As cloud computing gains in popularity, researchers from North Carolina State University and International Business Machines have found a way to make it more secure.
The researchers have created a way to update computer systems on virtual machines running the cloud, even when those programs are offline. Bringing offline patching, which is an important way to keep malware and viruses off computer systems, to the cloud will ensure it is safer, cheaper and more efficient said Dr. Peng Ning, professor of computer science at NC State and co-author of the paper describing the project.
Current patching systems are designed for computers that are online and they don't work for dormant computers or virtual machines. It takes some time to retrieve those patches, run them and install them. It can take up to an hour to bring them up to date. If you have an immediate need to use the virtual machine, the wait becomes too much. We wanted to find an alternative way to lower the delay and cost and get patching offline, Ning said.
After some initial challenges, the group used a technology by IBM called Mirage. The technology performs efficient offline introspection and a manipulation of a large collection of virtualization machine images. Essentially, it allows companies to patch multiple virtualization machines running a cloud systm simultaneously. The researchers found this would save companies running the cloud time and money, since every minute a system is patching on the cloud it is costly.
It's very efficient as it removes redundancies that exist across the system. With that patching system, we found the overall speed of the patching improves 40 times compared to doing it online, Ning said.
The group named the patching tool Nuwa, after the ancient Chinese goddess who patched the sky when the Gods were fighting. The research was funded by the National Science Foundation and IBM.