DOCSLIB.ORG

Libmpk: Software Abstraction for Intel Memory Protection Keys

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Libmpk: Software Abstraction for Intel Memory Protection Keys libmpk: Software Abstraction for Intel Memory Protection Keys (Intel MPK) Soyeon Park, Georgia Institute of Technology; Sangho Lee, Microsoft Research; Wen Xu, Georgia Institute of Technology; Hyungon Moon, Ulsan National Institute of Science and Technology; Taesoo Kim, Georgia Institute of Technology https://www.usenix.org/conference/atc19/presentation/park-soyeon This paper is included in the Proceedings of the 2019 USENIX Annual Technical Conference. July 10–12, 2019 • Renton, WA, USA ISBN 978-1-939133-03-8 Open access to the Proceedings of the 2019 USENIX Annual Technical Conference is sponsored by USENIX. libmpk: Software Abstraction for Intel Memory Protection Keys (Intel MPK) Soyeon Park Sangho Lee† Wen Xu Hyungon Moon∗ Taesoo Kim Georgia Institute of Technology †Microsoft Research ∗Ulsan National Institute of Science and Technology Abstract MPK) [20], that allows a userspace process to change the permission of the page groups. MPK has three key bene- Intel Memory Protection Keys (MPK) is a new hardware prim- fits over page-table-based mechanisms: (1) performance, (2) itive to support thread-local permission control on groups of group-wise control, and (3) per-thread view. First, MPK uti- pages without requiring modification of page tables. Unfortu- lizes a protection key rights register (PKRU) to maintain the nately, its current hardware implementation and software sup- access rights of individual keys associated with specific pages: port suffer from security, scalability, and semantic problems: read/write, read-only, or no access. Processes only need to (1) vulnerable to protection-key-use-after-free; (2) providing execute a non-privileged instruction (WRPKRU) to update PKRU, the limited number of protection keys; and (3) incompatible which takes less than 20 cycles (§2.3) and requires no TLB with mprotect()’s process-based permission model. flush and context switching. Note that PKRU and page-table In this paper, we propose libmpk, a software abstraction for permissions cannot override each other, so the effective per- MPK. It virtualizes the hardware protection keys to eliminate mission is the intersection of both. the protection-key-use-after-free problem while providing Second, MPK can change the access rights of up to 16 accesses to an unlimited number of virtualized keys. To sup- different page groups at once, where each group consists of port legacy applications, it also provides a lazy inter-thread pages associated with the same key1. This group-wise control key synchronization. To enhance the security of MPK itself, allows applications to change access rights to page groups libmpk restricts unauthorized writes to its metadata. We apply according to the types and contexts of data stored in them libmpk to three real-world applications: OpenSSL, JavaScript (e.g., per-session data of a web server). JIT compiler, and Memcached for memory protection and Third, MPK allows each thread (i.e., each hyperthread) isolation. Our evaluation shows that it introduces negligi- to have a unique PKRU, realizing per-thread memory view. ble performance overhead (<1%) compared with the origi- Accordingly, even if two threads share the same address space, nal, unprotected versions and improves performance by 8.1× their access rights to the same page can be different. compared with the secure equivalents using mprotect(). The Although MPK is a promising primitive in concept, its source code of libmpk is publicly available and maintained current hardware implementation as well as standard library as an open source project. and kernel support suffer from three problems: (1) security, 1 Introduction (2) scalability, and (3) subtle semantic differences, hindering its broader adoption. First, we found that MPK suffers from Maintaining and enforcing memory access permission is an the protection-key-use-after-free problem. The Linux kernel important duty of OSes and CPUs. Traditionally, they have provides two system calls, pkey_alloc() and pkey_free(), used page tables to specify whether processes have rights to to allocate and de-allocate protection keys, respectively. Dur- read from, write to, or execute specific memory pages. OSes ing key de-allocation (pkey_free()), however, it does not can change access permission by updating page-table en- invalidate pages associated with a de-allocated key, resulting tries (PTEs) and flushing corresponding translation lookaside in ambiguity when the de-allocated key is re-allocated and buffer (TLB) entries to reload them. In addition to page ta- assigned to different pages later. bles, some CPUs, e.g., ARM [5] and IBM Power [18], allow Second, MPK fails in scaling because PKRU can manage OSes to maintain the permission of a page group together by only up to 16 protection keys because of its hardware lim- assigning the same key to the correlated pages and controlling itation. When an