Diverse Infrastructure and Architecture for Datacenter and Cloud Resilience

Internet and web services have seen widespread adoption in recent years and are now tightly integrated into society's daily activities. An important emerging part of the Internet is clouds that provide low-cost configurable computing resources, allowing businesses to reduce their hardware, software, and personnel costs. Increasingly, enterprises now use such cloud resources to host web applications. While clouds provide an excellent business model, most existing public and private cloud infrastructures are based on monocultures that allow attackers to focus their efforts on a single hardware/software platform and facilitates the rapid spreading of successful attacks. In this invited paper, we describe a methodology and mech- anisms that make clouds and hosted applications considerably more resilient to attacks and correlated failures by introducing diversity at every level of the cloud: physical interconnect, network components, processor platforms, storage management, virtual machine monitors, operating systems, and application processes. Our goal is to defend against attacks by continuing to operate correctly even when part of the infrastructure fails and to substantially raise the difficulty of executing a successful attack by requiring the attacker to simultaneously target different hardware and software choices. Furthermore, by geographically spreading applications among different datacenters using diverse network connections (in service provider and access medium - wired vs. wireless), the cloud will be resilient against physical infrastructure attacks and large-scale disasters.