Looking to lock down government cloud-based resources in particular, researchers from the Intelligence Advance Research Projects Activity this week announced a program that will develop better technology to manage and secure Virtual Desktop Infrastructure environments.
The advanced research arm of the Office of the Director of National Intelligence rolled out the Virtuous User Environment (VirtUE) program which the agency says “is looking to use the federal government’s impending migration to commercial cloud-based IT infrastructures and the current explosion of new virtualization and operating system concepts to create and demonstrate a more secure interactive user computing environment than the government has had in the past or likely to have in the near future.”
Current security mitigations for virtualized computing environments are largely the same technologies and methods that have been used with mixed success for years on physical desktop workstations. Current computing environments run resident security agents that occupy the same OS memory space as the processes and/or people they seek to monitor. This enables crafty processes or users to disable these local security programs or interfere with their operation. Security logs from these now-suspect agents are forwarded en masse to centralized databases and security event and incident management systems where analytics and/or analysts try to detect rare events with incomplete data, hours to days after the actions have occurred, IARPA stated.
+More on Network World: Gartner Top 10 strategic technology trends you should know for 2017
The VirtUE program aims to improve this situation by demonstrating a more secure environment where the site is designed from the outset to respond to malicious actions with more nuanced protection options, IARPA wrote.
IARPA says it expects VirtUE development to go like this: In Phase 1, VirtUE seeks to deliver an interactive computing environment designed from the outset to be a more secure, capable sensor and defender in the cloud environment than the current government computer environment.
To be acceptable to potential government consumers, the new environment must still offer features and performance characteristics comparable to the current government environment. Phase 1 performers shall create a computer environment that mitigates the exploitation of legacy and cloud-based vulnerabilities and/or provides numerous logging and protection options for future external security logic to do so.
In Phase 2, performers shall take the technologies and/or concepts developed in Phase 1 and create novel external analytics and security controls that leverage them. The purpose of this analytics/control effort is to create dynamic detection and protection capabilities that make the VirtUE user environment more resistant to attacks expected in the commercial cloud while minimizing the costs associated with these capabilities, IARPA stated.
Check out these other hot stories: