Icebergs in the Clouds: The Other Risks of Cloud Computing

Cloud computing is appealing from management and efficiency perspectives, but brings risks both known and unknown. Well-known and hotly-debated information security risks, due to software vulnerabilities, insider attacks, and side-channels for example, may be only the "tip of the iceberg." As diverse, independently developed cloud services share ever more fluidly and aggressively multiplexed hardware resource pools, unpredictable interactions between load-balancing and other reactive mechanisms could lead to dynamic instabilities or "meltdowns." Non-transparent layering structures, where alternative cloud services may appear independent but share deep, hidden resource dependencies, may create unexpected and potentially catastrophic failure correlations, reminiscent of financial industry crashes. Finally, cloud computing exacerbates already-difficult digital preservation challenges, because only the provider of a cloud-based application or service can archive a "live," functional copy of a cloud artifact and its data for long-term cultural preservation. This paper explores these largely unrecognized risks, making the case that we should study them before our socioeconomic fabric becomes inextricably dependent on a convenient but potentially unstable computing model.

[1]  Norman C. Hutchinson,et al.  Deciding when to forget in the Elephant file system , 1999, SOSP.

[2]  Deborah Estrin,et al.  Persistent route oscillations in inter-domain routing , 2000, Comput. Networks.

[3]  C MogulJeffrey Emergent (mis)behavior vs. complex software systems , 2006 .

[4]  Jeffrey C. Mogul,et al.  Emergent (mis)behavior vs. complex software systems , 2006, EuroSys.

[5]  Mark Handley,et al.  Improving datacenter performance and robustness with multipath TCP , 2011, SIGCOMM 2011.

[6]  P. Healy,et al.  Journal of Economic Perspectives—Volume 17, Number 2—Spring 2003—Pages 3–26 The Fall of Enron , 2022 .

[7]  Yin Zhang,et al.  R3: resilient routing reconfiguration , 2010, SIGCOMM '10.

[8]  Sean Quinlan,et al.  Venti: A New Approach to Archival Storage , 2002, FAST.

[9]  Mary Baker,et al.  The LOCKSS peer-to-peer digital preservation system , 2005, TOCS.

[10]  K. Palepu,et al.  Journal of Economic Perspectives—Volume 17, Number 2—Spring 2003—Pages 3–26 The Fall of Enron , 2022 .

[11]  P. McKenna Large Torsional Oscillations in Suspension Bridges Revisited: Fixing an Old Approximation , 1999 .

[12]  Eddie Kohler,et al.  Making information flow explicit in HiStar , 2006, OSDI '06.

[13]  W E Vesely,et al.  Fault Tree Handbook , 1987 .

[14]  Gordon T. Wilfong,et al.  The stable paths problem and interdomain routing , 2002, TNET.

[15]  Jennifer Rexford,et al.  NoHype: virtualized cloud infrastructure without the virtualization , 2010, ISCA.

[16]  Vanish Talwar,et al.  No "power" struggles: coordinated multi-level power management for the data center , 2008, ASPLOS.

[17]  Haibo Chen,et al.  CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization , 2011, SOSP.

[18]  T. Bedford,et al.  Probabilistic Risk Analysis: Foundations and Methods , 2001 .

[19]  John R. Garrett,et al.  Avoiding Technological Quicksand : Finding a Viable Technical Foundation for Digital Preservation , 2009 .

[20]  R. Scanlan,et al.  Resonance, Tacoma Narrows bridge failure, and undergraduate physics textbooks , 1991 .

[21]  Hakim Weatherspoon,et al.  The Xen-Blanket: virtualize once, run everywhere , 2012, EuroSys '12.

[22]  Mary Baker,et al.  Auditing to Keep Online Storage Services Honest , 2007, HotOS.

[23]  Jeff Rothenberg,et al.  Avoiding Technological Quicksand: Finding a Viable Technical Foundation for Digital Preservation. A Report to the Council on Library and Information Resources. , 1999 .

[24]  David Bearman Reality and Chimeras in the Preservation of Electronic Records , 1999, D Lib Mag..