The Design and Application of an Extensible Operating System

Total Page:16

File Type:pdf, Size:1020Kb

The Design and Application of an Extensible Operating System THE DESIGN AND APPLICATION OF AN EXTENSIBLE OPERATING SYSTEM Leendert van Doorn VRIJE UNIVERSITEIT THE DESIGN AND APPLICATION OF AN EXTENSIBLE OPERATING SYSTEM ACADEMISCH PROEFSCHRIFT ter verkrijging van de graad van doctor aan de Vrije Universiteit te Amsterdam, op gezag van de rector magnificus prof.dr. T. Sminia, in het openbaar te verdedigen ten overstaan van de promotiecommissie van de faculteit der Exacte Wetenschappen / Wiskunde en Informatica op donderdag 8 maart 2001 om 10.45 uur in het hoofdgebouw van de universiteit, De Boelelaan 1105 door LEENDERT PETER VAN DOORN geboren te Drachten Promotor: prof.dr. A.S. Tanenbaum To Judith and Sofie Publisher: Labyrint Publication P.O. Box 662 2900 AR Capelle a/d IJssel - Holland fax +31 (0) 10 2847382 ISBN 90-72591-88-7 Copyright © 2001 L. P. van Doorn All rights reserved. No part of this publication may be reproduced, stored in a retrieval system of any nature, or transmitted in any form or by any means, electronic, mechani- cal, now known or hereafter invented, including photocopying or recording, without prior written permission of the publisher. Advanced School for Computing and Imaging This work was carried out in the ASCI graduate school. ASCI dissertation series number 60. Parts of Chapter 2 have been published in the Proceedings of the First ASCI Workshop and in the Proceedings of the International Workshop on Object Orientation in Operat- ing Systems. Parts of Chapter 3 have been published in the Proceedings of the Fifth Hot Topics in Operating Systems (HotOS) Workshop. Parts of Chapter 5 have been published in the Proceedings of the Sixth SIGOPS Euro- pean Workshop, the Proceedings of the Third ASCI Conference, the Proceedings of the Ninth Usenix Security Symposium, and filed as an IBM patent disclosure. Contents Acknowledgments iv Samenvatting vi 1 Introduction 1 1.1 Operating Systems 2 1.2 Extensible Operating Systems 4 1.3 Issues in Operating System Research 6 1.4 Paramecium Overview 7 1.5 Thesis Contributions 10 1.6 Experimental Environment 12 1.7 Thesis Overview 14 2 Object Model 15 2.1 Local Objects 16 2.1.1 Interfaces 17 2.1.2 Objects and Classes 21 2.1.3 Object Naming 23 2.1.4 Object Compositions 27 2.2 Extensibility 30 2.3 Discussion and Comparison 31 3 Kernel Design for Extensible Systems 34 3.1 Design Issues and Choices 36 3.2 Abstractions 40 3.3 Kernel Extension Mechanisms 41 3.4 Paramecium Nucleus 45 3.4.1 Basic Concepts 46 i ii Contents 3.4.2 Protection Domains 48 3.4.3 Virtual and Physical Memory 51 3.4.4 Thread of Control 54 3.4.5 Naming and Object Invocations 67 3.4.6 Device Manager 72 3.4.7 Additional Services 74 3.5 Embedded Systems 75 3.6 Discussion and Comparison 76 4 Operating System Extensions 84 4.1 Unified Migrating Threads 85 4.1.1 Thread System Overview 85 4.1.2 Active Messages 88 4.1.3 Pop-up Thread Promotion 90 4.1.4 Thread Migration and Synchronization 93 4.2 Network Protocols 96 4.2.1 Cross Domain Shared Buffers 96 4.2.2 TCP/IP Protocol Stack 100 4.3 Active Filters 101 4.3.1 Filter Virtual Machine 105 4.3.2 Example Applications 109 4.4 Discussion and Comparison 112 5 Run Time Systems 116 5.1 Extensible Run Time System for Orca 117 5.1.1 Object-based Group Active Messages 120 5.1.2 Efficient Shared Object Invocations 123 5.1.3 Application Specific Optimizations 125 5.2 Secure Java Run Time System 128 5.2.1 Operating and Run Time System Integration 131 5.2.2 Separation of Concerns 132 5.2.3 Paramecium Integration 136 5.2.4 Secure Java Virtual Machine 137 5.2.5 Prototype Implementation 152 5.3 Discussion and Comparison 153 Contents iii 6 Experimental Verification 158 6.1 Kernel Analysis 159 6.2 Thread System Analysis 170 6.3 Secure Java Run Time System Analysis 174 6.4 Discussion and Comparison 179 7 Conclusions 181 7.1 Object Model 181 7.2 Kernel Design for Extensible Systems 183 7.3 Operating System Extensions 186 7.4 Run Time Systems 187 7.5 System Performance 189 7.6 Retrospective 189 7.7 Epilogue 190 Appendix A: Kernel Interface Definitions 192 Bibliography 196 Index 212 Curriculum Vitae 216 Acknowledgments Although my advisor, Andy Tanenbaum, thinks otherwise, I view a Ph.D. as a period of learning as much as you can in as many different subjects that are interesting. In this respect I took full advantage of my Ph.D.: I did work ranging from programming my own EEPROMs, to secure network objects, digital video on demand, and a full blown new operating system with its own TCP/IP stack, an experimental Orca runtime