首页 > 最新文献

Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles最新文献

英文 中文
Scalable consistency in Scatter 在Scatter中扩展一致性
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043559
Lisa Glendenning, Ivan Beschastnikh, A. Krishnamurthy, T. Anderson
Distributed storage systems often trade off strong semantics for improved scalability. This paper describes the design, implementation, and evaluation of Scatter, a scalable and consistent distributed key-value storage system. Scatter adopts the highly decentralized and self-organizing structure of scalable peer-to-peer systems, while preserving linearizable consistency even under adverse circumstances. Our prototype implementation demonstrates that even with very short node lifetimes, it is possible to build a scalable and consistent system with practical performance.
分布式存储系统经常为了提高可伸缩性而牺牲强语义。本文描述了一个可扩展的、一致的分布式键值存储系统Scatter的设计、实现和评估。Scatter采用可扩展点对点系统的高度去中心化和自组织结构,即使在不利情况下也能保持线性一致性。我们的原型实现表明,即使节点生命周期非常短,也可以构建具有实际性能的可扩展且一致的系统。
{"title":"Scalable consistency in Scatter","authors":"Lisa Glendenning, Ivan Beschastnikh, A. Krishnamurthy, T. Anderson","doi":"10.1145/2043556.2043559","DOIUrl":"https://doi.org/10.1145/2043556.2043559","url":null,"abstract":"Distributed storage systems often trade off strong semantics for improved scalability. This paper describes the design, implementation, and evaluation of Scatter, a scalable and consistent distributed key-value storage system. Scatter adopts the highly decentralized and self-organizing structure of scalable peer-to-peer systems, while preserving linearizable consistency even under adverse circumstances. Our prototype implementation demonstrates that even with very short node lifetimes, it is possible to build a scalable and consistent system with practical performance.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"26 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83572653","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 169
An empirical study on configuration errors in commercial and open source systems 商业和开源系统中配置错误的实证研究
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043572
Zuoning Yin, Xiao Ma, Jing Zheng, Yuanyuan Zhou, Lakshmi N. Bairavasundaram, S. Pasupathy
Configuration errors (i.e., misconfigurations) are among the dominant causes of system failures. Their importance has inspired many research efforts on detecting, diagnosing, and fixing misconfigurations; such research would benefit greatly from a real-world characteristic study on misconfigurations. Unfortunately, few such studies have been conducted in the past, primarily because historical misconfigurations usually have not been recorded rigorously in databases. In this work, we undertake one of the first attempts to conduct a real-world misconfiguration characteristic study. We study a total of 546 real world misconfigurations, including 309 misconfigurations from a commercial storage system deployed at thousands of customers, and 237 from four widely used open source systems (CentOS, MySQL, Apache HTTP Server, and OpenLDAP). Some of our major findings include: (1) A majority of misconfigurations (70.0%~85.5%) are due to mistakes in setting configuration parameters; however, a significant number of misconfigurations are due to compatibility issues or component configurations (i.e., not parameter-related). (2) 38.1%~53.7% of parameter mistakes are caused by illegal parameters that clearly violate some format or rules, motivating the use of an automatic configuration checker to detect these misconfigurations. (3) A significant percentage (12.2%~29.7%) of parameter-based mistakes are due to inconsistencies between different parameter values. (4) 21.7%~57.3% of the misconfigurations involve configurations external to the examined system, some even on entirely different hosts. (5) A significant portion of misconfigurations can cause hard-to-diagnose failures, such as crashes, hangs, or severe performance degradation, indicating that systems should be better-equipped to handle misconfigurations.
