首页 > 最新文献

Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles最新文献

英文 中文
Fast crash recovery in RAMCloud 快速崩溃恢复在RAMCloud
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043560
Diego Ongaro, Stephen M. Rumble, Ryan Stutsman, J. Ousterhout, M. Rosenblum
RAMCloud is a DRAM-based storage system that provides inexpensive durability and availability by recovering quickly after crashes, rather than storing replicas in DRAM. RAMCloud scatters backup data across hundreds or thousands of disks, and it harnesses hundreds of servers in parallel to reconstruct lost data. The system uses a log-structured approach for all its data, in DRAM as well as on disk: this provides high performance both during normal operation and during recovery. RAMCloud employs randomized techniques to manage the system in a scalable and decentralized fashion. In a 60-node cluster, RAMCloud recovers 35 GB of data from a failed server in 1.6 seconds. Our measurements suggest that the approach will scale to recover larger memory sizes (64 GB or more) in less time with larger clusters.
RAMCloud是一种基于DRAM的存储系统,它通过在崩溃后快速恢复提供廉价的持久性和可用性,而不是将副本存储在DRAM中。RAMCloud将备份数据分散在数百或数千个磁盘上,并并行利用数百台服务器来重建丢失的数据。该系统对其所有数据使用日志结构方法,存储在DRAM和磁盘上:这在正常操作和恢复期间都提供了高性能。RAMCloud采用随机化技术以可扩展和分散的方式管理系统。在60个节点的集群中,RAMCloud在1.6秒内从故障服务器恢复35gb的数据。我们的测量表明,该方法可以在更大的集群中在更短的时间内恢复更大的内存大小(64 GB或更多)。
{"title":"Fast crash recovery in RAMCloud","authors":"Diego Ongaro, Stephen M. Rumble, Ryan Stutsman, J. Ousterhout, M. Rosenblum","doi":"10.1145/2043556.2043560","DOIUrl":"https://doi.org/10.1145/2043556.2043560","url":null,"abstract":"RAMCloud is a DRAM-based storage system that provides inexpensive durability and availability by recovering quickly after crashes, rather than storing replicas in DRAM. RAMCloud scatters backup data across hundreds or thousands of disks, and it harnesses hundreds of servers in parallel to reconstruct lost data. The system uses a log-structured approach for all its data, in DRAM as well as on disk: this provides high performance both during normal operation and during recovery. RAMCloud employs randomized techniques to manage the system in a scalable and decentralized fashion. In a 60-node cluster, RAMCloud recovers 35 GB of data from a failed server in 1.6 seconds. Our measurements suggest that the approach will scale to recover larger memory sizes (64 GB or more) in less time with larger clusters.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"11 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82305982","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 375
Cells: a virtual mobile smartphone architecture cell:一种虚拟的移动智能手机架构
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043574
Jeremy Andrus, Chris Dall, Alexander Van't Hof, Oren Laadan, Jason Nieh
Smartphones are increasingly ubiquitous, and many users carry multiple phones to accommodate work, personal, and geographic mobility needs. We present Cells, a virtualization architecture for enabling multiple virtual smartphones to run simultaneously on the same physical cellphone in an isolated, secure manner. Cells introduces a usage model of having one foreground virtual phone and multiple background virtual phones. This model enables a new device namespace mechanism and novel device proxies that integrate with lightweight operating system virtualization to multiplex phone hardware across multiple virtual phones while providing native hardware device performance. Cells virtual phone features include fully accelerated 3D graphics, complete power, management features, and full telephony functionality with separately assignable telephone numbers and caller ID support. We have implemented a prototype of Cells that supports multiple Android virtual phones on the same phone. Our performance results demonstrate that Cells imposes only modest runtime and memory overhead, works seamlessly across multiple hardware devices including Google Nexus 1 and Nexus S phones, and transparently runs Android applications at native speed without any modifications.
