November 30, 2010
November 30, 2010 -- Researchers from North Carolina State University and IBM have invented a way to update computer systems packaged in virtual machines in a computer “cloud” – even when those programs are offline.
The new cloud computing patch tool developed by NC State and IBM is called Nuwa and protects virtual machines (VMs) from cyber-attacks by ensuring that they always receive important security upgrades. In addition, the researchers have determined that offline application of security patches is more than four times faster than online patch application. The tool is named after a Chinese goddess who patched a hole in the sky.
A paper describing the research, “Always Up-to-date – Scalable Offline Patching of VM Images in a Compute Cloud,” will be presented Dec. 10 at the Annual Computer Security Applications Conference in Austin, Texas.
“We’ve designed a way to patch these virtual machines while they are offline, so that they are kept up to date in terms of security protection,” says Dr. Peng Ning, professor of computer science at NC State and co-author of a paper describing the research. “Current patching systems are designed for computers that are online and they don’t work for dormant computers or virtual machines. The tool we developed automatically analyzes the ‘script’ that dictates how a security patch is installed, and then automatically re-writes the script to make it compatible with an offline system.”
Nuwa leverages a collection of techniques developed by IBM, called Mirage, that is used for performing efficient offline introspection and manipulation of a large collection of VM images, to allow cloud administrators to patch multiple VMs simultaneously. A program already exists that allows cloud computing systems to operate more efficiently by saving one version of a computer file that is used by multiple VMs – rather than saving the same file repeatedly for each individual VM. Nuwa takes advantage of this technology and, by patching one file, can ultimately protect all of the VMs that use that file.
NC State and IBM have successfully tested and evaluated Nuwa on the IBM Research Compute Cloud, a compute cloud that is used by IBM researchers worldwide.
Cloud computing enables users to create many VMs on one large computing platform, with each VM being able to perform various computer functions. It is so easy to create these VMs, that businesses and individuals will often create them to perform very specific tasks on a periodic basis. Because many of these VMs are used infrequently, they are often left dormant for extended periods of time, so that they are not consuming energy and computer resources when not in use.
These dormant periods pose a significant security problem, because VMs that are offline do not receive security upgrades, known as patches. This leaves the VMs vulnerable to cyber-attacks when they are brought back online. The VMs are particularly vulnerable if they have been left dormant for months, and missed significant patches.
The research collaboration was funded by the National Science Foundation and IBM. The lead author on the paper is Wu Zhou, a Ph.D. student at NC State. Co-authors are Ning; Xiaolan Zhang, Glenn Ammons and Vasanth Bala of the IBM T.J. Watson Research Center; and Ruowen Wang, a Ph.D. student at NC State.
NC State’s computer science department is part of the university’s College of Engineering.
Source: North Carolina State University
Frank Ding, engineering analysis & technical computing manager at Simpson Strong-Tie, discussed the advantages of utilizing the cloud for occasional scientific computing, identified the obstacles to doing so, and proposed workarounds to some of those obstacles.
The private industry least likely to adopt public cloud services for data storage are financial institutions. Holding the most sensitive and heavily-regulated of data types, personal financial information, banks and similar institutions are mostly moving towards private cloud services – and doing so at great cost.
In this week's hand-picked assortment, researchers explore the path to more energy-efficient cloud datacenters, investigate new frameworks and runtime environments that are compatible with Windows Azure, and design a uniﬁed programming model for diverse data-intensive cloud computing paradigms.
May 16, 2013 |
When it comes to cloud, long distances mean unacceptably high latencies. Researchers from the University of Bonn in Germany examined those latency issues of doing CFD modeling in the cloud by utilizing a common CFD and its utilization in HPC instance types including both CPU and GPU cores of Amazon EC2.
May 10, 2013 |
Australian visual effects company, Animal Logic, is considering a move to the public cloud.
May 10, 2013 |
Program provides cash awards up to $10,000 for the best open-source end-user applications deployed on 100G network.
May 08, 2013 |
For engineers looking to leverage high-performance computing, the accessibility of a cloud-based approach is a powerful draw, but there are costs that may not be readily apparent.
05/10/2013 | Cleversafe, Cray, DDN, NetApp, & Panasas | From Wall Street to Hollywood, drug discovery to homeland security, companies and organizations of all sizes and stripes are coming face to face with the challenges – and opportunities – afforded by Big Data. Before anyone can utilize these extraordinary data repositories, however, they must first harness and manage their data stores, and do so utilizing technologies that underscore affordability, security, and scalability.
04/02/2012 | AMD | Developers today are just beginning to explore the potential of heterogeneous computing, but the potential for this new paradigm is huge. This brief article reviews how the technology might impact a range of application development areas, including client experiences and cloud-based data management. As platforms like OpenCL continue to evolve, the benefits of heterogeneous computing will become even more accessible. Use this quick article to jump-start your own thinking on heterogeneous computing.