application tries to allocate more than 16 the key’s permission. To modify the permission of the page protection keys, pkey_alloc() simply fails, implying that the groups, OSes should, on behalf of the process, change the application itself should implement its own mechanism to permission of the corresponding registers. Recently, Intel deployed a similar key-based permis- 1The default group (0) has a special purpose, so only 15 groups are sion control, called Intel Memory Protection Keys (Intel available for general uses. USENIX Association 2019 USENIX Annual Technical Conference 241 OS-managed Userspace process WRPKRU multiplex these protection keys. RDPKRU DTLB PKRU (corea) PKRU (coreb) Third, the semantic of MPK is different from the page# pkey perm. pkey: 0 1 8 15 0 1 8 15 conventional mprotect(), i.e., thread-view versus process- 120 8 r/w perm: r/w n/a ... r/w ... n/a r/w r/w ... r/o ... n/a 232 1 r/o view, which results in potential security and performance (corea) (coreb) 456 ... 8 r/o problems. For example, the Linux kernel implements an page# effective page# effective ITLB perm. perm. execute-only memory with MPK by disabling read access page# perm. 120 r/w 120 r through PKRU and allowing execution through a page table: 232 x 232 x 232 r/x ... 456 r 456 r mprotect(addr, len, PROT_EXEC). Although this feature is (per-process, red : pkey = 1 (per-core, asynchronous) invoked via mprotect(), it only changes the PKRU’s permis- synchronized) blue: pkey = 8 sion of the calling thread, meaning that other threads sharing Figure 1: An example showing how MPK checks the permission of the same address space can still read the execute-only memory. a logical core (hyperthread) on a specific memory page according In other words, it is non-trivial to apply MPK securely and to PKRU and page permissions. The intersection of the permissions efficiently to legacy applications that rely on a process-level determines whether a data access will be allowed. An instruction memory permission model. fetch is independent of the PKRU. In this paper, we propose libmpk, a secure, scalable, and semantic-compatible software abstraction to fully utilize cations to effectively overcome the three challenges. MPK in a practical manner. In particular, libmpk implements • Case studies. We apply libmpk to OpenSSL library, (1) protection key virtualization to eliminate the protection- JavaScript JIT compiler, and Memcached to show its key-use-after-free problem and to support the unrestricted effectiveness and practicality. libmpk secures them with number of memory page groups, (2) lazy inter-thread key syn- a few modifications and negligible overhead. chronization to selectively ensure per-process semantics with MPK, allowing us to substitute mprotect() in an efficient 2 Intel MPK Explained and compatible manner, and (3) metadata integrity to ensure In this section, we describe the hardware design of Intel MPK the integrity of the mapping information while minimizing and current kernel and library support. Also, we check the the number of system call invocations. libmpk consists of a performance characteristics of MPK to show its efficiency. userspace library mainly for efficient permission change and a kernel module mainly for synchronization and metadata 2.1 Hardware Primitives integrity. Intel MPK updates the permission of a group of pages by To show the effectiveness and practicality, we apply libmpk associating a protection key to the group and changing the ac- to three real-world applications: OpenSSL library, JavaScript cess rights of the protection key instead of individual memory just-in-time (JIT) compiler, and Memcached. First, we mod- pages (Figure 1). ify the OpenSSL library to create secure memory pages for Protection key field in page table entry. MPK assigns a storing cryptographic keys to mitigate information leakage. unique protection key to a memory page group to update its Second, we modify three JavaScript JIT compilers (i.e., Spi- permission at the same time. MPK exploits the previously derMonkey, ChakraCore, and v8) to protect the code cache unused four bits of each page table entry (from 32nd to 35th from memory corruption by enforcing the W⊕X security pol- bits) to store a memory page’s corresponding key value. Thus, icy. Third, we modify Memcached to secure almost all its data, MPK supports up to 16 different page groups. Since only including the slab and hash table, whose size can be several supervised code can access and change PTEs, the Linux ker- gigabytes. The evaluation results show that libmpk and its nel (from version 4.6) starts to provide a new system call, applications have negligible overhead (<1%). Furthermore, pkey_mprotect(), to allow applications to assign or change libmpk is 1.73–3.78× faster than mprotect() when changing the keys of their memory pages (§2.2). the permission of 1–1,000 pages at the view of a process, and, PKRU especially, the throughput of Memcached with libmpk is 8.1× Protection key rights register ( ). MPK uses the value higher than that of Memcached with mprotect().