配置错误(即配置错误)是导致系统故障的主要原因之一。它们的重要性激发了许多关于检测、诊断和修复错误配置的研究;这种研究将极大地受益于对错误配置的真实特征研究。不幸的是,过去很少进行这样的研究,主要是因为历史上的错误配置通常没有严格记录在数据库中。在这项工作中,我们进行了第一次尝试进行现实世界的错误配置特征研究。我们总共研究了546个实际错误配置,其中309个错误配置来自部署在数千个客户上的商业存储系统,237个错误配置来自四个广泛使用的开源系统(CentOS、MySQL、Apache HTTP Server和OpenLDAP)。主要研究结果包括:(1)大多数配置错误(70.0%~85.5%)是由于配置参数设置错误造成的;然而,大量的错误配置是由于兼容性问题或组件配置(即,与参数无关)。(2) 38.1%~53.7%的参数错误是由非法参数引起的,这些参数明显违反了某些格式或规则,需要使用自动配置检查器来检测这些错误配置。(3) 12.2%~29.7%的参数错误是由于不同参数值不一致造成的。(4) 21.7%~57.3%的错误配置涉及被检查系统外部的配置,有些甚至是在完全不同的主机上。(5)很大一部分错误配置会导致难以诊断的故障,例如崩溃、挂起或严重的性能下降,这表明系统应该更好地处理错误配置。
{"title":"An empirical study on configuration errors in commercial and open source systems","authors":"Zuoning Yin, Xiao Ma, Jing Zheng, Yuanyuan Zhou, Lakshmi N. Bairavasundaram, S. Pasupathy","doi":"10.1145/2043556.2043572","DOIUrl":"https://doi.org/10.1145/2043556.2043572","url":null,"abstract":"Configuration errors (i.e., misconfigurations) are among the dominant causes of system failures. Their importance has inspired many research efforts on detecting, diagnosing, and fixing misconfigurations; such research would benefit greatly from a real-world characteristic study on misconfigurations. Unfortunately, few such studies have been conducted in the past, primarily because historical misconfigurations usually have not been recorded rigorously in databases. In this work, we undertake one of the first attempts to conduct a real-world misconfiguration characteristic study. We study a total of 546 real world misconfigurations, including 309 misconfigurations from a commercial storage system deployed at thousands of customers, and 237 from four widely used open source systems (CentOS, MySQL, Apache HTTP Server, and OpenLDAP). Some of our major findings include: (1) A majority of misconfigurations (70.0%~85.5%) are due to mistakes in setting configuration parameters; however, a significant number of misconfigurations are due to compatibility issues or component configurations (i.e., not parameter-related). (2) 38.1%~53.7% of parameter mistakes are caused by illegal parameters that clearly violate some format or rules, motivating the use of an automatic configuration checker to detect these misconfigurations. (3) A significant percentage (12.2%~29.7%) of parameter-based mistakes are due to inconsistencies between different parameter values. (4) 21.7%~57.3% of the misconfigurations involve configurations external to the examined system, some even on entirely different hosts. (5) A significant portion of misconfigurations can cause hard-to-diagnose failures, such as crashes, hangs, or severe performance degradation, indicating that systems should be better-equipped to handle misconfigurations.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"146 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80571374","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 263
CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization CloudVisor:通过嵌套虚拟化改进多租户云中虚拟机的保护
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043576
Fengzhe Zhang, Jin Chen, Haibo Chen, B. Zang
Multi-tenant cloud, which usually leases resources in the form of virtual machines, has been commercially available for years. Unfortunately, with the adoption of commodity virtualized infrastructures, software stacks in typical multi-tenant clouds are non-trivially large and complex, and thus are prone to compromise or abuse from adversaries including the cloud operators, which may lead to leakage of security-sensitive data. In this paper, we propose a transparent, backward-compatible approach that protects the privacy and integrity of customers' virtual machines on commodity virtualized infrastructures, even facing a total compromise of the virtual machine monitor (VMM) and the management VM. The key of our approach is the separation of the resource management from security protection in the virtualization layer. A tiny security monitor is introduced underneath the commodity VMM using nested virtualization and provides protection to the hosted VMs. As a result, our approach allows virtualization software (e.g., VMM, management VM and tools) to handle complex tasks of managing leased VMs for the cloud, without breaking security of users' data inside the VMs. We have implemented a prototype by leveraging commercially-available hardware support for virtualization. The prototype system, called CloudVisor, comprises only 5.5K LOCs and supports the Xen VMM with multiple Linux and Windows as the guest OSes. Performance evaluation shows that CloudVisor incurs moderate slow-down for I/O intensive applications and very small slowdown for other applications.