system, and a secure Java virtual machine. I even considered building my own network hardware but was eventually persuaded to postpone this. This advice no doubt sped up the completion of this thesis considerably. There are a large number of people who assisted and influenced me during my Ph.D. and for which I have great admiration. First of all there is my advisor, Andy Tanenbaum, who was always quick to jump on my half-baked ideas and forced me to give better explanations, and of course Sharon Perl who picked me as an intern at Digital Systems Research Center. I really felt at home at SRC, in fact so much that I came back the next summer to work with Ted Wobber on secure network objects. Two other SRC employees who deserve an honorable mention are Mike Burrows for our technical discussions and for pointing out to me that puzzles are actually fun, and Martin Abadi for his conciseness and precision; Virtues I often lack. Of course, I should not forget Rob Pike, who thought I was spending too much time at DEC SRC and that I should also visit Bell Labs. I was more than eager to take him up on that. During that summer I had ample opportunity to play with Inferno, Plan 9 and digital video. I’m forever in debt to Ken and Bonnie Thompson for their hospitality, which still extends to today. Most of my time at Bell Labs I spent with Dave Presotto and Phil Winterbottom. Phil reminded me in more than one way of Mike Burrows, albeit a much more critical version. As so many Ph.D. students, I took longer than the officially approved four years to finish my thesis. Rather than staying at the university, I was persuaded to join IBM T.J. Watson Research Center as a visiting scientist and finish my thesis there. After four months it was clear I liked the place; industrial research laboratories are surprisingly similar; and I joined IBM as a research staff member. Here I worked on my secure Java Virtual Machine, but also got distracted enough that the writing of my thesis got delayed considerably, despite the almost daily reminders by my group members and not infrequent ones from my advisor. My group members included Charles Palmer, Dave Safford, Wietse Venema, Paul Karger, Reiner Sailer and Peter Gutmann. I managed to tackle this daily nuisance by stating that inquiries about my thesis progress were in fact voluntary solicitations to proofread my thesis. Some, who iv Acknowledgments v did not get this in time, ended up proof reading my drafts. Then there were others who practically forced me to give them a copy to proofread. I guess they could not stand the suspense any longer, which I had carefully cultivated over the last two years. Without going into detail who belonged to which group, I would like to thank Charles Palmer, Jonathan Shapiro, Dan Wallach, Ronald Perez, Paul Karger, and Trent Jaeger who provided me with much useful feedback on my thesis or papers that comprise it. Besides the people mentioned above, there is the long cast of characters who contributed to my thesis in one way or another. First of all there is the old Amoeba group of which I was part and where I learned many of the traits and got my early ideas. This group, at that time, consisted of Frans Kaashoek, Ed Keizer, Gregory Sharp, Hans van Staveren, Kees Verstoep, and Philip Homburg. Philip has been my office mate at the VU for most of the time and someone with whom I could exchange hacking problems and who provided feedback on part of this thesis. Then there is the ORCA group, consisting, at that time, of Henri Bal, Koen Langendoen, Raoul Bhoedjang, Tim Rühl, and Kees Verstoep. They did a marvelous job at the Orca run- time system which I took advantage of in my implementation. In the Dutch system, once a thesis is approved by the advisor, it is passed on to a reading committee for a final verdict. My reading committee consisted of Frans Kaashoek, Paul Karger, Sape Mullender, Charles Palmer, and Maarten van Steen. They provided much useful and insightful feedback which greatly improved this thesis. I also wish to thank the Department of Mathematics and Computer Science of the Vrije Universiteit, N.W.O., Fujitsu Micro Electronics Inc., and IBM T.J. Watson Research Center for providing support for carrying out the research and especially for the generous funding for trips, books, and equipment. Without a doubt, the hardest part of writing this thesis was the Dutch summary. Mainly because Dutch lacks the appropriate translation for many English computer terms. Fortunately, our Belgium neighbors were very helpful in this respect and put up a web site (in proper Dutch, een webstek) with lots of useful suggestions.