Load more

Recommended publications
  • Openvms Record Management Services Reference Manual
    OpenVMS Record Management Services Reference Manual Order Number: AA-PV6RD-TK April 2001 This reference manual contains general information intended for use in any OpenVMS programming language, as well as specific information on writing programs that use OpenVMS Record Management Services (OpenVMS RMS). Revision/Update Information: This manual supersedes the OpenVMS Record Management Services Reference Manual, OpenVMS Alpha Version 7.2 and OpenVMS VAX Version 7.2 Software Version: OpenVMS Alpha Version 7.3 OpenVMS VAX Version 7.3 Compaq Computer Corporation Houston, Texas © 2001 Compaq Computer Corporation Compaq, AlphaServer, VAX, VMS, the Compaq logo Registered in U.S. Patent and Trademark Office. Alpha, PATHWORKS, DECnet, DEC, and OpenVMS are trademarks of Compaq Information Technologies Group, L.P. in the United States and other countries. UNIX and X/Open are trademarks of The Open Group in the United States and other countries. All other product names mentioned herein may be the trademarks of their respective companies. Confidential computer software. Valid license from Compaq required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor’s standard commercial license. Compaq shall not be liable for technical or editorial errors or omissions contained herein. The information in this document is provided "as is" without warranty of any kind and is subject to change without notice. The warranties for Compaq products are set forth in the express limited warranty statements accompanying such products. Nothing herein should be construed as constituting an additional warranty.
    [Show full text]
  • Online Visualization of Geospatial Stream Data Using the Worldwide Telescope
    Online Visualization of Geospatial Stream Data using the WorldWide Telescope Mohamed Ali#, Badrish Chandramouli*, Jonathan Fay*, Curtis Wong*, Steven Drucker*, Balan Sethu Raman# #Microsoft SQL Server, One Microsoft Way, Redmond WA 98052 {mali, sethur}@microsoft.com *Microsoft Research, One Microsoft Way, Redmond WA 98052 {badrishc, jfay, curtis.wong, sdrucker}@microsoft.com ABSTRACT execution query pipeline. StreamInsight has been used in the past This demo presents the ongoing effort to meld the stream query to process geospatial data, e.g., in traffic monitoring [4, 5]. processing capabilities of Microsoft StreamInsight with the On the other hand, the WorldWide Telescope (WWT) [9] enables visualization capabilities of the WorldWide Telescope. This effort a computer to function as a virtual telescope, bringing together provides visualization opportunities to manage, analyze, and imagery from the various ground and space-based telescopes in process real-time information that is of spatio-temporal nature. the world. WWT enables a wide range of user experiences, from The demo scenario is based on detecting, tracking and predicting narrated guided tours from astronomers and educators featuring interesting patterns over historical logs and real-time feeds of interesting places in the sky, to the ability to explore the features earthquake data. of planets. One interesting feature of WWT is its use as a 3-D model of earth, enabling its use as an earth viewer. 1. INTRODUCTION Real-time stream data acquisition has been widely used in This demo presents the ongoing work at Microsoft Research and numerous applications such as network monitoring, Microsoft SQL Server groups to meld the value of stream query telecommunications data management, security, manufacturing, processing of StreamInsight with the unique visualization and sensor networks.
