Secure cloud computing is offering efficiency, security, and cost benefits for the defense industry, as well as to warfighters.
The ability to amass information in one place and distribute it to many devices is a huge benefit to large organizations, such as the U.S. Department of Defense (DOD), as well as to the companies that supply DOD products. Nevertheless, military and aerospace is moving forward on cloud computing at a slow pace, despite the benefits it can provide.
The issue is that cloud computing also constitutes a huge change, and brings several concerns. Cloud computing, or the act of using a database to store information or even virtual machines, while enabling access from authorized users, has been on the minds of many military officials for a long time. There always have been issues with cloud computing, primarily security and infrastructure concerns, but the military and aerospace industry has begun implementing the cloud more and more.
|Satellites such as the GeoEye-2 gather information and share it on cloud networks, enabling widespread dissemination of data.|
Traditional storage vs. the cloud
"There have been issues with people carrying sensitive information around on things like laptops and mobile devices that have traditional operating systems that are known to be vulnerable," says Robert Day, vice president of LynuxWorks Inc. in San Jose, Calif. "The problem is that laptop and mobile devices aren't seen as secure, but data centers are seen as secure."
Without cloud computing, all the officials who need access to certain information need to have that information on their own devices. This means dozens, even hundreds, of devices that contain sensitive information. Having that many devices with important information means there are more ways to attack; just one device needs to be stolen to gain access to sensitive data. It's a monumental task to provide adequate security on just one device, let alone hundreds.
The traditional approach of data storage cause security issues, and access issues. The ability to classify data with different authorization levels is not included on every device; nobody who is cleared only for Secret may access a device that has Top Secret information. This means using different computers for different information, which is inefficient. "You could have a data center that's the secret data center, one for top secret, and one for classified," Day says.
Cloud computing solves the problem of information access easily, because this approach allows each user to access only certain information, based on the user's access classification. Cloud computing also helps solve the security problem.
With cloud computing, sensitive information is in only one location: the data center. Cloud computing offers greater security for information by gathering it all in one location and allowing only temporary access. It poses a different security concern, however. "All the information is there," Day explains, "so if someone does attack it, they have access to everything. We're relying on network protection mechanisms around the data centers."
Cloud computing in the field
The U.S. Army is one of the leading customers for cloud computing infrastructure and software, not only on the back end of the system, but also the front lines to support soldiers with C4ISR and situational awareness. "They're looking for an IT tool, something that lets them seamlessly connect all their endpoints that are gathering data that makes it very easy for them to manage and process that data at a secure location," says Christine Van De Graaf, senior product strategy manager at Lilee Systems in Santa Clara, Calif. "It's about improving intelligence."
Cloud computing on the battlefield is very different from cloud computing in secure locations. The devices must be rugged and secure, and data has to be delivered in real time.
Many challenges face cloud computing on the front lines. "There's the remoteness, infrastructure, topology, and then encryption," Van De Graff explains. Even the environment causes problems. "If it's in an area where there's a lot of rainfall or dust storms, it does get more challenging because that can sometimes interfere with WiFi signals."
The solution is creating the right systems that can deal with the challenges of their environment. "It's integrated systems that have application control and communications control. In those communication controls, there's lots of software-defined radio and modems, and each usually has an antenna of its own," Van De Graff says. "The modems themselves have to be very ruggedized. They're going to be in an area where there's a high probability of contamination. They have to be able to survive shock and vibration because they're probably not going to be staying in one area. They're going to be moving."
Vehicles will be a major focus of cloud computing, providing a safe way to get the network to the field and acting as a living part of the network. "On a tank, the tool would collect video and intelligence data, but also monitor fuel usage, maintenance requirements for the vehicle, where the vehicle is, or vital statistics on the personnel in that vehicle," Van De Graff says.
Cloud computing is being used to obtain a clearer picture of the battlefield. "If soldiers are in the field and need the latest mapping, they'll be able to download data quickly and securely to a mobile smart device and even send data back to the cloud," Van De Graff says.
|With cloud computing, soldiers on the front lines can access the information they need from military networks by using rugged mobile devices.|
Cloud for industry users
Military and government organizations aren't the only ones who benefit from cloud computing. Contractors have been adopting the cloud for many reasons. "Generally speaking, the use of manufacturing in the cloud is a new thing," says Ali Shadman, senior vice president of global upgrades and business cloud at Infor in New York. "In the past few years, the infrastructures around networking and the Internet that these platforms run on is now viable to run applications on a cloud."
For industry customers, the cloud provides benefits by offering easy scaling and collaboration. "Being able to have flexible capacity lets you follow the trend of the market," says Shadman. "If a customer has a new contract and wants to step up their operation, they would need to purchase more infrastructure. If they had to downsize, they would have equipment taking up floorspace. That investment is spent more efficiently where you can dial up or dial down capacity depending on the load of your environment. Cloud gives you the ability to dial up or dial down, and it's much cheaper than buying hardware and software." Companies can purchase cloud services rather than buy the hardware and software, enabling them to expand and contract without having excess or deficit hardware.
|Rugged mobile servers, like the one above from Next Computing, bring the cloud out into the field.|
Cloud computing often is seen as a huge security risk or a huge security boon. With so much sensitive information in one location, it is easy to focus your defense there, but attackers will try even harder to gain access. "Opening up sensitive information on the cloud is very scary," says LynuxWorks' Day. "My thought is you're just moving the problem to having the data in one place instead of a hundred places. I think cloud is okay if you have security that isn't relying on current network security. As soon as you start seeing all the new attacks that are coming out, you realize that these network protections aren't working right now."
Malware comes in all shapes and sizes, and even the most secure locations have been accessed by malware due to one common security flaw systems have: People use them. "Malware doesn't necessarily need to come into the system over the Internet," Day explains. "A very easy way to get a virus from an outside place into an inside network is to have a person do it." Stuxnet, the famous worm that got into the Iranian nuclear program and damaged centrifuges, originally entered because of an infected memory stick that was ultimately attached to a computer that was related to its target.
Network defenses are common, and military and aerospace organizations are among the most security conscious of all, but there are issues even with current cyber security programs. "They have all manner of network protection things, from UTMs to malware detection, firewalls, that sort of standard network-protection stuff," Day says. "The problem is they tend to be responsive. Most of the network protection relies on you seeing it before. If the malware attack is specifically looking for your corporation, this sort of network protection won't work."
There are programs out there designed to prevent these types of attacks, such as malware analysis devices. "There are malware analysis devices that essentially execute malware that runs through the network," Day explains. "Not based on signature, but based on executing the code and stopping it before it is used in the system." The issue is that malware analysis devices tend to remove many false positives, which can cause problems to an organization that is relying on cloud computing. "There is definitely room for improvement," Day says.
|Data centers are required to store the data on a cloud network. Instead of storing files on local computers, cloud networks enable users to use thin clients that only access information from the cloud.|
The future of cloud computing
With so much potential, but also so many risks, the military and aerospace industry has been approaching cloud computing cautiously. The benefits of a successfully implemented cloud architecture are clear, but due to the security challenges, infrastructure changes, and current budget environment, the change is happening slowly.
"Generally speaking, the cloud architecture is going to dominate, no matter what industry you're in," says Infor's Shadman.
Amazon Web Services 206-266-7180
Engineered Software 800-786-8545
Lilee Systems 408-988-8672
Red Hat 919-754-3700