Blog
The latest from Google Research
Google North American Faculty Summit - Day 1
viernes, 30 de julio de 2010
Posted by Úlfar Erlingsson, Manager, Security Research
Thursday, July 29 was the first day of the Google North American Faculty Summit, our sixth annual event bringing together Google engineers and subject matter experts with leading computer science faculty, mostly from North America but some from as far away as Japan and China. This year’s summit is focused on three topics: cloud computing, security and privacy, and social networking. It was these first two areas that we discussed yesterday, in a series of talks by Googlers, informal meetings and small round-table discussions.
After an introduction from Alfred Spector, Google’s VP of Research and Special Initiatives, we dove right into the technical talks, covering the “arms race” of malware detection, privacy and public policy, passwords and authentication, and operations and infrastructure security at large scale. I gave a talk on the changes that cloud computing brings to security, both challenges such as privacy and authentication, as well as opportunities for security improvements, which I wanted to summarize briefly below.
Cloud services have defined a new model for end-user cloud applications that are accessed via single-user devices or browsers. Unlike software on personal computers, or on time-shared servers, cloud applications execute logically on stateless clients accessing a substrate of redundant back-end servers. While a single client may execute multiple applications, those applications are typically isolated and communicate only via the cloud, thus eliminating local dependencies and simplifying device management. As well as being isolated and stateless, clients are also provisioned with software upon use, which makes any client pretty much the same as any other and facilitates transparent access from different locations and devices.
There are many clear security benefits that accrue from this cloud application software model. To start with, it eliminates much of the complex, error-prone management traditionally required for each client. Also, because clients and servers are replicated or stateless, security policies can be enforced using simple, conservative fail-stop mechanisms. Cloud applications are also highly dynamic, with new software versions easily deployed through client restart or rolling server upgrades. Not only does this greatly simplify deploying fixes to software vulnerabilities, it also allows for the possibility of deploying specialized software versions, with custom security aspects, to different clients and servers. Such software instrumentation could be used for many diverse security purposes, especially when combined with randomization: these include artificially-induced heterogeneity as well as the large-scale construction and enforcement of models for appropriate software behavior. In short, cloud applications help with basic, but hard-to-answer security questions such as: Am I running the right software? Or, is it known to be bad? Is it behaving maliciously, and can I recover if it is?
Following my talk, faculty attendees had a variety of insightful questions—as they did for all the presenters today. Roy Campbell, from University of Illinois at Urbana-Champaign, raised the issue of zero-day attacks, and how they might be handled and prevented. My response was that while it might be impossible to eliminate all security bugs, it is possible to get strong guarantees and higher assurance about fundamental software aspects. As an example, I mentioned the Native Client open source Google project that establishes strong, verifiable guarantees about the safety of low-level software. Another question raised was whether Multics-like protection rings were relevant to today's cloud computing applications. Although the mechanisms may not be the same as in Multics, my reply was that layered security and defense in depth are more important than ever, since cloud computing by necessity makes use of deep software stacks that extend from the client through multiple, nested back-end services.
On Friday’s agenda: the technical possibilities of the social web. We’ll be back with more highlights from the summit soon—stay tuned.