    [Show full text]
  • Chapter 1. Origins of Mac OS X
    1 Chapter 1. Origins of Mac OS X "Most ideas come from previous ideas." Alan Curtis Kay The Mac OS X operating system represents a rather successful coming together of paradigms, ideologies, and technologies that have often resisted each other in the past. A good example is the cordial relationship that exists between the command-line and graphical interfaces in Mac OS X. The system is a result of the trials and tribulations of Apple and NeXT, as well as their user and developer communities. Mac OS X exemplifies how a capable system can result from the direct or indirect efforts of corporations, academic and research communities, the Open Source and Free Software movements, and, of course, individuals. Apple has been around since 1976, and many accounts of its history have been told. If the story of Apple as a company is fascinating, so is the technical history of Apple's operating systems. In this chapter,[1] we will trace the history of Mac OS X, discussing several technologies whose confluence eventually led to the modern-day Apple operating system. [1] This book's accompanying web site (www.osxbook.com) provides a more detailed technical history of all of Apple's operating systems. 1 2 2 1 1.1. Apple's Quest for the[2] Operating System [2] Whereas the word "the" is used here to designate prominence and desirability, it is an interesting coincidence that "THE" was the name of a multiprogramming system described by Edsger W. Dijkstra in a 1968 paper. It was March 1988. The Macintosh had been around for four years.
    [Show full text]
  • The Fourth Paradigm
    ABOUT THE FOURTH PARADIGM This book presents the first broad look at the rapidly emerging field of data- THE FOUR intensive science, with the goal of influencing the worldwide scientific and com- puting research communities and inspiring the next generation of scientists. Increasingly, scientific breakthroughs will be powered by advanced computing capabilities that help researchers manipulate and explore massive datasets. The speed at which any given scientific discipline advances will depend on how well its researchers collaborate with one another, and with technologists, in areas of eScience such as databases, workflow management, visualization, and cloud- computing technologies. This collection of essays expands on the vision of pio- T neering computer scientist Jim Gray for a new, fourth paradigm of discovery based H PARADIGM on data-intensive science and offers insights into how it can be fully realized. “The impact of Jim Gray’s thinking is continuing to get people to think in a new way about how data and software are redefining what it means to do science.” —Bill GaTES “I often tell people working in eScience that they aren’t in this field because they are visionaries or super-intelligent—it’s because they care about science The and they are alive now. It is about technology changing the world, and science taking advantage of it, to do more and do better.” —RhyS FRANCIS, AUSTRALIAN eRESEARCH INFRASTRUCTURE COUNCIL F OURTH “One of the greatest challenges for 21st-century science is how we respond to this new era of data-intensive
    [Show full text]
  • WWW 2013 22Nd International World Wide Web Conference
    WWW 2013 22nd International World Wide Web Conference General Chairs: Daniel Schwabe (PUC-Rio – Brazil) Virgílio Almeida (UFMG – Brazil) Hartmut Glaser (CGI.br – Brazil) Research Track: Ricardo Baeza-Yates (Yahoo! Labs – Spain & Chile) Sue Moon (KAIST – South Korea) Practice and Experience Track: Alejandro Jaimes (Yahoo! Labs – Spain) Haixun Wang (MSR – China) Developers Track: Denny Vrandečić (Wikimedia – Germany) Marcus Fontoura (Google – USA) Demos Track: Bernadette F. Lóscio (UFPE – Brazil) Irwin King (CUHK – Hong Kong) W3C Track: Marie-Claire Forgue (W3C Training, USA) Workshops Track: Alberto Laender (UFMG – Brazil) Les Carr (U. of Southampton – UK) Posters Track: Erik Wilde (EMC – USA) Fernanda Lima (UNB – Brazil) Tutorials Track: Bebo White (SLAC – USA) Maria Luiza M. Campos (UFRJ – Brazil) Industry Track: Marden S. Neubert (UOL – Brazil) Proceedings and Metadata Chair: Altigran Soares da Silva (UFAM - Brazil) Local Arrangements Committee: Chair – Hartmut Glaser Executive Secretary – Vagner Diniz PCO Liaison – Adriana Góes, Caroline D’Avo, and Renato Costa Conference Organization Assistant – Selma Morais International Relations – Caroline Burle Technology Liaison – Reinaldo Ferraz UX Designer / Web Developer – Yasodara Córdova, Ariadne Mello Internet infrastructure - Marcelo Gardini, Felipe Agnelli Barbosa Administration– Ana Paula Conte, Maria de Lourdes Carvalho, Beatriz Iossi, Carla Christiny de Mello Legal Issues – Kelli Angelini Press Relations and Social Network – Everton T. Rodrigues, S2Publicom and EntreNós PCO – SKL Eventos