Recommended publications
  • Proof-Carrying Authentication∗
    Proof-Carrying Authentication∗ Andrew W. Appel and Edward W. Felten Secure Internet Programming Laboratory Department of Computer Science Princeton University Princeton, NJ 08544 USA August 9, 1999 Abstract Statements in these frameworks are represented as data structures that are often digitally signed We have designed and implemented a general to ensure their integrity. and powerful distributed authentication frame- work based on higher-order logic. Authenti- Several authentication frameworks exist; we cation frameworks — including Taos, SPKI, mention a few here as examples. The Taos SDSI, and X.509 — have been explained using operating system provided support for secure logic. We show that by starting with the logic, remote procedure call and data structures to we can implement these frameworks, all in the represent authority and identity [6]. X.509 [15] same concise and efficient system. Because our is a widely-used standard for expressing and us- logic has no decision procedure — although ing digital certificates. SPKI [4] and SDSI [14] proof checking is simple — users of the frame- (since merged under the joint name SPKI) work must submit proofs with their requests. were reactions to the perceived complexity of X.509; in both cases the ‘S’ stands for ‘simple.’ 1 Introduction PolicyMaker [3] is a language for expressing se- curity policies; it can be applied to distributed Distributed authentication frameworks allow security policies. Kerberos [12], unlike the other sharing of access to resources across adminis- frameworks, uses symmetric-key encryption to trative boundaries in a distributed system. The authenticate users. Each framework has a main abstractions they support are name-to- differerent semantics and offers a different kind key bindings, access control, and delegation.
    [Show full text]
  • Ada Departmental Supercomputer Shared Memory GPU Cluster
    Ada Departmental Supercomputer Shared Memory GPU Cluster The Ada Departmental Supercomputer is designed to provide System Specifications near top 500 class supercomputing capabilities at your office Processors: Head Node: 2 AMD EPYC 7702 Processors or lab. (64 core-2.0/3.3 GHz) Compute Nodes: 1 AMD EPYC 7702P Proces- Ada is a hybrid supercomputer consisting of a large memory sor (64 core-2.2/3.2 GHz), 8 AMD Radeon head node and 2 to 5 compute nodes, each with eight AMD Instinct MI50 GPUs Radeon Instinct MI50 GPUs. With 5 compute nodes Ada con- Global Memory: 2TB or 4TB 3200 MHz DDR4 tains 448 AMD EPYC processor cores, 40 MI50 GPUs and 2 or 4 TB of globally shared memory. The compute nodes are Compute Node 128 GB 3200 MHz DDR4 (each) Memory: connected to the head node with 200 Gb/s Mellanox Infini- band. The Ada departmental supercomputer can be config- Storage: 1TB on-board M.2 OS SSD ured to deliver 1060 TFLOPS of FP16, 532 TFLOPS of FP32 12x 3.5" SATA/SAS hot-swap and 264 TFLOPS of FP64 GPU floating point performance SSD/HDD bays (head node) Additional 8x 2.5” SSD hot-swap bays on each capable of operating on large computational models. compute node Ada is a true symmetric multi-processing (SMP) computer Interconnect: ConnectX-6 VPI 200 Gb/s InfiniBand Dual Port with a large shared memory and a single operating system PCIe Gen 4 Host Bus Adapters user interface based on Centos 8 Linux. It provides a 1TB (No InfiniBand switch is needed) globally shared fast file system, and a large disk storage ar- I/O: 2x 1 Gb/s LAN ports ray.