多租户云,通常以虚拟机的形式租赁资源,已经在商业上可用多年了。不幸的是,随着商品虚拟化基础设施的采用,典型的多租户云中的软件堆栈非常庞大和复杂,因此容易受到包括云运营商在内的对手的破坏或滥用,这可能导致安全敏感数据的泄漏。在本文中,我们提出了一种透明的、向后兼容的方法,即使面临虚拟机监视器(VMM)和管理虚拟机的完全妥协,也可以保护商品虚拟化基础设施上客户虚拟机的隐私和完整性。我们的方法的关键是将虚拟化层中的资源管理与安全保护分离开来。在商品VMM下面引入了一个使用嵌套虚拟化的小型安全监视器,并为托管的虚拟机提供保护。因此,我们的方法允许虚拟化软件(例如,VMM,管理虚拟机和工具)处理管理云租用虚拟机的复杂任务,而不会破坏虚拟机内用户数据的安全性。我们已经通过利用商业上可用的虚拟化硬件支持实现了一个原型。原型系统名为CloudVisor,仅包含5.5K loc,支持Xen VMM,并将多个Linux和Windows作为客户机操作系统。性能评估表明,CloudVisor对于I/O密集型应用程序会导致适度的减速,而对于其他应用程序则会导致非常小的减速。
{"title":"CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization","authors":"Fengzhe Zhang, Jin Chen, Haibo Chen, B. Zang","doi":"10.1145/2043556.2043576","DOIUrl":"https://doi.org/10.1145/2043556.2043576","url":null,"abstract":"Multi-tenant cloud, which usually leases resources in the form of virtual machines, has been commercially available for years. Unfortunately, with the adoption of commodity virtualized infrastructures, software stacks in typical multi-tenant clouds are non-trivially large and complex, and thus are prone to compromise or abuse from adversaries including the cloud operators, which may lead to leakage of security-sensitive data. In this paper, we propose a transparent, backward-compatible approach that protects the privacy and integrity of customers' virtual machines on commodity virtualized infrastructures, even facing a total compromise of the virtual machine monitor (VMM) and the management VM. The key of our approach is the separation of the resource management from security protection in the virtualization layer. A tiny security monitor is introduced underneath the commodity VMM using nested virtualization and provides protection to the hosted VMs. As a result, our approach allows virtualization software (e.g., VMM, management VM and tools) to handle complex tasks of managing leased VMs for the cloud, without breaking security of users' data inside the VMs. We have implemented a prototype by leveraging commercially-available hardware support for virtualization. The prototype system, called CloudVisor, comprises only 5.5K LOCs and supports the Xen VMM with multiple Linux and Windows as the guest OSes. Performance evaluation shows that CloudVisor incurs moderate slow-down for I/O intensive applications and very small slowdown for other applications.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"6 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86644682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 412
Logical attestation: an authorization architecture for trustworthy computing 逻辑认证:用于可信计算的授权体系结构
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043580
E. G. Sirer, W. D. Bruijn, Patrick Reynolds, Alan Shieh, Kevin Walsh, Dan Williams, F. Schneider
This paper describes the design and implementation of a new operating system authorization architecture to support trustworthy computing. Called logical attestation, this architecture provides a sound framework for reasoning about run time behavior of applications. Logical attestation is based on attributable, unforgeable statements about program properties, expressed in a logic. These statements are suitable for mechanical processing, proof construction, and verification; they can serve as credentials, support authorization based on expressive authorization policies, and enable remote principals to trust software components without restricting the local user's choice of binary implementations. We have implemented logical attestation in a new operating system called the Nexus. The Nexus executes natively on x86 platforms equipped with secure coprocessors. It supports both native Linux applications and uses logical attestation to support new trustworthy-computing applications. When deployed on a trustworthy cloud-computing stack, logical attestation is efficient, achieves high-performance, and can run applications that provide qualitative guarantees not possible with existing modes of attestation.
