DOCSLIB.ORG

UC Berkeley UC Berkeley Electronic Theses and Dissertations

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
UC Berkeley UC Berkeley Electronic Theses and Dissertations UC Berkeley UC Berkeley Electronic Theses and Dissertations Title Secure Computation Systems for Confidential Data Analysis Permalink https://escholarship.org/uc/item/66d99941 Author Poddar, Rishabh Publication Date 2020 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California Secure Computation Systems for Confidential Data Analysis by Rishabh Poddar A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor Raluca Ada Popa, Chair Professor Ion Stoica Professor Sylvia Ratnasamy Professor Deirdre Mulligan Fall 2020 Secure Computation Systems for Confidential Data Analysis Copyright 2020 by Rishabh Poddar 1 Abstract Secure Computation Systems for Confidential Data Analysis by Rishabh Poddar Doctor of Philosophy in Computer Science University of California, Berkeley Professor Raluca Ada Popa, Chair A large number of services today are built around processing data that is collected from or shared by customers. While such services are typically able to protect the data when it is in transit or in storage using standard encryption protocols, they are unable to extend this protection to the data when it is being processed, making it vulnerable to breaches. This not only threatens data confidentiality in existing services, it also prevents customers from availing such services altogether for sensitive workloads, in that they are unwilling / unable to share their data out of privacy concerns, regulatory hurdles, or business competition. Existing solutions to this problem are unable to meet the requirements of advanced data analysis applications. Systems that are efficient do not provide strong enough security guarantees, and approaches with stronger security are often not efficient. To address this problem, the work in this dissertation develops new systems and protocols for securely computing on encrypted data, that attempt to bridge the gap between security and efficiency. We distill design principles based on the properties of the two primary approaches for secure computation—advanced cryptographic protocols and trusted execution environments. Informed by these principles, we design novel cryptographic protocols and algorithms with strong and provable security guarantees, using which we show how to build systems that are both secure and efficient. i To my family. ii Contents Contents ii List of Figuresv List of Tables viii 1 Introduction1 1.1 Motivation....................................... 1 1.2 Approaches for Secure Computation......................... 2 1.3 Building Systems using Secure Computation..................... 3 1.4 Impact and Adoption ................................. 5 1.5 Dissertation Roadmap................................. 5 2 Building Secure and Practical Data Systems6 2.1 Trusted Execution Environments........................... 6 2.2 Cryptographic Approaches.............................. 7 2.3 Challenges and Design Strategy ........................... 8 3 Database Queries on Encrypted Data 11 3.1 Introduction...................................... 11 3.2 Overview ....................................... 14 3.3 Encryption Building Blocks.............................. 18 3.4 ArxRange & Order-based Queries.......................... 18 3.5 ArxEq & Equality Queries.............................. 23 3.6 ArxAgg & Aggregation Queries........................... 25 3.7 ArxJoin & Join Queries ............................... 26 3.8 Arx’s Planner ..................................... 28 3.9 Security Analysis................................... 30 3.10 Evaluation....................................... 32 3.11 Limitations and Future Work............................. 40 3.12 Related Work ..................................... 40 3.13 Summary ....................................... 42 iii 4 Collaborative SQL Analytics on Encrypted Data 43 4.1 Introduction...................................... 43 4.2 Senate’s API...................................... 47 4.3 Threat Model and Security Guarantees........................ 48 4.4 Senate’s MPC Decomposition Protocol........................ 49 4.5 Senate’s Circuit Primitives .............................. 57 4.6 Decomposable Circuits for SQL Operators...................... 60 4.7 Query Execution ................................... 62 4.8 Evaluation....................................... 67 4.9 Limitations and Discussion.............................. 74 4.10 Related work ..................................... 75 4.11 Summary ....................................... 76 5 Analyzing Encrypted Network Traffic 77 5.1 Introduction...................................... 77 5.2 Model and Threat Model ............................... 80 5.3 SafeBricks: End-to-end Architecture......................... 81 5.4 Background...................................... 83 5.5 SafeBricks: Framework Design............................ 84 5.6 SafeBricks: NF Isolation, Least Privilege....................... 88 5.7 SafeBricks: System Bootstrap Protocol........................ 91 5.8 Security Guarantees.................................. 94 5.9 Evaluation....................................... 