The next step could be data-theft from cache memory on multicore systems within the server. These caches, or temporary memory, are shared between different virtual machines, presenting a theoretical risk. At the conference, Microsoft proposed a system that would create hierarchies within the cache memory. Such a system would serve as a kind of partition and could guard against cache attacks of this kind.
The IBM and Microsoft papers are representative of new research that’s important to the future of cloud computing because it points to ways of making fundamental cloud infrastructure more secure. “They are particularly good at fixing problems in the core, as opposed to just discussing the security of applications in the cloud,” such as e-mail, says Sion of the two companies. The proposed solutions could be ready for commercialization within a year, he added.
Also at the conference, combined research by PARC and Fujitsu pointed out other ways that clouds could help provide security. Specifically, clouds can provide convenient places to cheaply and easily do computing that helps diagnose and solve security threats.
For example, consider a scenario in which mobile devices start acting strangely, possibly because a virus is spreading via text messages or e-mails. A wireless carrier could aggregate data from these mobile phones and, in a cloud setting, analyze the problem and devise the best response. “All of that work is done outside the mobile device. It allows dramatic speed-up in how you can respond to threats,” says Markus Jakobsson, a principal scientist at PARC, in Palo Alto, CA.
“When people use the words ‘cloud’ and ‘security’ together–it is often with a frown. But we are saying it is a huge boon,” in enabling easy processing of security-related tasks, Jakobsson added. “If we don’t use it, we are missing out on something truly amazing.”