Bet you never thought that AI would have tremendous applications to the field of computer security. AI’s challenge: Someone logs into your network or multi-user system using Dave’s userid and password. Can your computer be sure that it’s Dave logging in, and not someone who’s borrowed his password or cracked the system’s security measures? Can your computer be sure that Dave is not preparing to perform malicious activities?

First let’s verify that it’s really Dave who logged in. Over the past several years, computer-security researchers at SRI, Mitre, and other organizations (including the U.S. government) have learned that individuals have distinctive system-usage signatures. Data that can make up that signature include the name (or type) of programs executed, the method of changing system directories, the login time, and session length. Let’s say that Dave normally uses the mainframe during business hours to read e-mail. One Saturday night around 2:00 a.m., he logs in, scans the system read-only directories, and then attempts to rewrite the master password file. There’s a good chance your system’s been infiltrated.

That’s a simple scenario, of course. Programmers, who perform a wide variety of computer activities at all hours of the day and night, are more difficult to validate than 9-to-5 data-entry clerks. On an academic network, you’ll frequently need to recalculate your baseline models for each user as his or her expertise grows. The computer is vulnerable if hackers break into a new user’s account before there’s enough data to train the neural net properly or construct the model. Still, studies show that if the operating system is gathering the proper data, AI techniques can be applied in this area.

Expert systems can be applied to the second problem, trying to detect if Dave (or the intruder using Dave’s account) is misbehaving. A network monitoring tool can. see what commands Dave is issuing (like changes to other user’s files, or altering permission flags for various files). If the knowledge base contains data on known ways of hacking superuser privileges or crashing the system, it can watch for that type of activity. If Dave issues the first two commands in a dangerous three-command sequence, the expert system could alert the systems operator, flash a warning on Dave’s screen (“What are you doing, Dave?”), or even lock his account out of the system.

Perhaps you’re thinking that Big Brother is watching. You’re right. Instead of Orwellian thought police monitoring your private conversations, you might soon have AI software watching your every keystroke. Given today’s business realities, we might as well get used to that unpleasant idea.

I wrote the above essay in June 1994 and recently stumbled across it. Eighteen years later, it’s still relevant.

The temperature is rising, at least when it comes to developing and deploying in the cloud. In a survey of SD Times subscribers, 44.0% said that they are currently using the cloud to build or test applications, or to deploy applications. Another 24.9% said that they are not currently using the cloud, but expect to within the next year.

Breaking that down, of those who say that they are using the cloud, 26.0% say they have already built or tested several applications using the cloud and 22.8% are building their first application. Almost all of the remaining respondents say they are studying the issue; a very few plan to use the cloud only for deployment, not for development.

On the deployment side, of those who say they are using the cloud, 19.6% say they have deployed several applications into the cloud; 11.0% have deployed one application; 13.5% are developing productions applications but haven’t deployed them yet, and 11.7% are creating pilots or prototypes. Most of the rest are studying the issue, but a few plan to use the cloud only for development, not for deployment.

That’s a lot of cloud – higher, frankly, than I expected. Digging deeper into the data shows that when it comes to the cloud, adoption is moving fast, driven not only by the financial benefits of cloud computing, but for technical reasons as well.

The survey, conducted in May, was completed by 425 subscribers to SD Times and News on Monday. Most of the respondents are enterprise software development managers. One of the questions asked for the reasons why the respondent (or his company) is deploying applications to the cloud.

Of those who indicated that they are or will be using the cloud, the top 15 reasons are:

Scalability 58.5%
Long-term operating cost savings 48.7%
Reducing/eliminating capital costs 41.1%
Improve access to applications 35.6%
Ease of deployment 33.5%

Freedom from upgrades and hardware upgrades 26.9%
Simpler capacity planning 26.2%
All users are on the same version 24.0%
Shortened development cycle 23.3%

Improve application integration 23.3%
Short-term operating cost savings 22.9%
Better application performance 19.6%
Reduced need for power/cooling 19.3%
Spread costs out over time 18.9%

You can see the mix of technical and financial benefits – which points to the long-term viability of the cloud. It’s not simply another buzzword.

Of course, when someone talks about the cloud for developing or deploying applications, there’s some ambiguity. Some cloud service providers offer a straight-up hosting environment for virtual machines, where you’re renting little more than storage, CPU time and bandwidth. With others, you are getting a full-on development environment, customized for highly distributed applications.

Are you developing or testing in the cloud? Are you deploying in the cloud? If so, what are your top reasons?