95 5.10 Limitations and Future Work.............................100 5.11 Related Work .....................................101 5.12 Summary .......................................102 6 Encrypted Video Analytics and Machine Learning 103 6.1 Introduction......................................103 6.2 Background and Motivation..............................106 6.3 Threat Model and Security Guarantees........................108 6.4 A Privacy-Preserving MLaaS Framework ......................110 6.5 Designing Oblivious Vision Modules.........................114 6.6 Oblivious Video Decoding ..............................116 6.7 Oblivious Image Processing..............................120 6.8 Evaluation.......................................125 6.9 Discussion.......................................133 6.10 Related Work .....................................133 6.11 Summary .......................................134 7 Collaborative Machine Learning on Encrypted Data 136 7.1 Introduction......................................136 iv 7.2 Overview .......................................137 7.3 Threat Model and Security Guarantees........................138 7.4 System Design.....................................139 7.5 Data-oblivious training and inference.........................141 7.6 Implementation....................................144 7.7 Evaluation.......................................144 7.8 Conclusion ......................................145 8 Conclusion 147 8.1 Future Directions ...................................148 Bibliography 149 A Joins over Multisets in Senate 175 B Invertibility of SQL Operators in Senate 176 C Security Proofs and Pseudocode for Visor 178 C.1 Oblivious video decoding...............................178 C.2 Oblivious image processing..............................181 D Impact of Video Encoder Padding on Visor 190 D.1 Inter-prediction for interframes............................190 v List of Figures 1.1 Classification of the systems we built, by computation scenario and the secure computa- tion approach used by the system. ............................ 3 3.1 Arx’s architecture: Shaded boxes depict components introduced by Arx. Locks indicate that sensitive data at the component is encrypted. .................... 14 3.2 ArxRange example. Enc is encryption with BASE..................... 19 3.3 Search token tree...................................... 24 3.4 ArxEq read throughput with increasing no. of duplicates. ................ 35 3.5 ArxEq write throughput with increasing no. of duplicates................. 35 3.6 YCSB throughput for different workloads......................... 36 3.7 ArxRange latency of reads and writes. .......................... 37 3.8 ArxRange throughput, with and without caching...................... 37 3.9 ShareLaTeX performance with Arx’s client proxy on varying cores .......... 38 3.10 ShareLaTeX performance with increasing no. of client threads ............. 38 4.1 Overview of Senate’s workflow. ............................. 44 4.2 Query execution in the baseline (monolithic MPC) vs. Senate (decomposed MPC). s represent a filtering operation, and on is a join. Green boxes with locks denote MPC operations; white boxes denote plaintext computation. X represents additional verification operations added by Senate. ......................... 45 4.3 Query execution in Senate. Colored keys and locks indicate which parties are involved in which MPC circuits................................... 63 4.4 Performance of m-SI in LAN................................ 67 4.5 Performance of m-Sort in LAN. ............................. 68 4.6 Performance of m-SU in LAN............................... 68 4.7 Resource consumption of building blocks (16 parties)................... 69 4.8 Building blocks in WAN.................................. 69 4.9 Query 1 with 16 parties................................... 69 4.10 Query 2 with 16 parties................................... 70 4.11 Query 3 with 16 parties................................... 70 4.12 Effect of query splitting on runtime. ........................... 70 4.13 Network usage. ...................................... 71 vi 4.14 Queries in WAN. ..................................... 71 4.15 Senate’s performance on TPC-H queries.......................... 72 4.16
Load more

Recommended publications
  • ENCE360: Operating Systems Course Outline
    ENCE360: Operating Systems Course Outline This course is an introduction to operating systems: Operating systems are a special type of software that sits between the hardware and other software applications. They function to manage various computer resources, and to provide a convenient interface to the users. This course emphasises system calls (which provide an interface between the operating system and applications) and examples of operating systems. Lecture Topic Reading Laboratory Topic Introduction to Operating Systems MOS: Ch 1 C Revision Processes and Threads MOS: Ch 2 Scheduling (processes/threads) Threads, Processes Inter-process Communicatioin (pipes/sockets) MOS: pgs 43-45, 733-734 Concurrency Pipes, Files, Signals Input/Output MOS: Ch 5 Files and Directories MOS: Ch.4 Sockets LAB TEST 1 MID SEMESTER BREAK Memory Management - Caches MOS: Ch 3, 7.8 labs on OS examples, including Memory Management - Virtual Memory MOS: Sect 3.3 Xv6 (simple teaching OS) Virtualisation Distributed Systems Operating System Examples include: Windows, Linux, Android, macOS/iOS, real-time operating systems Assignment due Staff for Operating Systems Course Supervisor & Lecturer Dr Richard Green [email protected] Lecturer: Prof Mark Claypool [email protected] Tutor Gordon Beintmann [email protected] Laboratories There are two Labs begin the first week of term scheduled lab streams. For lab times and locations, check www.canterbury.ac.nz/tt All labs will be held in the department Self-allocate your lab via labs in the Erskine https://mytimetable.canterbury.ac.nz building. /aplus/apstudent Each student should If you hit any snags, email attend one 2-hour [email protected] lab each week.