    [Show full text]
  • Denying Extremists a Powerful Tool Hany Farid ’88 Has Developed a Means to Root out Terrorist Propaganda Online
    ALUMNI GAZETTE Denying Extremists a Powerful Tool Hany Farid ’88 has developed a means to root out terrorist propaganda online. But will companies like Google and Facebook use it? By David Silverberg be a “no-brainer” for social media outlets. Farid is not alone in his criticism of so- But so far, the project has faced resistance cial media companies. Last August, a pan- Hany Farid ’88 wants to clean up the In- from the leaders of Facebook, Twitter, and el in the British Parliament issued a report ternet. The chair of Dartmouth’s comput- other outlets who argue that identifying ex- charging that Facebook, Twitter, and er science department, he’s a leader in the tremist content is more difficult, presenting Google are not doing enough to prevent field of digital forensics. In the past several more gray areas, than child pornography. their networks from becoming recruitment years, he has played a lead role in creating In a February 2016 blog post, Twitter laid tools for extremist groups. programs to identify and root out two of out its official position: “As many experts Steve Burgess, president of the digital fo- the worst online scourges: child pornogra- and other companies have noted, there is rensics firm Burgess Consulting and Foren- phy and extremist political content. no ‘magic algorithm’ for identifying terror- sics, admires Farid’s dedication to projects “Digital forensics is an exciting field, es- ist content on the Internet, so global online that, according to Burgess, aren’t common pecially since you can have an impact on platforms are forced to make challenging in the field.
    [Show full text]
  • Microsoft .NET Gadgeteer a New Way to Create Electronic Devices
    Microsoft .NET Gadgeteer A new way to create electronic devices Nicolas Villar Microsoft Research Cambridge, UK What is .NET Gadgeteer? • .NET Gadgeteer is a new toolkit for quickly constructing, programming and shaping new small computing devices (gadgets) • Takes you from concept to working device quickly and easily Driving principle behind .NET Gadgeteer • Low threshold • Simple gadgets should be very simple to build • High ceiling • It should also be possible to build sophisticated and complex devices The three key components of .NET Gadgeteer The three key components of .NET Gadgeteer The three key components of .NET Gadgeteer Some background • We originally built Gadgeteer as a tool for ourselves (in Microsoft Research) to make it easier to prototype new kinds of devices • We believe the ability to prototype effectively is key to successful innovation Some background • Gadgeteer has proven to be of interest to other researchers – but also hobbyists and educators • With the help of colleagues from all across Microsoft, we are working on getting Gadgeteer out of the lab and into the hands of others Some background • Nicolas Villar, James Scott, Steve Hodges Microsoft Research Cambridge • Kerry Hammil Microsoft Research Redmond • Colin Miller Developer Division, Microsoft Corporation • Scarlet Schwiderski-Grosche‎, Stewart Tansley‎ Microsoft Research Connections • The Garage @ Microsoft First key component of .NET Gadgeteer Quick example: Building a digital camera Some existing hardware modules Mainboard: Core processing unit Mainboard
    [Show full text]
  • A Large-Scale Study of Web Password Habits
    WWW 2007 / Track: Security, Privacy, Reliability, and Ethics Session: Passwords and Phishing A Large-Scale Study of Web Password Habits Dinei Florencioˆ and Cormac Herley Microsoft Research One Microsoft Way Redmond, WA, USA [email protected], [email protected] ABSTRACT to gain the secret. However, challenge response systems are We report the results of a large scale study of password use generally regarded as being more time consuming than pass- and password re-use habits. The study involved half a mil- word entry and do not seem widely deployed. One time lion users over a three month period. A client component passwords have also not seen broad acceptance. The dif- on users' machines