本文描述了一种支持可信计算的新的操作系统授权体系结构的设计和实现。这种体系结构被称为逻辑认证,它为推断应用程序的运行时行为提供了一个可靠的框架。逻辑认证基于用逻辑表示的关于程序属性的可归属的、不可伪造的声明。这些表述适用于机械加工、证明施工、验证;它们可以用作凭证,支持基于表达性授权策略的授权,并使远程主体能够信任软件组件,而不限制本地用户对二进制实现的选择。我们在名为Nexus的新操作系统中实现了逻辑认证。Nexus在配备安全协处理器的x86平台上本地执行。它既支持本地Linux应用程序,又使用逻辑证明来支持新的可信计算应用程序。当部署在可信的云计算堆栈上时,逻辑认证是高效的,可以实现高性能,并且可以运行提供现有认证模式无法提供的定性保证的应用程序。
{"title":"Logical attestation: an authorization architecture for trustworthy computing","authors":"E. G. Sirer, W. D. Bruijn, Patrick Reynolds, Alan Shieh, Kevin Walsh, Dan Williams, F. Schneider","doi":"10.1145/2043556.2043580","DOIUrl":"https://doi.org/10.1145/2043556.2043580","url":null,"abstract":"This paper describes the design and implementation of a new operating system authorization architecture to support trustworthy computing. Called logical attestation, this architecture provides a sound framework for reasoning about run time behavior of applications. Logical attestation is based on attributable, unforgeable statements about program properties, expressed in a logic. These statements are suitable for mechanical processing, proof construction, and verification; they can serve as credentials, support authorization based on expressive authorization policies, and enable remote principals to trust software components without restricting the local user's choice of binary implementations. We have implemented logical attestation in a new operating system called the Nexus. The Nexus executes natively on x86 platforms equipped with secure coprocessors. It supports both native Linux applications and uses logical attestation to support new trustworthy-computing applications. When deployed on a trustworthy cloud-computing stack, logical attestation is efficient, achieves high-performance, and can run applications that provide qualitative guarantees not possible with existing modes of attestation.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"2 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74401224","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 88
CryptDB: protecting confidentiality with encrypted query processing CryptDB:通过加密的查询处理来保护机密性
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043566
R. A. Popa, Catherine M. S. Redfield, N. Zeldovich, H. Balakrishnan
Online applications are vulnerable to theft of sensitive information because adversaries can exploit software bugs to gain access to private data, and because curious or malicious administrators may capture and leak data. CryptDB is a system that provides practical and provable confidentiality in the face of these attacks for applications backed by SQL databases. It works by executing SQL queries over encrypted data using a collection of efficient SQL-aware encryption schemes. CryptDB can also chain encryption keys to user passwords, so that a data item can be decrypted only by using the password of one of the users with access to that data. As a result, a database administrator never gets access to decrypted data, and even if all servers are compromised, an adversary cannot decrypt the data of any user who is not logged in. An analysis of a trace of 126 million SQL queries from a production MySQL server shows that CryptDB can support operations over encrypted data for 99.5% of the 128,840 columns seen in the trace. Our evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL. Chaining encryption keys to user passwords requires 11--13 unique schema annotations to secure more than 20 sensitive fields and 2--7 lines of source code changes for three multi-user web applications.
在线应用程序容易受到敏感信息被盗的攻击,因为攻击者可以利用软件漏洞来访问私有数据,而且好奇或恶意的管理员可能会捕获并泄露数据。面对这些攻击,CryptDB是一个为SQL数据库支持的应用程序提供实用且可证明的机密性的系统。它的工作原理是使用一组高效的SQL感知加密方案对加密数据执行SQL查询。CryptDB还可以将加密密钥链到用户密码上,这样就可以仅通过使用对该数据具有访问权限的用户之一的密码来解密数据项。因此,数据库管理员永远无法访问解密的数据,即使所有服务器都受到威胁,攻击者也无法解密任何未登录用户的数据。对来自生产MySQL服务器的1.26亿个SQL查询的跟踪分析表明,在跟踪中看到的128,840列中,CryptDB可以支持99.5%的加密数据操作。我们的评估表明,与未修改的MySQL相比,CryptDB具有较低的开销,对于phpBB(一个web论坛应用程序)减少了14.5%的吞吐量,对于来自TPC-C的查询减少了26%。将加密密钥链接到用户密码需要11- 13个独特的模式注释来保护20多个敏感字段和2- 7行源代码更改,用于三个多用户web应用程序。