    [Show full text]
  • Certified Systems Matrix 12C Release 3 (12.3.2.0.0) E59961-07 July 2016
    Oracle® Enterprise Manager Ops Center Certified Systems Matrix 12c Release 3 (12.3.2.0.0) E59961-07 July 2016 This guide lists the certified systems for Oracle Enterprise Manager Ops Center. The following topics are covered in this document: · Base Operating Systems · Base Browsers · Base Databases · Base Oracle Clusterware for High Availability · Target Operating Systems · Target Servers · Target Non-Server Hardware · Target Virtualization · Target Engineered Systems · Supported Technology Base Operating Systems This section describes the supported operating systems for the Enterprise Controller and Proxy Controller. Enterprise Controller Operating Systems This table lists the supported operating systems for the Enterprise Controller. Table 1-1 Enterprise Controller Operating Systems Enterprise Controller Operating Systems Certification Platform Version Minimum Update Level and Comments Oracle Solaris NA NA Oracle Solaris SPARC 10 Embedded Database: 1/13 Customer-Managed Database: 9/10 through 1/13 1 Table 1-1 (Cont.) Enterprise Controller Operating Systems Certification Platform Version Minimum Update Level and Comments Oracle Solaris SPARC 11 Embedded Database: 11.1 SRU 14.5 through 11.3 Customer-Managed Database: 11.0 SRU 10 through 11.3 Oracle Solaris 11 Express is not supported. Oracle Solaris SPARC 10 Embedded Database: 1/13 Local Zone Customer-Managed Database: 9/10 through 1/13 Oracle Solaris SPARC 11 Embedded Database: 11.1 SRU 14.5 through Local Zone 11.3 Customer-Managed Database: 11.0 SRU 10 through 11.3 Oracle Solaris 11 Express is not supported. Oracle VM Server for 10 Embedded Database: 1/13 SPARC Customer-Managed Database: 9/10 through 1/13 Oracle VM Server for 11 Embedded Database: 11.1 SRU 14.5 through SPARC 11.3 Customer-Managed Database: 11.0 SRU 10 through 11.3 Oracle Solaris 11 Express is not supported.
    [Show full text]
  • A Framework for Visual Modular Design of Educational Operating System
    A Framework for Visual Modular Design of Educational Operating System Naeem Al-Oudat Communications and Computer Engineering Department, Tafila Technical University, Jordan [email protected] Abstract— Operating systems are a vital part in most • Memory manager. Utilizing the RAM and its computing systems. However, learning basic concepts of extensions in an efficient way is the role of this operating systems are hard for normal students although they component. are necessary and important. State of the art in teaching • File system. The main job of this component is to operating systems depends on studying existing open source operating systems like Linux, hacking teaching operating abstract the way of dealing with data and storing it in systems like Xv6, or using simulators. Difficulties of learning a permanent media as a hard disk. still there in these methods, since they require a great deal of Designing an environment where learners can work and system programming techniques. In this paper, we propose a design the above basic components of an operating system novel direction in learning operating systems that is solely without getting into the complicated details is an urgent need dependent on visually building the operating system. By using in today’s university classes of software systems. This this method, we mitigated the complexity of going into system simplicity should not make the whole process as a programming details. The development platform consists of key simulation/emulation-like design. A good option would be building blocks that a user can drag and drop into a working using pre-programmed components. The learner can select panel to build his own operating system.
