Diverse Infrastructure and Architecture for Datacenter and Cloud Resilience

James P. G. Sterbenz, Prasad Kulkarni
2013 2013 22nd International Conference on Computer Communication and Networks (ICCCN)  
Internet and web services have seen widespread adoption in recent years and are now tightly integrated into society's daily activities. An important emerging part of the Internet is clouds that provide low-cost configurable computing resources, allowing businesses to reduce their hardware, software, and personnel costs. Increasingly, enterprises now use such cloud resources to host web applications. While clouds provide an excellent business model, most existing public and private cloud
more » ... uctures are based on monocultures that allow attackers to focus their efforts on a single hardware/software platform and facilitates the rapid spreading of successful attacks. In this invited paper, we describe a methodology and mechanisms that make clouds and hosted applications considerably more resilient to attacks and correlated failures by introducing diversity at every level of the cloud: physical interconnect, network components, processor platforms, storage management, virtual machine monitors, operating systems, and application processes. Our goal is to defend against attacks by continuing to operate correctly even when part of the infrastructure fails and to substantially raise the difficulty of executing a successful attack by requiring the attacker to simultaneously target different hardware and software choices. Furthermore, by geographically spreading applications among different datacenters using diverse network connections (in service provider and access mediumwired vs. wireless), the cloud will be resilient against physical infrastructure attacks and large-scale disasters. Index Terms-datacenter cloud network, resilient survivable fault-tolerant, diverse agile, moving-target defence
doi:10.1109/icccn.2013.6614125 dblp:conf/icccn/SterbenzK13 fatcat:dkgxfbx6znbrlovx2o75fzaoge