Optimization research normally aims to improve the performance of computing systems—for example, making data transfer on a smart phone faster—but Professor Tian Lan of the Department of Electrical and Computer Engineering is applying optimization techniques to cyber security problems. And that, he says, is a new perspective.
Security is essential for all communications systems, thus the large number of people across the globe who work to improve it. The most common approach is to concentrate on solving one particular issue in the security system or to develop security solutions for only one component of a particular system. But Professor Lan studies novel techniques that provide an autonomous defense for the entire system by reorganizing and optimizing system resources in response to physical or cyber attacks.
“We’re investigating a wide range of solutions for both the commercial and government sectors to harden the security of these systems,” he states.
Working under a National Science Foundation grant and taking advantage of the strong community of faculty working on computer security at SEAS and GW, Professor Lan has been collaborating with his colleagues, Professors Suresh Subramaniam and Howie Huang, to develop algorithms that bake security into existing cloud services through resource optimization and pricing.
Most providers offer cloud computing services on a “one-size-fits-all” model that provides the same levels of availability and reliability—two major aspects of data security—to all customers. But the current levels may be inadequate for some customers who need greater availability or security and are willing to pay for it, or too expensive for customers who don’t need and don’t want to pay for the standard level of reliability and availability.
By constructing security models and developing algorithms to optimize resource allocation and pricing, Professor Lan and his colleagues expect to advance cloud computing security and provide more choice for customers. Once the team publishes its results, providers such as AT&T, Amazon, Google, and others would be free to use the algorithm in their data centers. For cloud customers, purchasing higher reliability and availability for their cloud applications would be only a checkbox away.
Under a separate grant with DARPA (Defense Advanced Research Projects Agency), Professor Lan is working with Advanced Communications Science (the lead contractor on the project) and colleagues at Princeton University on another computer security-related project, Mission-oriented and Resilient Cloud. That project aims to help the U.S. military plan and execute missions securely on the cloud. “I work on the algorithms that can help to translate mission models to configure data, automate resource planning, and optimize both mission effectiveness and security,” notes Professor Lan.