    [Show full text]
  • The Development of Unix
    The development of Unix ∗ By Kasper Edwards Departmnent of Technology and Social Sciences, Technical University of Denmark Building 303 East, room 150, 2800 Lyngby, Denmark. (email: [email protected]) ABSTRACT This paper tells the story of the development of the Unix time sharing system. The development at AT&T and the MULTICS roots are uncovered. The events are presented in chronological order from 1969 to 1995. The Berkeley Software Distribution (BSD) are presented as well as the Free Software Foundation and other. Note: This is a working paper. Short sections of text, no more than two paragraphs may be quoted without permission provided that full credit is given to the source. Copyright © 2000-2001 by Kasper Edwards, all rights reserved. Comments are welcome to [email protected]. ∗ I would like to thank Keld Jørn Simmonsen, Ass. Prof. Jørgen Lindgaard Pedersen of the Technical University of Denmark and Ass. Prof. Jørgen Steensgaard for helpful comments and suggestions on earlier drafts on this paper. I assume full responsibility for any remaining vulnerabilities. Page 1 of 31 1.1 Introduction This thesis about Linux, however Linux is called a Unix clone in the sense that it looks like, and are designed on the same principles as Unix. Both Unix and Linux are POSIX (Portable Operating System Interface) compliant (described in paragraph 3.29). In short POSIX describes the Unix user interface, i.e. commands and their syntax. Some Unix’es are certified POSIX compliant but no one have yet been willing to pay a third party company to test the POSIX compliance of Linux.
    [Show full text]
  • Secure Computation Systems for Confidential Data Analysis By
    Secure Computation Systems for Confidential Data Analysis by Rishabh Poddar A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor Raluca Ada Popa, Chair Professor Ion Stoica Professor Sylvia Ratnasamy Professor Deirdre Mulligan Fall 2020 Secure Computation Systems for Confidential Data Analysis Copyright 2020 by Rishabh Poddar 1 Abstract Secure Computation Systems for Confidential Data Analysis by Rishabh Poddar Doctor of Philosophy in Computer Science University of California, Berkeley Professor Raluca Ada Popa, Chair A large number of services today are built around processing data that is collected from or shared by customers. While such services are typically able to protect the data when it is in transit or in storage using standard encryption protocols, they are unable to extend this protection to the data when it is being processed, making it vulnerable to breaches. This not only threatens data confidentiality in existing services, it also prevents customers from availing such services altogether for sensitive workloads, in that they are unwilling / unable to share their data out of privacy concerns, regulatory hurdles, or business competition. Existing solutions to this problem are unable to meet the requirements of advanced data analysis applications. Systems that are efficient do not provide strong enough security guarantees, and approaches with stronger security are often not efficient. To address this problem, the work in this dissertation develops new systems and protocols for securely computing on encrypted data, that attempt to bridge the gap between security and efficiency.
    [Show full text]
  • Chromebook Xe500c13 Download Apps Android Apps on Chrome OS
    chromebook xe500c13 download apps Android apps on Chrome OS. In 2016, the Google Play Store was brought to Chrome OS, allowing the same apps that run on phones and tablets to run on Chromebooks without compromising their speed, simplicity or security. Because Chromebooks run a full version of the Android framework, your app is most likely running on Chrome OS devices today! That means devs can take their single Android APK and scale it to work on any Chrome OS device, allowing for even more immersive and engaging experiences on devices with bigger screens. There are a few differences between phones and Chrome OS devices (and other larger screen form-factors) that can add challenges and opportunities for different experiences such as: Larger landscape-first screens x86 architecture devices Free form windows and resizing Keyboard, mice, & trackpads as first class input methods. To jump in to how you can start building Android apps for Chrome OS, learn more here. Read below for more information on resources we have and topics to keep in mind. Where do I start? Publishing your app for Chrome OS devices can seem challenging or confusing, but it is the same APK that you ship for phones and tablets. For more information check out our resources on publishing through the Play Store for Chrome OS including optimizing for x86 if you use the NDK. Chrome OS allows your app to bring new experiences and patterns to your users, but it does come with some challenges. Read what is involved to optimize your app or check out a blog post ⁠ for more information on what your app on Chrome OS and other larger screen devices involves.
