1 / 12

Security in an Autonomic Computing Environment

Security in an Autonomic Computing Environment. Paper by: D. M. Chess, C. C. Palmer S. R. White Presentation by: Justin Moles. The problem. The main obstacle to further progress in IT industry Not a change in Moore’s law, but Looming software complexity crisis

nitza
Download Presentation

Security in an Autonomic Computing Environment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security in an Autonomic Computing Environment Paper by: D. M. Chess, C. C. Palmer S. R. White Presentation by: Justin Moles

  2. The problem • The main obstacle to further progress in IT industry • Not a change in Moore’s law, but • Looming software complexity crisis • Beyond admin single environments, to integration into intra- and inter-corporate computing systems “Complexity is the business we are in, and complexity is what limits us.”, Fred Brooks Jr. • Better programming won’t do it • Consider • ~1/3 to ½ of a company’s total IT budget goes to preventing and recovering from crashes • “For every dollar to purchase storage, you spend $9 to have someone manage it.”, N. Tabellion, CTO Fujitsu Softek • ~40% of computer outages are caused by operator errors • Average downtime impact for IT ~ $1.4 millions revenue/hour

  3. The answer/hope – Autonomic computing • Autonomic systems – can manage themselves given high-level objectives from admins. ~ autonomic nervous system • An autonomic system • Knows itself • Knows its environment & the context surrounding its activity • (Re) configure itself under varying and unpredictable conditions • Is always on the look to optimize its working • Is able to protect and heal itself • Anticipates the optimized resources needed to meet a user’s information needs • To incorporate these characteristics, it must have the following properties/features …

  4. Self-* properties • Self-configuration • Current: Data centers made of components from/for multiple vendors/platforms; installation, configuration & integration is time consuming & error prone • Autonomic: Automated based high-level policies, host system adjust itself automatically and seamlessly • Self-optimization • Current: Hundreds of manually set, nonlinear tuning knobs • Autonomic: Components and system continually seek optimization opportunities • Self-healing • Current: e.g. problem determination can take weeks • Autonomic: self detection, diagnosis, and repair for HW&SW • Self-protection • Current: Detection & recovery from attacks & cascading failures is manual • Autonomic: Self-defense using early warning to anticipate & prevent system-wide failures

  5. Autonomic Architecture • Combination of Autonomic Elements with Non-Autonomic Elements • Autonomic Management Units • Non-Autonomic Functional Units

  6. Autonomic Security Elements • High level security policies from System Admins • Functional security elements – encryption, decryption, monitoring, analysis etc. • Task and State Representations • Configuration security

  7. Issues Relevant in Autonomic Security • Every issue currently relevant in computer security will continue to be so • In addition new threats from autonomic elements will be added to the list • Viruses and worms could be adapted to use autonomic elements for reproduction • In addition the efficiency gained from autonomic elements can assist attackers as well as defenders

  8. Autonomic Information Control • Perhaps biggest issue for autonomic elements is informational control • Certain elements have access to certain information – no more and no less • Need to have a manageable interface to control this control is a key issue in computer security • Added to this is privacy laws that often differ by country

  9. Trust, Authorization, and Verification • With autonomic elements able to set configuration settings, verification of their authority in a complex environment becomes important. • Some elements will also be able to install new elements on their authority which will need to be checked for security • Doing this for multiple elements can add up in cost and needs to be controlled and understood to increase the efficiency of the process

  10. Example of Autonomic Security

  11. Other examples • Immune System – Antivirus software, antispyware software, and more rolled into one • Secure Distributed Storage – Information is spread across several well protected units across the world, able to retrieved on notice.

  12. Conclusion and My Opinion • Autonomic system will make security even more important than it is currently • However the potential exists for greater levels of security than before • Overall the paper is a “Vision” paper full of concepts with no data within it.

More Related