recorded a variety of password strength, ¯culty for users of remembering many passwords is obvi- usage and frequency metrics. This allows us to measure ous. Various Password Management systems o®er to assist or estimate such quantities as the average number of pass- users by having a single sign-on using a master password words and average number of accounts each user has, how [7, 13]. Again, the use of these systems does not appear many passwords she types per day, how often passwords are widespread. For a majority of users, it appears that their shared among sites, and how often they are forgotten. We growing herd of password accounts is maintained using a get extremely detailed data on password strength, the types small collection of passwords. For a user with, e.g. 30 pass- and lengths of passwords chosen, and how they vary by site.
    [Show full text]
  • The World-Wide Telescope1 MSR-TR-2001-77
    The World-Wide Telescope1 Alexander Szalay, The Johns Hopkins University Jim Gray, Microsoft August 2001 Technical Report MSR-TR-2001-77 Microsoft Research Microsoft Corporation 301 Howard Street, #830 San Francisco, CA, 94105 1 This article appears in Science V. 293 pp. 2037-2040 14 Sept 2001. Copyright © 2001 by The American Association for the Advancement of Science. Science V. 293 pp. 2037-2040 14 Sept 2001. Copyright © 2001 by The American Association for the Advancement of Science 1 The World-Wide Telescope Alexander Szalay, The Johns Hopkins University Jim Gray, Microsoft August 2001 Abstract All astronomy data and literature will soon be tral band over the whole sky is a few terabytes. It is not online and accessible via the Internet. The community is even possible for each astronomer to have a private copy building the Virtual Observatory, an organization of this of all their data. Many of these new instruments are worldwide data into a coherent whole that can be ac- being used for systematic surveys of our galaxy and of cessed by anyone, in any form, from anywhere. The re- the distant universe. Together they will give us an un- sulting system will dramatically improve our ability to do precedented catalog to study the evolving universe— multi-spectral and temporal studies that integrate data provided that the data can be systematically studied in an from multiple instruments. The virtual observatory data integrated fashion. also provides a wonderful base for teaching astronomy, Already online archives contain raw and derived astro- scientific discovery, and computational science. nomical observations of billions of objects – both temp o- Many fields are now coping with a rapidly mounting ral and multi-spectral surveys.
    [Show full text]
  • Web Search As Decision Support for Cancer
    Diagnoses, Decisions, and Outcomes: Web Search as Decision Support for Cancer ∗ Michael J. Paul Ryen W. White Eric Horvitz Johns Hopkins University Microsoft Research Microsoft Research 3400 N. Charles Street One Microsoft Way One Microsoft Way Baltimore, MD 21218 Redmond, WA 98052 Redmond, WA 98052 [email protected] [email protected] [email protected] ABSTRACT the decisions of searchers who show salient signs of having People diagnosed with a serious illness often turn to the Web been recently diagnosed with prostate cancer. We aim to for their rising information needs, especially when decisions characterize and enhance the ability of Web search engines are required. We analyze the search and browsing behavior to provide decision support for different phases of the illness. of searchers who show a surge of interest in prostate cancer. We focus on prostate cancer for several reasons. Prostate Prostate cancer is the most common serious cancer in men cancer is typically slow-growing, leaving patients and physi- and is a leading cause of cancer-related death. Diagnoses cians with time to reflect on the best course of action. There of prostate cancer typically involve reflection and decision is no medical consensus about the best treatment option, as making about treatment based on assessments of preferences the primary options all have similar mortality rates, each and outcomes. We annotated timelines of treatment-related with their own tradeoffs and side effects [24]. The choice queries from nearly 300 searchers with tags indicating differ- of treatments for prostate cancer is therefore particularly ent phases of treatment, including decision making, prepa- sensitive to consideration of patients' preferences about out- ration, and recovery.
