Cloud Security is Top Priority for DARPA

Security in cloud computing has become a hot topic, after a number of banks across the United Sates have become victims of hacking. The project of shoring up these defenses is being handled by the Defense Advanced Research Projects Agency, which is a division of the DoD.

Another project DARPA has been a part of is the development of a means to make identity online more secure. Passwords are convenient, but have never really been a foolproof form of security – DARPA’s initiative involves trying to come up with a way for a computer to identify its user by his or her overall behavior.  As if that wasn’t a large enough monster to slay, they are now trying to tackle cloud computing issues.

The problem with cloud security is the number of clients that are involved – the security of the whole system is at the mercy of the least secure client, and this changes how the defenses need to be approached. Before, the idea had always been to build up a wall around data that needs to be secured – that was great until we moved the data to the cloud, where is can be accessed from so many different directions. Hackers just hop over or break through the shortest or weakest wall.

DARPA is hoping to implement a sort of community watch program in which security becomes a team effort – clients look after each other and lend defensive resources to one another to ward off attacks against weaker clients. The issue then however becomes about the protection of data from two groups – we don’t want to let hackers get into the community, but when security is being shared there needs to be a means of securing data from other cloud clients as well.

As the web becomes more interconnected, it is becoming more and more vital to see the Internet as its own world, and cloud computing as a series of individual systems operating within that world. This means that just as we all need to work together to protect the planet and individual communities therein, we also need to work together to protect ourselves online.