{"title":"CryptDB: protecting confidentiality with encrypted query processing","authors":"R. A. Popa, Catherine M. S. Redfield, N. Zeldovich, H. Balakrishnan","doi":"10.1145/2043556.2043566","DOIUrl":"https://doi.org/10.1145/2043556.2043566","url":null,"abstract":"Online applications are vulnerable to theft of sensitive information because adversaries can exploit software bugs to gain access to private data, and because curious or malicious administrators may capture and leak data. CryptDB is a system that provides practical and provable confidentiality in the face of these attacks for applications backed by SQL databases. It works by executing SQL queries over encrypted data using a collection of efficient SQL-aware encryption schemes. CryptDB can also chain encryption keys to user passwords, so that a data item can be decrypted only by using the password of one of the users with access to that data. As a result, a database administrator never gets access to decrypted data, and even if all servers are compromised, an adversary cannot decrypt the data of any user who is not logged in. An analysis of a trace of 126 million SQL queries from a production MySQL server shows that CryptDB can support operations over encrypted data for 99.5% of the 128,840 columns seen in the trace. Our evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL. Chaining encryption keys to user passwords requires 11--13 unique schema annotations to secure more than 20 sensitive fields and 2--7 lines of source code changes for three multi-user web applications.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"130 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80933638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1293
Transactional storage for geo-replicated systems 用于地理复制系统的事务性存储
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043592
Yair Sovran, Russell Power, M. Aguilera, Jinyang Li
We describe the design and implementation of Walter, a key-value store that supports transactions and replicates data across distant sites. A key feature behind Walter is a new property called Parallel Snapshot Isolation (PSI). PSI allows Walter to replicate data asynchronously, while providing strong guarantees within each site. PSI precludes write-write conflicts, so that developers need not worry about conflict-resolution logic. To prevent write-write conflicts and implement PSI, Walter uses two new and simple techniques: preferred sites and counting sets. We use Walter to build a social networking application and port a Twitter-like application.
我们将描述Walter的设计和实现,Walter是一个键值存储,支持跨远程站点的事务和复制数据。Walter背后的一个关键特性是称为并行快照隔离(PSI)的新属性。PSI允许Walter异步复制数据,同时在每个站点内提供强大的保证。PSI排除了write-write冲突,因此开发人员无需担心冲突解决逻辑。为了防止写-写冲突并实现PSI, Walter使用了两种新的简单技术:首选站点和计数集。我们使用Walter构建一个社交网络应用程序,并移植一个类似twitter的应用程序。
{"title":"Transactional storage for geo-replicated systems","authors":"Yair Sovran, Russell Power, M. Aguilera, Jinyang Li","doi":"10.1145/2043556.2043592","DOIUrl":"https://doi.org/10.1145/2043556.2043592","url":null,"abstract":"We describe the design and implementation of Walter, a key-value store that supports transactions and replicates data across distant sites. A key feature behind Walter is a new property called Parallel Snapshot Isolation (PSI). PSI allows Walter to replicate data asynchronously, while providing strong guarantees within each site. PSI precludes write-write conflicts, so that developers need not worry about conflict-resolution logic. To prevent write-write conflicts and implement PSI, Walter uses two new and simple techniques: preferred sites and counting sets. We use Walter to build a social networking application and port a Twitter-like application.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"12 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88717912","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 406
Windows Azure Storage: a highly available cloud storage service with strong consistency Windows Azure Storage:高可用性、高一致性的云存储服务
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043571
B. Calder, Ju Wang, Aaron Ogus, Niranjan Nilakantan, Arild Skjolsvold, Sam McKelvie, Yikang Xu, Shashwat Srivastav, Jiesheng Wu, Huseyin Simitci, Jaidev Haridas, Chakravarthy Uddaraju, H. Khatri, A. Edwards, Vaman Bedekar, Shane Mainali, Rafay Abbasi, Arpit Agarwal, Mian Fahim ul Haq, Muhammad Ikram ul Haq, Deepali Bhardwaj, Sowmya Dayanand, Anitha Adusumilli, Marvin McNett, S. Sankaran, Kavitha Manivannan, Leonidas Rigas
Windows Azure Storage (WAS) is a cloud storage system that provides customers the ability to store seemingly limitless amounts of data for any duration of time. WAS customers have access to their data from anywhere at any time and only pay for what they use and store. In WAS, data is stored durably using both local and geographic replication to facilitate disaster recovery. Currently, WAS storage comes in the form of Blobs (files), Tables (structured storage), and Queues (message delivery). In this paper, we describe the WAS architecture, global namespace, and data model, as well as its resource provisioning, load balancing, and replication systems.