    [Show full text]
  • Sprite File System There Are Three Important Aspects of the Sprite ®Le System: the Scale of the System, Location-Transparency, and Distributed State
    Naming, State Management, and User-Level Extensions in the Sprite Distributed File System Copyright 1990 Brent Ballinger Welch CHAPTER 1 Introduction ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ ¡ This dissertation concerns network computing environments. Advances in network and microprocessor technology have caused a shift from stand-alone timesharing systems to networks of powerful personal computers. Operating systems designed for stand-alone timesharing hosts do not adapt easily to a distributed environment. Resources like disk storage, printers, and tape drives are not concentrated at a single point. Instead, they are scattered around the network under the control of different hosts. New operating system mechanisms are needed to handle this sort of distribution so that users and application programs need not worry about the distributed nature of the underlying system. This dissertation explores the approach of centering a distributed computing environment around a shared network ®le system. The ®le system is chosen as a starting point because it is a heavily used service in stand-alone systems, and the read/write para- digm of the ®le system is a familiar one that can be applied to many system resources. The ®le system described in this dissertation provides a distributed name space for sys- tem resources, and it provides remote access facilities so all resources are available throughout the network. Resources accessible via the ®le system include disk storage, other types of peripheral devices, and user-implemented service applications. The result- ing system is one where resources are named and accessed via the shared ®le system, and the underlying distribution of the system among a collection of hosts is not important to users.
    [Show full text]
  • Risc I: a Reduced Instruction Set Vlsi Computer
    RISC I: A REDUCED INSTRUCTION SET VLSI COMPUTER DAVID A. PATTERSON and CARLO H. SEQUIN Computer Science Division University of California Berkeley, California ABSTRACT to implement CISC is the best way to use this “scarce” resource. The Reduced Instruction Set Computer (RISC) Project investigates an alternatrve to the general trend toward computers wrth increasingly complex instruction sets: With a The above findings led to the Reduced Instruction Set proper set of instructions and a corresponding architectural Computer (RISC) Project. The purpose of the project is design, a machine wrth a high effective throughput can be to explore alternatives to the general trend toward achieved. The simplicity of the instruction set and addressing architectural complexity. The hypothesis is that by modes allows most Instructions to execute in a single machine cycle, and the srmplicity of each instruction guarantees a short reducing the instruction set, VLSI architecture can be cycle time. In addition, such a machine should have a much designed that uses the scarce resources more effectively shorter design trme. than CISC. We also expect this approach to reduce design time, the number of design errors, and the This paper presents the architecture of RISC I and its novel execution time of individual instructions. hardware support scheme for procedure call/return. Overlapprng sets of regrster banks that can pass parameters directly to subrouttnes are largely responsible for the excellent Our initial version of such a computer is called RISC I. performance of RISC I. Static and dynamtc comparisons To meet our goals of simplicity and effective single-chip between this new architecture and more traditional machines implementation, we placed the following “constraints” are given.
    [Show full text]
  • Ebook - Informations About Operating Systems Version: August 15, 2006 | Download
    eBook - Informations about Operating Systems Version: August 15, 2006 | Download: www.operating-system.org AIX Internet: AIX AmigaOS Internet: AmigaOS AtheOS Internet: AtheOS BeIA Internet: BeIA BeOS Internet: BeOS BSDi Internet: BSDi CP/M Internet: CP/M Darwin Internet: Darwin EPOC Internet: EPOC FreeBSD Internet: FreeBSD HP-UX Internet: HP-UX Hurd Internet: Hurd Inferno Internet: Inferno IRIX Internet: IRIX JavaOS Internet: JavaOS LFS Internet: LFS Linspire Internet: Linspire Linux Internet: Linux MacOS Internet: MacOS Minix Internet: Minix MorphOS Internet: MorphOS MS-DOS Internet: MS-DOS MVS Internet: MVS NetBSD Internet: NetBSD NetWare Internet: NetWare Newdeal Internet: Newdeal NEXTSTEP Internet: NEXTSTEP OpenBSD Internet: OpenBSD OS/2 Internet: OS/2 Further operating systems Internet: Further operating systems PalmOS Internet: PalmOS Plan9 Internet: Plan9 QNX Internet: QNX RiscOS Internet: RiscOS Solaris Internet: Solaris SuSE Linux Internet: SuSE Linux Unicos Internet: Unicos Unix Internet: Unix Unixware Internet: Unixware Windows 2000 Internet: Windows 2000 Windows 3.11 Internet: Windows 3.11 Windows 95 Internet: Windows 95 Windows 98 Internet: Windows 98 Windows CE Internet: Windows CE Windows Family Internet: Windows Family Windows ME Internet: Windows ME Seite 1 von 138 eBook - Informations about Operating Systems Version: August 15, 2006 | Download: www.operating-system.org Windows NT 3.1 Internet: Windows NT 3.1 Windows NT 4.0 Internet: Windows NT 4.0 Windows Server 2003 Internet: Windows Server 2003 Windows Vista Internet: Windows Vista Windows XP Internet: Windows XP Apple - Company Internet: Apple - Company AT&T - Company Internet: AT&T - Company Be Inc. - Company Internet: Be Inc. - Company BSD Family Internet: BSD Family Cray Inc.
