works by labeling events in time separately from content such as messages or process sate, and offering primitives for rate-control and explicit declassification of information that might be leaked via timing channels.
Second, redundancy efforts in cloud services may build hardware/software infrastructures with unknown common dependencies, potentially leading to correlated failures and undermining redundancy. To address this pitfall, EverCloud explores methods of dependency collection and adapts fault tree analysis techniques to auditing cloud infrastructure.
Finally, clouds exacerbate digital preservation challenges, since no one but a cloud application's provider can archive a “working” copy of an application and its data. EverCloud enables any stakeholder, e.g., customer and librarian, to create and independently preserve fully-functional “snapshots” of cloud applications, while mitigating the computing, storage and bandwidth costs of preservation via proportionate cost-sharing among stakeholders.