Windows Azure存储(WAS)是一个云存储系统,它为客户提供了在任何时间内存储看似无限量的数据的能力。WAS用户可以随时随地访问他们的数据,只需为他们使用和存储的数据付费。在WAS中,使用本地和地理复制持久地存储数据,以促进灾难恢复。目前,WAS存储以blob(文件)、表(结构化存储)和队列(消息传递)的形式出现。在本文中,我们描述了WAS体系结构、全局命名空间和数据模型,以及它的资源供应、负载平衡和复制系统。
{"title":"Windows Azure Storage: a highly available cloud storage service with strong consistency","authors":"B. Calder, Ju Wang, Aaron Ogus, Niranjan Nilakantan, Arild Skjolsvold, Sam McKelvie, Yikang Xu, Shashwat Srivastav, Jiesheng Wu, Huseyin Simitci, Jaidev Haridas, Chakravarthy Uddaraju, H. Khatri, A. Edwards, Vaman Bedekar, Shane Mainali, Rafay Abbasi, Arpit Agarwal, Mian Fahim ul Haq, Muhammad Ikram ul Haq, Deepali Bhardwaj, Sowmya Dayanand, Anitha Adusumilli, Marvin McNett, S. Sankaran, Kavitha Manivannan, Leonidas Rigas","doi":"10.1145/2043556.2043571","DOIUrl":"https://doi.org/10.1145/2043556.2043571","url":null,"abstract":"Windows Azure Storage (WAS) is a cloud storage system that provides customers the ability to store seemingly limitless amounts of data for any duration of time. WAS customers have access to their data from anywhere at any time and only pay for what they use and store. In WAS, data is stored durably using both local and geographic replication to facilitate disaster recovery. Currently, WAS storage comes in the form of Blobs (files), Tables (structured storage), and Queues (message delivery). In this paper, we describe the WAS architecture, global namespace, and data model, as well as its resource provisioning, load balancing, and replication systems.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"2016 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87871982","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 866
Design implications for enterprise storage systems via multi-dimensional trace analysis 通过多维跟踪分析为企业存储系统设计含义
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043562
Yanpei Chen, Kiran Srinivasan, G. Goodson, R. Katz
Enterprise storage systems are facing enormous challenges due to increasing growth and heterogeneity of the data stored. Designing future storage systems requires comprehensive insights that existing trace analysis methods are ill-equipped to supply. In this paper, we seek to provide such insights by using a new methodology that leverages an objective, multi-dimensional statistical technique to extract data access patterns from network storage system traces. We apply our method on two large-scale real-world production network storage system traces to obtain comprehensive access patterns and design insights at user, application, file, and directory levels. We derive simple, easily implementable, threshold-based design optimizations that enable efficient data placement and capacity optimization strategies for servers, consolidation policies for clients, and improved caching performance for both.
