Systems Architecture Commons^™

Fimce: A Fully Isolated Micro-Computing Environment For Multicore Systems, Siqi Zhao, Xuhua Ding

Research Collection School Of Computing and Information Systems

Virtualization-based memory isolation has been widely used as a security primitive in various security systems to counter kernel-level attacks. In this article, our in-depth analysis on this primitive shows that its security is significantly undermined in the multicore setting when other hardware resources for computing are not enclosed within the isolation boundary. We thus propose to construct a fully isolated micro-computing environment (FIMCE) as a new primitive. By virtue of its architectural niche, FIMCE not only offers stronger security assurance than its predecessor, but also features a flexible and composable environment with support for peripheral device isolation, thus greatly expanding …

Hpc Made Easy: Using Docker To Distribute And Test Trilinos, Sean J. Deal

All College Thesis Program, 2016-2019

Virtualization is an enticing option for computer science research given its ability to provide repeatable, standardized environments, but traditional virtual machines have too much overhead cost to be practical. Docker, a Linux-based tool for operating-system level virtualization, has been quickly gaining popularity throughout the computer science field by touting a virtualization solution that is easily distributable and more lightweight than virtual machines. This thesis aims to explore if Docker is a viable option for conducting virtualized research by evaluating the results of parallel performance tests using the Trilinos project.

Stopwatch: A Cloud Architecture For Timing Channel Mitigation, Peng Li, Debin Gao, Michael K Reiter

Research Collection School Of Computing and Information Systems

This article presents StopWatch, a system that defends against timing-based side-channel attacks that arise from coresidency of victims and attackers in infrastructure-as-a-service clouds. StopWatch triplicates each cloud-resident guest virtual machine (VM) and places replicas so that the three replicas of a guest VM are coresident with nonoverlapping sets of (replicas of) other VMs. StopWatch uses the timing of I/O events at a VM’s replicas collectively to determine the timings observed by each one or by an external observer, so that observable timing behaviors are similarly likely in the absence of any other individual, coresident VMs. We detail the design and …

Advances In Dynamic Virtualized Cloud Management, Michael Tighe

Electronic Thesis and Dissertation Repository

Cloud computing continues to gain in popularity, with more and more applications being deployed into public and private clouds. Deploying an application in the cloud allows application owners to provision computing resources on-demand, and scale quickly to meet demand. An Infrastructure as a Service (IaaS) cloud provides low-level resources, in the form of virtual machines (VMs), to clients on a pay-per-use basis. The cloud provider (owner) can reduce costs by lowering power consumption. As a typical server can consume 50% or more of its peak power consumption when idle, this can be accomplished by consolidating client VMs onto as few …

In Perfect Xen, A Performance Study Of The Emerging Xen Scheduler, Ryan Hnarakis

Master's Theses

Fifty percent of Fortune 500 companies trust Xen, an open-source bare-metal hypervisor, to virtualize their websites and mission critical services in the cloud. Providing superior fault tolerance, scalability, and migration, virtualization allows these companies to run several isolated operating systems simultaneously on the same physical server. These isolated operating systems, called virtual machines, require a virtual traffic guard to cooperate with one another. This guard known as the Credit2 scheduler along with the newest Xen hypervisor was recently developed to supersede the older schedulers. Since wasted CPU cycles can be costly, the Credit2 prototype must undergo significant performance validation before …

Improving Resource Management In Virtualized Data Centers Using Application Performance Models, Sajib Kundu

FIU Electronic Theses and Dissertations

The rapid growth of virtualized data centers and cloud hosting services is making the management of physical resources such as CPU, memory, and I/O bandwidth in data center servers increasingly important. Server management now involves dealing with multiple dissimilar applications with varying Service-Level-Agreements (SLAs) and multiple resource dimensions. The multiplicity and diversity of resources and applications are rendering administrative tasks more complex and challenging. This thesis aimed to develop a framework and techniques that would help substantially reduce data center management complexity.

We specifically addressed two crucial data center operations. First, we precisely estimated capacity requirements of client virtual machines …

Analyzing The Impact Of A Virtual Machine On A Host Machine, Greg Dorn, Chris Marberry, Scott Conrad, Philip Craiger

Publications

As virtualization becomes more prevalent in the enterprise and in personal computing, there is a great need to understand the technology as well as its ramifications for recovering digital evidence. This paper focuses on trace evidence related to the installation and execution of virtual machines (VMs) on a host machine. It provides useful information regarding the types and locations of files installed by VM applications, the processes created by running VMs and the structure and identity of VMs, ancillary files and associated artifacts.