    [Show full text]
  • Computer Architecture and Assembly Language
    Computer Architecture and Assembly Language Gabriel Laskar EPITA 2015 License I Copyright c 2004-2005, ACU, Benoit Perrot I Copyright c 2004-2008, Alexandre Becoulet I Copyright c 2009-2013, Nicolas Pouillon I Copyright c 2014, Joël Porquet I Copyright c 2015, Gabriel Laskar Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with the Invariant Sections being just ‘‘Copying this document’’, no Front-Cover Texts, and no Back-Cover Texts. Introduction Part I Introduction Gabriel Laskar (EPITA) CAAL 2015 3 / 378 Introduction Problem definition 1: Introduction Problem definition Outline Gabriel Laskar (EPITA) CAAL 2015 4 / 378 Introduction Problem definition What are we trying to learn? Computer Architecture What is in the hardware? I A bit of history of computers, current machines I Concepts and conventions: processing, memory, communication, optimization How does a machine run code? I Program execution model I Memory mapping, OS support Gabriel Laskar (EPITA) CAAL 2015 5 / 378 Introduction Problem definition What are we trying to learn? Assembly Language How to “talk” with the machine directly? I Mechanisms involved I Assembly language structure and usage I Low-level assembly language features I C inline assembly Gabriel Laskar (EPITA) CAAL 2015 6 / 378 I Programmers I Wise managers Introduction Problem definition Who do I talk to? I System gurus I Low-level enthusiasts Gabriel Laskar (EPITA) CAAL
    [Show full text]
  • The Flask Security Architecture: System Support for Diverse Security Policies
    The Flask Security Architecture: System Support for Diverse Security Policies Ray Spencer Secure Computing Corporation Stephen Smalley, Peter Loscocco National Security Agency Mike Hibler, David Andersen, Jay Lepreau University of Utah http://www.cs.utah.edu/flux/flask/ Abstract and even many types of policies [1, 43, 48]. To be gen- erally acceptable, any computer security solution must Operating systems must be flexible in their support be flexible enough to support this wide range of security for security policies, providing sufficient mechanisms for policies. Even in the distributed environments of today, supporting the wide variety of real-world security poli- this policy flexibility must be supported by the security cies. Such flexibility requires controlling the propaga- mechanisms of the operating system [32]. tion of access rights, enforcing fine-grained access rights and supporting the revocation of previously granted ac- Supporting policy flexibility in the operating system is cess rights. Previous systems are lacking in at least one a hard problem that goes beyond just supporting multi- of these areas. In this paper we present an operating ple policies. The system must be capable of supporting system security architecture that solves these problems. fine-grained access controls on low-level objects used to Control over propagation is provided by ensuring that perform higher-level functions controlled by the secu- the security policy is consulted for every security deci- rity policy. Additionally, the system must ensure that sion. This control is achieved without significant perfor- the propagation of access rights is in accordance with mance degradation through the use of a security decision the security policy.
    [Show full text]
  • A Model of Inheritance for Declarative Visual Programming Languages
    An Abstract Of The Dissertation Of Rebecca Djang for the degree of Doctor of Philosophy in Computer Science presented on December 17, 1998. Title: Similarity Inheritance: A Model of Inheritance for Declarative Visual Programming Languages. Abstract approved: Margaret M. Burnett Declarative visual programming languages (VPLs), including spreadsheets, make up a large portion of both research and commercial VPLs. Spreadsheets in particular enjoy a wide audience, including end users. Unfortunately, spreadsheets and most other declarative VPLs still suffer from some of the problems that have been solved in other languages, such as ad-hoc (cut-and-paste) reuse of code which has been remedied in object-oriented languages, for example, through the code-reuse mechanism of inheritance. We believe spreadsheets and other declarative VPLs can benefit from the addition of an inheritance-like mechanism for fine-grained code reuse. This dissertation first examines the opportunities for supporting reuse inherent in declarative VPLs, and then introduces similarity inheritance and describes a prototype of this model in the research spreadsheet language Forms/3. Similarity inheritance is very flexible, allowing multiple granularities of code sharing and even mutual inheritance; it includes explicit representations of inherited code and all sharing relationships, and it subsumes the current spreadsheet mechanisms for formula propagation, providing a gradual migration from simple formula reuse to more sophisticated uses of inheritance among objects. Since the inheritance model separates inheritance from types, we investigate what notion of types is appropriate to support reuse of functions on different types (operation polymorphism). Because it is important to us that immediate feedback, which is characteristic of many VPLs, be preserved, including feedback with respect to type errors, we introduce a model of types suitable for static type inference in the presence of operation polymorphism with similarity inheritance.