    [Show full text]
  • A Bibliography of Books and Articles About UNIX and UNIX Programming
    A Bibliography of Books and Articles about UNIX and UNIX Programming Nelson H. F. Beebe University of Utah Department of Mathematics, 110 LCB 155 S 1400 E RM 233 Salt Lake City, UT 84112-0090 USA Tel: +1 801 581 5254 FAX: +1 801 581 4148 E-mail: [email protected], [email protected], [email protected] (Internet) WWW URL: http://www.math.utah.edu/~beebe/ 02 July 2021 Version 4.44 Abstract General UNIX texts [AL92a, AL95a, AL95b, AA86, AS93b, Ari92, Bou90a, Chr83a, Chr88, CR94, Cof90, Coh94, Dun91a, Gar91, Gt92a, Gt92b, This bibliography records books and historical Hah93, Hah94a, HA90, Hol92, KL94, LY93, publications about the UNIX operating sys- LR89a, LL83a, MM83a, Mik89, MBL89, tem, and UNIX programming tools. It mostly NS92, NH91, POLo93, PM87, RRF90, excludes networks and network programming, RRF93, RRH94, Rus91, Sob89, Sob91, which are treated in a separate bibliography, Sob95, Sou92, TY82b, Tim93, Top90a, internet.bib. This bibliography was started Top90b, Val92b, SSC93, WMP92] from material in postings to the sunflash list, volume 46, number 17, October 1992, and volume 57, number 29, September 1993, by Samuel Ko (e-mail: [email protected]), and then significantly extended by the present Catalogs and book lists author. Entry commentaries are largely due to S. Ko. [O'R93, Spu92, Wri93] 1 2 Communications software History [Cam87, dC87, dG93, Gia90] [?, ?, Cat91, RT74, RT79a] Compilers Linux [DS88, JL78, Joh79, JL87a, LS79, LMB92, [BBD+96, BF97, HP+95, Kir95a, Kir95b, MB90, SF85] PR96b, Sob97, SU94b, SU95, SUM95, TGB95, TG96, VRJ95,
    [Show full text]
  • UNIX Programmer's Manual: Fourth Edition
    - UNIX PROGRAMMER’S MANUAL Fourth Edition K. Thompson D. M. Ritchie November,1973 Copyright © 1972, 1973 Bell Telephone Laboratories, Inc. No part of this document may be reproduced, or distributed outside the Laboratories, without the written permission of Bell Telephone Laboratories. - Copyright © 1972, 1973 Bell Telephone Laboratories, Incorporated This manual was set by a Graphic Systems photo- typesetter drivenbythe troff formatting program op- erating under the UNIX system. The text of the manu- al was prepared using the ed text editor. - PREFACE to the Fourth Edition In the months since the last appearance of this manual, manychanges have occurred both in the system it- self and in the way it is used. The most important changes result from a complete rewrite of the UNIX sys- tem in the C language. There have also been substantial changes in much of the system software. It is these changes, of course, which mandated the newedition of this manual. The number of UNIX installations is nowabove 20, and manymore are expected. None of these has exactly the same complement of hardware or software. Therefore, at anyparticular installation, it is quite possible that this manual will give inappropriate information. In particular, the information in this manual applies only to UNIX systems whichoperate under the C language versions of the system. Installations which use older versions of UNIX will find earlier editions of this manual more appropriate to their situation. Even in installations which have the latest versions of the operating system, not all the software and other facilities mentioned herein will be available. For example, the typesetter,voice response unit, and voice synthesizer are hardly universally available devices; also, some of the UNIX software has not been released for use outside the Bell System.
    [Show full text]
  • Bash Scripting Conditional Constructs (1/3)
    The Shelx Tuesday Seminars: Shell Scripting with the Bash Tim Grüne January 11th, 2005 History of UNIX shells Year Shell Author Properties 1974 sh Steven Bourne, Bell Labs first shell; no history, no command line editing 1978 csh Bill Joy, Berkeley history, “built-ins”; C–language expression syntax 1983 ksh David Korn superset of sh with features from csh ≈ 1988 bash Chat Ramey et al. The “Bourne Again SHell”: much extended sh 1990 zsh Paul Falstad combines features of bash, ksh, and tcsh. Has the reputation of being too configurable and powerful. Most shells resemble the original Bourne sh syntax, apart from csh and its descendant tcsh. This means, a script compliant with sh can be run with bash, ksh, or zsh, but not with (t)csh. Therefore the use of csh is deprecated. Bash is licensed under GPL, i.e. it is supported and distributed by the Free Software Foundation. This is one of the reasons why bash is popular among Linux distributions. The Bash 1 Introduction What is a shell? (1/3) A shell is a command line interpreter: it allows the user to enter commands at a command prompt and process its results. It provides facilities to greatly enhance working with common UNIX utility programs. Example: Interpretation of the asterisk (*) A directory contains three PNG-files: image1.png, image2.png, and image3.png. The command display *.png is expanded by the shell to display image1.png image2.png image3.png This is an example of filename expansion. Without a shell one would have to type each filename explicitly.