Etiquetas
accessibility
ACL
ACM
Acoustic Modeling
Adaptive Data Analysis
ads
adsense
adwords
Africa
AI
AI for Social Good
Algorithms
Android
Android Wear
API
App Engine
App Inventor
April Fools
Art
Audio
Augmented Reality
Australia
Automatic Speech Recognition
AutoML
Awards
BigQuery
Cantonese
Chemistry
China
Chrome
Cloud Computing
Collaboration
Compression
Computational Imaging
Computational Photography
Computer Science
Computer Vision
conference
conferences
Conservation
correlate
Course Builder
crowd-sourcing
CVPR
Data Center
Data Discovery
data science
datasets
Deep Learning
DeepDream
DeepMind
distributed systems
Diversity
Earth Engine
economics
Education
Electronic Commerce and Algorithms
electronics
EMEA
EMNLP
Encryption
entities
Entity Salience
Environment
Europe
Exacycle
Expander
Faculty Institute
Faculty Summit
Flu Trends
Fusion Tables
gamification
Gboard
Gmail
Google Accelerated Science
Google Books
Google Brain
Google Cloud Platform
Google Docs
Google Drive
Google Genomics
Google Maps
Google Photos
Google Play Apps
Google Science Fair
Google Sheets
Google Translate
Google Trips
Google Voice Search
Google+
Government
grants
Graph
Graph Mining
Hardware
HCI
Health
High Dynamic Range Imaging
ICCV
ICLR
ICML
ICSE
Image Annotation
Image Classification
Image Processing
Inbox
India
Information Retrieval
internationalization
Internet of Things
Interspeech
IPython
Journalism
jsm
jsm2011
K-12
Kaggle
KDD
Keyboard Input
Klingon
Korean
Labs
Linear Optimization
localization
Low-Light Photography
Machine Hearing
Machine Intelligence
Machine Learning
Machine Perception
Machine Translation
Magenta
MapReduce
market algorithms
Market Research
materials science
Mixed Reality
ML
ML Fairness
MOOC
Moore's Law
Multimodal Learning
NAACL
Natural Language Processing
Natural Language Understanding
Network Management
Networks
Neural Networks
NeurIPS
Nexus
Ngram
NIPS
NLP
On-device Learning
open source
operating systems
Optical Character Recognition
optimization
osdi
osdi10
patents
Peer Review
ph.d. fellowship
PhD Fellowship
PhotoScan
Physics
PiLab
Pixel
Policy
Professional Development
Proposals
Public Data Explorer
publication
Publications
Quantum AI
Quantum Computing
Recommender Systems
Reinforcement Learning
renewable energy
Research
Research Awards
resource optimization
Responsible AI
Robotics
schema.org
Search
search ads
Security and Privacy
Self-Supervised Learning
Semantic Models
Semi-supervised Learning
SIGCOMM
SIGMOD
Site Reliability Engineering
Social Networks
Software
Sound Search
Speech
Speech Recognition
statistics
Structured Data
Style Transfer
Supervised Learning
Systems
TensorBoard
TensorFlow
TPU
Translate
trends
TTS
TV
UI
University Relations
UNIX
Unsupervised Learning
User Experience
video
Video Analysis
Virtual Reality
Vision Research
Visiting Faculty
Visualization
VLDB
Voice Search
Wiki
wikipedia
WWW
Year in Review
YouTube
Archive
2022
may
abr
mar
feb
ene
2021
dic
nov
oct
sep
ago
jul
jun
may
abr
mar
feb
ene
2020
dic
nov
oct
sep
ago
jul
jun
may
abr
mar
feb
ene
2019
dic
nov
oct
sep
ago
jul
jun
may
abr
mar
feb
ene
2018
dic
nov
oct
sep
ago
jul
jun
may
abr
mar
feb
ene
2017
dic
nov
oct
sep
ago
jul
jun
may
abr
mar
feb
ene
2016
dic
nov
oct
sep
ago
jul
jun
may
abr
mar
feb
ene
2015
dic
nov
oct
sep
ago
jul
jun
may
abr
mar
feb
ene
2014
dic
nov
oct
sep
ago
jul
jun
may
abr
mar
feb
ene
2013
dic
nov
oct
sep
ago
jul
jun
may
abr
mar
feb
ene
2012
dic
oct
sep
ago
jul
jun
may
abr
mar
feb
ene
2011
dic
nov
sep
ago
jul
jun
may
abr
mar
feb
ene
2010
dic
nov
oct
sep
ago
jul
jun
may
abr
mar
feb
ene
2009
dic
nov
ago
jul
jun
may
abr
mar
feb
ene
2008
dic
nov
oct
sep
jul
may
abr
mar
feb
2007
oct
sep
ago
jul
jun
feb
2006
dic
nov
sep
ago
jul
jun
abr
mar
feb
Feed
Follow @googleai
Give us feedback in our
Product Forums
.