    [Show full text]
  • Research Purpose Operating Systems – a Wide Survey
    GESJ: Computer Science and Telecommunications 2010|No.3(26) ISSN 1512-1232 RESEARCH PURPOSE OPERATING SYSTEMS – A WIDE SURVEY Pinaki Chakraborty School of Computer and Systems Sciences, Jawaharlal Nehru University, New Delhi – 110067, India. E-mail: [email protected] Abstract Operating systems constitute a class of vital software. A plethora of operating systems, of different types and developed by different manufacturers over the years, are available now. This paper concentrates on research purpose operating systems because many of them have high technological significance and they have been vividly documented in the research literature. Thirty-four academic and research purpose operating systems have been briefly reviewed in this paper. It was observed that the microkernel based architecture is being used widely to design research purpose operating systems. It was also noticed that object oriented operating systems are emerging as a promising option. Hence, the paper concludes by suggesting a study of the scope of microkernel based object oriented operating systems. Keywords: Operating system, research purpose operating system, object oriented operating system, microkernel 1. Introduction An operating system is a software that manages all the resources of a computer, both hardware and software, and provides an environment in which a user can execute programs in a convenient and efficient manner [1]. However, the principles and concepts used in the operating systems were not standardized in a day. In fact, operating systems have been evolving through the years [2]. There were no operating systems in the early computers. In those systems, every program required full hardware specification to execute correctly and perform each trivial task, and its own drivers for peripheral devices like card readers and line printers.
    [Show full text]
  • SCALABLE CAPABILITY-BASED AUTHORIZATION for HIGH- PERFORMANCE PARALLEL FILE SYSTEMS Nicholas Mills Clemson University, [email protected]
    Clemson University TigerPrints All Theses Theses 5-2011 SCALABLE CAPABILITY-BASED AUTHORIZATION FOR HIGH- PERFORMANCE PARALLEL FILE SYSTEMS Nicholas Mills Clemson University, [email protected] Follow this and additional works at: https://tigerprints.clemson.edu/all_theses Part of the Computer Engineering Commons Recommended Citation Mills, Nicholas, "SCALABLE CAPABILITY-BASED AUTHORIZATION FOR HIGH-PERFORMANCE PARALLEL FILE SYSTEMS" (2011). All Theses. 1131. https://tigerprints.clemson.edu/all_theses/1131 This Thesis is brought to you for free and open access by the Theses at TigerPrints. It has been accepted for inclusion in All Theses by an authorized administrator of TigerPrints. For more information, please contact [email protected]. SCALABLE CAPABILITY-BASED AUTHORIZATION FOR HIGH-PERFORMANCE PARALLEL FILE SYSTEMS A Thesis Presented to the Graduate School of Clemson University In Partial Fulfillment of the Requirements for the Degree Master of Science Computer Engineering by Nicholas L. Mills May 2011 Accepted by: Dr. Walter B. Ligon III, Committee Chair Dr. Richard R. Brooks Dr. Adam W. Hoover Abstract As the size and scale of supercomputers continues to increase at an exponential rate the number of users on a given supercomputer will only grow larger. A larger number of users on a supercomputer places a greater importance on the strength of information security. Nowhere is this requirement for security more apparent than the file system, as users expect their data to be protected from accidental or deliberate modification. In spite of the ever-increasing demand for more secure file system access the majority of parallel file systems do not implement a robust security protocol for fear it will negatively impact the performance and scalability of the file system.
