Skip to main content

Hey! You! Get Off Of My Cloud Computing!

This is not one of the clouds we're talking about.

Cloud computing is a buzzword among tech cognoscenti these days. Its proponents say that it can give people and institutions access to greater computer power than they could otherwise afford by running their programs in a collection of computers and servers located, well, somewhere else. But there are risks too – not least of which are malware. And the white hats are trying to come up with ways to defend your system faster than the black hats come up with ways to hack it.

Let’s start with virtualization, the concept that makes cloud computing work. Virtualization lets multiple users take advantage of common computer resources. Virtualization relies on a program called a hypervisor to manage its operations – creating multiple “virtual machines” (thus “virtualization”) that allow different users to operate in isolation even though they’re all using the same computer from a remote location. This concept is what cloud computing is all about.

But what happens if one person downloads a virus? Can it spread to the hypervisor and, ultimately, to everyone else using that hypervisor? Can hackers use the hypervisor to spread malware through the cloud, stealing information as they go? Those are security questions that have some people thinking second thoughts about embracing cloud computing.

And computer scientists are trying to tackle it. For a computer virus to infect a hypervisor, it has to run its own code in the system – and researchers have zeroed in on that to develop software which should protect cloud computing from catching the equivalent of the plague.

Dr. Xuxian Jiang and Zhi Wang, researchers at NC State University, have come up with a program that utilizes “non-bypassable memory lockdown” to bar the introduction of new code to the hypervisor. No new code = no virus in the hypervisor (unless the hypervisor administrator puts it in – but there’s no protecting against that). The team also incorporated restricted pointer indexing, which characterizes “normal” behavior by the hypervisor, and prevents deviations from that profile.

With any luck, this will keep the bad guys off of cloud nine – at least for a while.