Technology Review
IBM security tool searches for and destroys malicious code in the cloud.
Cloud computing presents inherent privacy dangers, because the cloud provider can see a customer's data and leased computational apparatus, known as "virtual machines." New research suggests that as long as the cloud can see things, it might as well check that its customers aren't running malicious code, new research suggests.
Researchers at IBM's Watson Research Center in Yorktown, NY, and IBM's Zurich Research lab have developed a system for cloud computing "introspection monitoring," in which elements of the cloud would act as a kind of virtual bouncer. They'd frisk virtual machines to check what operating systems they're using, whether they are running properly, and whether they contain malicious code, such as root-kits.
"It works by looking inside the virtual machine and trying to infer what it does. You don't want malicious clients to give you all kinds of malware in their virtual machines that you will run in the cloud," says Radu Sion, a computer scientist at Stony Brook University, who was not involved in the research. "Today the cloud does not offer privacy, so we might as well use the lack of privacy for introspection."
The work by IBM was one of several papers presented last Friday at the ACM Cloud Computing Security Workshop, a first-of-its-kind event. The paper extends earlier research on introspection to make it more applicable to cloud settings such as Amazon's EC2 service. "In clouds, the barrier to entry is lower, and the thing customers are most concerned about is their information. We want to make sure their information is handled in a manner consistent with their expectation of security and privacy," says J.R. Rao, senior manager for secure software and services for IBM.
One specific way that clouds could present hazards is if hackers figure out how to place their malicious virtual machines on the same physical servers as those of their victims, as recent research has shown is possible. Cloud providers use multiple data centers and many thousands of servers, so finding the right one could be a crucial first step to a cloud computing attack. (Earlier research has shown that hackers using a given operating system can steal data from other users of the same operating system, and that similar vulnerabilities can exist when operating systems share the same servers.)
Handhelds can access top-end PC games and other software remotely.
Cryptography solutions are far-off, but much can be done in the near term, says Whitfield Diffie.
Manufacturing in the United States is in trouble. That's bad news not just for the country's economy but for the future of innovation.
This document is part of the “How-To Guide for Most Common Measurements” centralized resource portal. This tutorial provides a detailed guide for measurement and device considerations to take temperature measurements using thermocouples. Get an introduction to thermocouples, which are inexpensive sensing devices widely used with PC-based data acquisition systems. Also review some specific thermocouple examples and learn how thermocouples work and ways to integrate them into a data acquisition measurement system.
View full PDF >
Listen to story > 
Our list of the 50 most innovative companies, including the following:
On Twitter
Become a Fan on Facebook
Subscribe to the Feed
mattgroom
290 Comments
curious
Isn't data mining of peoples information illegal...even if they press accept on your little waiver.
Im sure a court of law would rip up your paper and say youre on the wrong side of the line.
For one thing when you purchase a product and the receipt is data mined..your consent is given each time to that store for that information. Though personally i dont think it should be.. this should be illegal too.
When you are offered a service and are then scanned and data mined at will, whenever, that has to be a violation of a persons rights.
Id expect the people to be informed prior to any scanning each and everytime or id have cause for concern myself.
Reply