    [Show full text]
  • The Evolution of the Unix Time-Sharing System*
    The Evolution of the Unix Time-sharing System* Dennis M. Ritchie Bell Laboratories, Murray Hill, NJ, 07974 ABSTRACT This paper presents a brief history of the early development of the Unix operating system. It concentrates on the evolution of the file system, the process-control mechanism, and the idea of pipelined commands. Some attention is paid to social conditions during the development of the system. NOTE: *This paper was first presented at the Language Design and Programming Methodology conference at Sydney, Australia, September 1979. The conference proceedings were published as Lecture Notes in Computer Science #79: Language Design and Programming Methodology, Springer-Verlag, 1980. This rendition is based on a reprinted version appearing in AT&T Bell Laboratories Technical Journal 63 No. 6 Part 2, October 1984, pp. 1577-93. Introduction During the past few years, the Unix operating system has come into wide use, so wide that its very name has become a trademark of Bell Laboratories. Its important characteristics have become known to many people. It has suffered much rewriting and tinkering since the first publication describing it in 1974 [1], but few fundamental changes. However, Unix was born in 1969 not 1974, and the account of its development makes a little-known and perhaps instructive story. This paper presents a technical and social history of the evolution of the system. Origins For computer science at Bell Laboratories, the period 1968-1969 was somewhat unsettled. The main reason for this was the slow, though clearly inevitable, withdrawal of the Labs from the Multics project. To the Labs computing community as a whole, the problem was the increasing obviousness of the failure of Multics to deliver promptly any sort of usable system, let alone the panacea envisioned earlier.
    [Show full text]
  • Microsoft Research Lee Dirks Dr
    Transforming Scholarly Communication Overview of Recent Projects from Microsoft Research Lee Dirks Dr. Camilo A. Acosta-Márquez Director, Education & Scholarly Communication Director Centro de Robótica e Informática Microsoft Research | Connections Universidad Jorge Tadeo Lozano Overview of Recent Projects from Microsoft Research Director, Education Director Centro de Robótica e Informática & Scholarly Communication Universidad Jorge Tadeo Lozano Microsoft Research | Connections | Outreach. Collaboration. Innovation. • • • • http://research.microsoft.com/collaboration/ The Scholarly Excel 2010 Windows Server HPC Collaboration Communication Windows Workflow Foundation SharePoint Lifecycle LiveMeeting Data Office 365 Collection, Research & Analysis Office OpenXML Office 2010: XPS Format Storage, •Word SQL Server & Archiving & Authoring •PowerPoint Entity Framework Preservation •Excel Rights Management •OneNote Data Protection Manager Tablet PC/UMPC Publication & Dissemination Discoverability FAST SharePoint 2010 Word 2010 + PowerPoint 2010 WPF & Silverlight “Sea Dragon” / “PhotoSynth” / “Deep Zoom” Data Curation Add-in for Microsoft Excel • California Digital Library’s Curation Center • • DataONE • • Support for versioning • Standardized date/time stamps • A “workbook builder” • Ability to export metadata in a standard format • Ability to select from a globally shared vocabulary of terms for data descriptions • Ability to import term descriptions from the shared vocabulary and annotate them locally • “Speed bumps” to discourage use of macros
    [Show full text]