Dismantling the monoculture one piece at a time

Dismantling the monoculture one piece at a time

Summary: Today, one of my students presented a paper in my graduate middleware class entitled Defense Enabling Using Advanced Middleware: An Example (PDF). The paper talks about various strategies for defending applications (rather than systems) from attack.

SHARE:
8

Today, one of my students presented a paper in my graduate middleware class entitled Defense Enabling Using Advanced Middleware: An Example (PDF). The paper talks about various strategies for defending applications (rather than systems) from attack. One of the strategies that I thought was interesting was "supporting diversity." This isn't an epidemiological warning about the dangers of using a single operating system. Rather, the authors have implemented a system called QuO that can, among other things, migrate an application from a system running one OS (say Windows XP) to a different OS (say Linux) when it senses an attack.

QuO is a research project, but it seems to me that as more and more systems are implemented in VMs that run on multiple operating systems, this strategy becomes increasingly practical. For example, you could imagine a cluster of jBoss servers running on XP, Linux and Solaris so that an attack on any single OS wouldn't shut down the entire system. I'm wondering if there are any examples of businesses doing this with critical applications right now. If you know of someone using this strategy, leave a comment and tell me about it.

Topic: Operating Systems

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

8 comments
Log in or register to join the discussion
  • Why stop there?

    Why stop at OS? Why not have a mix of different java app servers running (WebSphere, WebLogic, etc.)? Why not have different platform vendors (IBM, Dell, HP)? If diversity is good, then more diversity is better, right?

    I just think this fixation on monoculture is silly. To purposefully inject diversity into a computing environment is to accelerate the costs of support due to the need to have redundant resources for support. Most IT depts are already stretched on their budgets. We're always looking for ways to consolidate differences in our computing environment to minimize the need for varying skill sets and support options. It minimizes costs, maximizes resources, and makes us more efficient. And we're supposed to abandon that because we "might" avoid a security problem that "might" occur?

    Most businesses won't lay out money on security proper, so why would businesses lay out money for one of the lesser paybacks in the scheme of security?
    ejhonda
  • Building a good application server is hard enough

    It's hard enough to get an application running stable and efficient on a single platform, running it on three platforms is ludicrous.

    If the goal is to build a reliable system, the money far better spent on hardening a single platform.
    george_ou
    • Stick with what works

      [i]It's hard enough to get an application running stable and efficient on a single platform, running it on three platforms is ludicrous.[/i]

      I can understand not wanting to risk using AMD processors or Samsung memory, but what are you going to do when you can't buy Pentium Pro processors or the last Toshiba DRAMs are gone?
      Yagotta B. Kidding
      • Yagotta Getaclue

        First of all, no body uses Pentium Pro. Second, the newest 64 bit capable XEON is still fully downwards compatible with the original 8088. No one with any clue about computer architecture would suggest that a memory vendor can lock you in. Fourth, no body uses DRAM anymore. Fifth, there is nothing wrong with AMD processors and they are fully compatible with Intel even on 64 bit extensions.

        It's a bit disingenuous to compare running AMD vs. Intel to running one OS/application platform vs. another OS/Application platform because the latter is not compatible while the former is. Hardware can usually be swapped with zero OS/Application changes (at least in the commodity x86 world) because it?s like swapping out your shoes. Swapping OS and Applications is like a brain transplant.
        george_ou
        • That's the question, though, isn't it?

          [i]It's a bit disingenuous to compare running AMD vs. Intel to running one OS/application platform vs. another OS/Application platform because the latter is not compatible while the former is.[/i]

          There are enough questions about hardware compatibility that most corporate buyers still avoid AMD for that very reason. There are enough squinky software timing loops that DRAM (and, yes, DDR2 is still DRAM) differences can break some (admittedly bad) software.

          You're taking on faith that the hardware is interchangable because it's actually tested against well-defined specifications while [u]assuming[/u] that software is fundamentally different.

          However, there is a great deal of software written to POSIX standards that is, in fact, portable between wildly different systems such as Apple OSX, IBM mainframes running Linux, and IA32-based Solaris boxes. The difference is that the hardware and the POSIX software are actually designed and tested [b]as platforms[/b] against common specifications, not that there's anything fundamentally nonportable about software.

          Actually, the hardware is all synthesized from HDLs anyway, so it's basically software that just happens to compile to silicon.
          Yagotta B. Kidding
          • Comparing hardware variation to software variation is stupid

            Hardware on the x86 platform is about as interchangeable as you can get. There is not a single example of commercial software you can raise that won't run on an AMD system as it would an Intel system. Even 64 bit extensions on AMD are compatible with 64 bit extensions on the new Intel chips (Intel came second). As for DRAM timing differences, you're way off base in your understanding of the issue. DRAM timing differences would cause compatibility problems with some mother boards, so that is a hardware to hardware compatibility issue and not a hardware to software compatibility issue. Once a set of hardware is properly paired and once it is tested to run Windows or Linux and the major applications, it would be foolish to suggest that people must avoid AMD based systems because it might not run Windows, Linux, Oracle, or MSSQL correctly.

            It?s ludicrous to compare hardware variation to software variation to begin with. Comparing hardware incompatibilities between AMD and Intel to software incompatibilities between Linux and Windows is asinine. That would be like saying that the difference between an Asian human male and a European human male is about the same as the difference between a cat and a mouse.
            george_ou
  • makes sense but..

    It sounds like a whole lot of effort and work to pull this off.. I doubt it could be done for most applications.. I can see redundant firewalls from different vendors..
    segurajohn9
    • Multi-vender firewalls open you up even more

      Redundant firewalls from multiple vendors open you up to more vulnerabilities. Every firewall platform has vulnerabilities; this includes the top two platforms Nokia/Checkpoint and Cisco. It's like having two doors to defend instead of one. Because the biggest problem with security is that almost all organizations don't patch all known vulnerabilities, Monoculture is more secure because it's easier to deploy, harden, and patch a homogeneous platform.
      george_ou