    [Show full text]
  • Chapter 10 Case Study 1: LINUX
    MODERN OPERATING SYSTEMS Third Edition ANDREW S. TANENBAUM Chapter 10 Case Study 1: LINUX Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639 History of UNIX and Linux • UNICS • PDP-11 UNIX • Portable UNIX • Berkeley UNIX • Standard UNIX • MINIX • Linux Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639 UNIX/Linux Goals • Designed by programmers, for programmers • Designed to be: • Simple • Elegant • Consistent • Powerful • Flexible Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639 Interfaces to Linux Figure 10-1. The layers in a Linux system. Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639 Linux Utility Programs (1) Categories of utility programs: • File and directory manipulation commands. • Filters. • Program development tools, such as editors and compilers. • Text processing. • System administration. • Miscellaneous. Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639 Linux Utility Programs (2) Figure 10-2. A few of the common Linux utility programs required by POSIX. Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639 Kernel Structure Figure 10-3. Structure of the Linux kernel Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639 Processes in Linux Figure 10-4. Process creation in Linux. Tanenbaum, Modern Operating Systems 3 e, (c) 2008 Prentice-Hall, Inc. All rights reserved. 0-13-6006639 Signals in Linux (1) Figure 10-5.
    [Show full text]
  • Minix 3 Sobre Arquitectura
    Proyecto de Sistemas Informáticos. Curso 2008-2009. MINIX 3 SOBRE ARQUITECTURA ARM Componentes del grupo: J. Adrián Bravo Navarro Héctor Cortiguera Herrera Jorge Quintás Rodríguez Directores del proyecto: Luis Piñuel Moreno Manuel Prieto Matías Facultad de Informática. Universidad Complutense de Madrid. Prefacio En este trabajo detallamos el proceso de desarrollo de un port del sistema operativo Minix 3 a arquitectura ARM. Para una mejor comprensión de este proceso, es necesario introducir al lector en una serie de conceptos. Por ello, en primer lugar introducimos Minix 3 y realizamos un análisis de sus aspectos más importantes. A continuación, exponemos las características más relevan- tes de la arquitectura ARM, comparándola con la arquitectura x86 en algunos puntos relevantes para nuestro trabajo. En las secciones siguientes mostramos la relevancia del proyecto, enumeramos los objetivos iniciales y el estado fi- nal que ha alcanzado el desarrollo. Posteriormente describimos en detalle los entresijos de la implementación, centrándonos en los aspectos más relevantes. Debido a su importancia, a continuación se dedica una sección para introducir al lector en el entorno de desarrollo que hemos utilizado, sus componentes y su utilidad, ya que este entorno es un componente crucial del proceso de imple- mentación, y su configuración no es un asunto trivial. Finalmente, exponemos las dificultades con las que nos hemos encontrado en la realización del proyec- to, así como el alcance final del mismo y las lineas de trabajo futuro que quedan abiertas. Palabras clave ARM, Minix 3, sistemas operativos, system on chip, SoC, microkernel, ker- nel, dispositivo empotrado. Abstract In this work we detail the developing process of porting the Minix 3 opera- ting system to ARM architecture.
    [Show full text]
  • Mos: an Architecture for Extreme-Scale Operating Systems
    mOS: An Architecture for Extreme-Scale Operating Systems Robert W. Wisniewskiy Todd Ingletty Pardo Keppely Ravi Murtyy Rolf Rieseny Linux R , or more specifically, the Linux API, plays a key 1. INTRODUCTION role in HPC computing. Even for extreme-scale computing, As the system software community moves forward to ex- a known and familiar API is required for production ma- ascale computing and beyond, there is the oft debated ques- chines. However, an off-the-shelf Linux distribution faces tion of how revolutionary versus how evolutionary the soft- challenges at extreme scale. To date, two approaches have ware needs to be. Over the last half decade, researchers been used to address the challenges of providing an operat- have pushed in one direction or the other. We contend that ing system (OS) at extreme scale. In the Full-Weight Kernel both directions are valid and needed simultaneously. Throw- (FWK) approach, an OS, typically Linux, forms the starting ing out all current software environments and starting over point, and work is undertaken to remove features from the would be untenable from an application perspective. Yet, environment so that it will scale up across more cores and there are significant challenges getting to exascale and be- out across a large cluster. A Light-Weight Kernel (LWK) yond, so revolutionary approaches are needed. Thus, we approach often starts with a new kernel and work is under- need to simultaneously allow the evolutionary path, i.e., in taken to add functionality to provide a familiar API, typi- the OS context, a Linux API, to coexist with revolutionary cally Linux.
    [Show full text]