    [Show full text]
  • A Complete Bibliography of Publications in Software—Practice and Experience
    A Complete Bibliography of Publications in Software|Practice and Experience Nelson H. F. Beebe University of Utah Department of Mathematics, 110 LCB 155 S 1400 E RM 233 Salt Lake City, UT 84112-0090 USA Tel: +1 801 581 5254 FAX: +1 801 581 4148 E-mail: [email protected], [email protected], [email protected] (Internet) WWW URL: http://www.math.utah.edu/~beebe/ 23 July 2021 Version 3.26 Title word cross-reference [Bar82a, Bar82c, Bar84b]. < [SMGMOFM07a, SMGMOFM07b]. > [SMGMOFM07a, SMGMOFM07b]. 2 [MST13, MDB19]. 3 [DS09]. 4 [MSR+07]. \ 0 [GW96]. 1 [GW96]. $1.50 [Bar78d]. $11 [PK04]. TM [MZB00, Win02]. 8 [DB21b]. k [Bar84a]. $12.00 [Rob72]. $13 [Bar84a]. [AW93, Mer93]. κ [MG94]. µ $13.00 [Rob72]. $18.50 [Jon74]. $185 [BS90c, BDS+92, SMNB21]. N [Bar79b]. $19.30 [Lan74a]. $19.50 [Dav78]. [MS98, Coh98, KST94, YAVHC21]. P 3 $25.00 [Pet77, And78]. 3 [BE02, FMA02]. [DC03]. PM [CLD+17]. q [GSR17]. τ $31-25 [Pet77]. $31.35 [Bri82]. 32 [VED06]. 2:5 [TSZ14, UDS+07]. $35.00 [Inc86]. $39.50 [Sim83]. 5 [CPMAH+20]. $58.50 [Wal81a]. $6.95 -ary [MS98]. -bit [AM10, SF85, VED06]. [Tho74]. 64 [AM10, VED06]. 68 -gram [Coh98, KST94, YAVHC21]. -grams [Ear76, Hol77]. $68.25 [Pit82]. $7.00 [GSR17]. -level [FM77]. -queens [Plu74]. [Bar72a]. $7.50 [Bar78d]. $7.95 -R [Ear76, Hol77]. -shortest-paths [MG94]. [Bar76a, Lav77]. $78.50 [Sim83]. 8 -System [BS90c]. [Plu74, SF85]. $8.95 [Bar82a, Bar82c, Bar84b]. $9.75 . [Bis81b]. .NET [Coo04, Han04]. [Bar77e, Mul76]. $9.80 [Atk79a]. $9.95 1 2 0 [Bar81, Edw98a, Edw98b, Gru83, Llo82, 2 [Bar74a, Bar74b, Bar80b, Bud85, Cor88b, Val77a, Val78, Wal83b].
    [Show full text]
  • Microkernels Meet Recursive Virtual Machines
    Microkernels Meet Recursive Virtual Machines Bryan Ford Mike Hibler Jay Lepreau Patrick Tullmann Godmar Back Stephen Clawson Department of Computer Science, University of Utah Salt Lake City, UT 84112 [email protected] http://www.cs.utah.edu/projects/flux/ Abstract ªverticallyº by implementing OS functionalityin stackable virtual machine monitors, each of which exports a virtual Thispaper describes a novel approach to providingmod- machine interface compatible with the machine interface ular and extensible operating system functionality and en- on which it runs. Traditionally,virtual machines have been capsulated environments based on a synthesis of micro- implemented on and export existing hardware architectures kernel and virtual machine concepts. We have developed so they can support ªnaiveº operating systems (see Fig- a software-based virtualizable architecture called Fluke ure 1). For example, the most well-known virtual machine that allows recursive virtual machines (virtual machines system, VM/370 [28, 29], provides virtual memory and se- running on other virtual machines) to be implemented ef- curity between multiple concurrent virtual machines, all ®ciently by a microkernel running on generic hardware. exporting the IBM S/370 hardware architecture. Further- A complete virtual machine interface is provided at each more, special virtualizable hardware architectures [22, 35] level; ef®ciency derives from needing to implement only have been proposed, whose design goal is to allow virtual new functionality at each level. This infrastructure allows machines to be stacked much more ef®ciently. common OS functionality, such as process management, demand paging, fault tolerance, and debugging support, to This paper presents a new approach to OS extensibil- be provided by cleanly modularized, independent, stack- ity which combines both microkernel and virtual machine able virtual machine monitors, implemented as user pro- concepts in one system.
    [Show full text]