由于存储数据的增长和异构性,企业存储系统面临着巨大的挑战。设计未来的存储系统需要全面的洞察力,现有的痕迹分析方法无法提供。在本文中,我们试图通过使用一种新的方法来提供这样的见解,该方法利用客观的多维统计技术从网络存储系统痕迹中提取数据访问模式。我们将我们的方法应用于两个大规模的实际生产网络存储系统跟踪,以获得用户、应用程序、文件和目录级别的全面访问模式和设计见解。我们推导出简单的、易于实现的、基于阈值的设计优化,这些优化为服务器提供了有效的数据放置和容量优化策略,为客户端提供了整合策略,并改进了两者的缓存性能。
{"title":"Design implications for enterprise storage systems via multi-dimensional trace analysis","authors":"Yanpei Chen, Kiran Srinivasan, G. Goodson, R. Katz","doi":"10.1145/2043556.2043562","DOIUrl":"https://doi.org/10.1145/2043556.2043562","url":null,"abstract":"Enterprise storage systems are facing enormous challenges due to increasing growth and heterogeneity of the data stored. Designing future storage systems requires comprehensive insights that existing trace analysis methods are ill-equipped to supply. In this paper, we seek to provide such insights by using a new methodology that leverages an objective, multi-dimensional statistical technique to extract data access patterns from network storage system traces. We apply our method on two large-scale real-world production network storage system traces to obtain comprehensive access patterns and design insights at user, application, file, and directory levels. We derive simple, easily implementable, threshold-based design optimizations that enable efficient data placement and capacity optimization strategies for servers, consolidation policies for clients, and improved caching performance for both.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90836457","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 75
Practical software model checking via dynamic interface reduction 基于动态界面约简的实用软件模型检验
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043582
Huayang Guo, Ming Wu, Lidong Zhou, Gang Hu, Junfeng Yang, Lintao Zhang
Implementation-level software model checking explores the state space of a system implementation directly to find potential software defects without requiring any specification or modeling. Despite early successes, the effectiveness of this approach remains severely constrained due to poor scalability caused by state-space explosion. DeMeter makes software model checking more practical with the following contributions: (i) proposing dynamic interface reduction, a new state-space reduction technique, (ii) introducing a framework that enables dynamic interface reduction in an existing model checker with a reasonable amount of effort, and (iii) providing the framework with a distributed runtime engine that supports parallel distributed model checking. We have integrated DeMeter into two existing model checkers, MaceMC and MoDist, each involving changes of around 1,000 lines of code. Compared to the original MaceMC and MoDist model checkers, our experiments have shown state-space reduction from a factor of five to up to five orders of magnitude in representative distributed applications such as Paxos, Berkeley DB, Chord, and Pastry. As a result, when applied to a deployed Paxos implementation, which has been running in production data centers for years to manage tens of thousands of machines, DeMeter manages to explore completely a logically meaningful state space that covers both phases of the Paxos protocol, offering higher assurance of software reliability that was not possible before.
实现级软件模型检查直接探索系统实现的状态空间,以发现潜在的软件缺陷,而不需要任何规范或建模。尽管早期取得了成功,但由于状态空间爆炸导致的可伸缩性差,这种方法的有效性仍然受到严重限制。DeMeter通过以下贡献使软件模型检查更加实用:(i)提出了动态接口减少,一种新的状态空间减少技术,(ii)引入了一个框架,可以在现有的模型检查器中使用合理的工作量进行动态接口减少,(iii)为框架提供了一个支持并行分布式模型检查的分布式运行时引擎。我们已经将DeMeter集成到两个现有的模型检查器MaceMC和MoDist中,每个都涉及大约1000行代码的更改。与最初的MaceMC和MoDist模型检查器相比,我们的实验表明,在代表性的分布式应用程序(如Paxos、Berkeley DB、Chord和Pastry)中,状态空间从5个因子减少到最多5个数量级。因此,当应用于已部署的Paxos实现时(该实现已在生产数据中心中运行多年,以管理数万台机器),DeMeter能够完全探索逻辑上有意义的状态空间,涵盖Paxos协议的两个阶段,从而提供以前无法实现的更高的软件可靠性保证。
{"title":"Practical software model checking via dynamic interface reduction","authors":"Huayang Guo, Ming Wu, Lidong Zhou, Gang Hu, Junfeng Yang, Lintao Zhang","doi":"10.1145/2043556.2043582","DOIUrl":"https://doi.org/10.1145/2043556.2043582","url":null,"abstract":"Implementation-level software model checking explores the state space of a system implementation directly to find potential software defects without requiring any specification or modeling. Despite early successes, the effectiveness of this approach remains severely constrained due to poor scalability caused by state-space explosion. DeMeter makes software model checking more practical with the following contributions: (i) proposing dynamic interface reduction, a new state-space reduction technique, (ii) introducing a framework that enables dynamic interface reduction in an existing model checker with a reasonable amount of effort, and (iii) providing the framework with a distributed runtime engine that supports parallel distributed model checking. We have integrated DeMeter into two existing model checkers, MaceMC and MoDist, each involving changes of around 1,000 lines of code. Compared to the original MaceMC and MoDist model checkers, our experiments have shown state-space reduction from a factor of five to up to five orders of magnitude in representative distributed applications such as Paxos, Berkeley DB, Chord, and Pastry. As a result, when applied to a deployed Paxos implementation, which has been running in production data centers for years to manage tens of thousands of machines, DeMeter manages to explore completely a logically meaningful state space that covers both phases of the Paxos protocol, offering higher assurance of software reliability that was not possible before.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"63 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80780170","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 101
Pervasive detection of process races in deployed systems 在已部署系统中普遍检测进程竞争
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043589
Oren Laadan, N. Viennot, Chia-che Tsai, C. Blinn, Junfeng Yang, Jason Nieh
Process races occur when multiple processes access shared operating system resources, such as files, without proper synchronization. We present the first study of real process races and the first system designed to detect them. Our study of hundreds of applications shows that process races are numerous, difficult to debug, and a real threat to reliability. To address this problem, we created RacePro, a system for automatically detecting these races. RacePro checks deployed systems in-vivo by recording live executions then deterministically replaying and checking them later. This approach increases checking coverage beyond the configurations or executions covered by software vendors or beta testing sites. RacePro records multiple processes, detects races in the recording among system calls that may concurrently access shared kernel objects, then tries different execution orderings of such system calls to determine which races are harmful and result in failures. To simplify race detection, RacePro models under-specified system calls based on load and store micro-operations. To reduce false positives and negatives, RacePro uses a replay and go-live mechanism to distill harmful races from benign ones. We have implemented RacePro in Linux, shown that it imposes only modest recording overhead, and used it to detect a number of previously unknown bugs in real applications caused by process races.
当多个进程在没有适当同步的情况下访问共享的操作系统资源(如文件)时,就会出现进程竞争。我们提出了第一个真正的过程竞争的研究和第一个系统设计来检测他们。我们对数百个应用程序的研究表明,进程竞争非常多,难以调试,并且对可靠性构成了真正的威胁。为了解决这个问题,我们创建了RacePro,一个自动检测这些比赛的系统。RacePro通过记录实时执行来检查部署的系统,然后确定地重播并稍后检查它们。这种方法增加了检查的覆盖范围,超出了软件供应商或beta测试站点所覆盖的配置或执行。RacePro记录多个进程,检测可能并发访问共享内核对象的系统调用之间的竞争记录,然后尝试这些系统调用的不同执行顺序,以确定哪些竞争是有害的并导致失败。为了简化竞争检测,RacePro基于加载和存储微操作对未指定的系统调用进行建模。为了减少假阳性和假阴性,RacePro使用了一种回放和上线机制,从良性种族中提取有害种族。我们已经在Linux中实现了RacePro,显示了它只施加了适度的记录开销,并使用它来检测由进程竞争引起的实际应用程序中许多以前未知的错误。
{"title":"Pervasive detection of process races in deployed systems","authors":"Oren Laadan, N. Viennot, Chia-che Tsai, C. Blinn, Junfeng Yang, Jason Nieh","doi":"10.1145/2043556.2043589","DOIUrl":"https://doi.org/10.1145/2043556.2043589","url":null,"abstract":"Process races occur when multiple processes access shared operating system resources, such as files, without proper synchronization. We present the first study of real process races and the first system designed to detect them. Our study of hundreds of applications shows that process races are numerous, difficult to debug, and a real threat to reliability. To address this problem, we created RacePro, a system for automatically detecting these races. RacePro checks deployed systems in-vivo by recording live executions then deterministically replaying and checking them later. This approach increases checking coverage beyond the configurations or executions covered by software vendors or beta testing sites. RacePro records multiple processes, detects races in the recording among system calls that may concurrently access shared kernel objects, then tries different execution orderings of such system calls to determine which races are harmful and result in failures. To simplify race detection, RacePro models under-specified system calls based on load and store micro-operations. To reduce false positives and negatives, RacePro uses a replay and go-live mechanism to distill harmful races from benign ones. We have implemented RacePro in Linux, shown that it imposes only modest recording overhead, and used it to detect a number of previously unknown bugs in real applications caused by process races.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"59 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85778697","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 37
期刊
Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1