智能手机越来越普遍,许多用户携带多部手机,以适应工作、个人和地理上的移动需求。我们提出了Cells,这是一种虚拟化架构,可以使多个虚拟智能手机以隔离、安全的方式同时运行在同一个物理手机上。cell介绍了一个前台虚拟电话和多个后台虚拟电话的使用模型。该模型支持新的设备命名空间机制和新颖的设备代理,它们与轻量级操作系统虚拟化集成在一起,可以跨多个虚拟电话复用电话硬件,同时提供本机硬件设备性能。cell虚拟电话功能包括完全加速的3D图形,完整的电源,管理功能和完整的电话功能,可单独分配电话号码和来电显示支持。我们已经实现了cell的原型,它支持同一部手机上的多个Android虚拟电话。我们的性能结果表明,Cells仅施加适度的运行时和内存开销,可以无缝地跨多种硬件设备(包括Google Nexus 1和Nexus S手机)运行,并且无需任何修改即可以本机速度运行Android应用程序。
{"title":"Cells: a virtual mobile smartphone architecture","authors":"Jeremy Andrus, Chris Dall, Alexander Van't Hof, Oren Laadan, Jason Nieh","doi":"10.1145/2043556.2043574","DOIUrl":"https://doi.org/10.1145/2043556.2043574","url":null,"abstract":"Smartphones are increasingly ubiquitous, and many users carry multiple phones to accommodate work, personal, and geographic mobility needs. We present Cells, a virtualization architecture for enabling multiple virtual smartphones to run simultaneously on the same physical cellphone in an isolated, secure manner. Cells introduces a usage model of having one foreground virtual phone and multiple background virtual phones. This model enables a new device namespace mechanism and novel device proxies that integrate with lightweight operating system virtualization to multiplex phone hardware across multiple virtual phones while providing native hardware device performance. Cells virtual phone features include fully accelerated 3D graphics, complete power, management features, and full telephony functionality with separately assignable telephone numbers and caller ID support. We have implemented a prototype of Cells that supports multiple Android virtual phones on the same phone. Our performance results demonstrate that Cells imposes only modest runtime and memory overhead, works seamlessly across multiple hardware devices including Google Nexus 1 and Nexus S phones, and transparently runs Android applications at native speed without any modifications.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"44 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82262469","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 236
Secure network provenance 安全的网络来源
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043584
Wenchao Zhou, Qiong Fei, Arjun Narayan, Andreas Haeberlen, B. T. Loo, M. Sherr
This paper introduces secure network provenance (SNP), a novel technique that enables networked systems to explain to their operators why they are in a certain state -- e.g., why a suspicious routing table entry is present on a certain router, or where a given cache entry originated. SNP provides network forensics capabilities by permitting operators to track down faulty or misbehaving nodes, and to assess the damage such nodes may have caused to the rest of the system. SNP is designed for adversarial settings and is robust to manipulation; its tamper-evident properties ensure that operators can detect when compromised nodes lie or falsely implicate correct nodes. We also present the design of SNooPy, a general-purpose SNP system. To demonstrate that SNooPy is practical, we apply it to three example applications: the Quagga BGP daemon, a declarative implementation of Chord, and Hadoop MapReduce. Our results indicate that SNooPy can efficiently explain state in an adversarial setting, that it can be applied with minimal effort, and that its costs are low enough to be practical.
本文介绍了安全网络溯源(SNP),这是一种新技术,它使网络系统能够向运营商解释为什么它们处于某种状态——例如,为什么在某个路由器上存在可疑的路由表项,或者给定的缓存项来自何处。SNP通过允许运营商跟踪故障或行为不端的节点,并评估这些节点可能对系统其余部分造成的损害,从而提供网络取证功能。SNP是为对抗环境设计的,对操纵具有鲁棒性;它的防篡改特性确保操作人员可以检测到受损节点是否存在或错误地牵连正确节点。我们还介绍了通用SNP系统SNooPy的设计。为了证明SNooPy是实用的,我们将其应用于三个示例应用程序:Quagga BGP守护进程、Chord的声明性实现和Hadoop MapReduce。我们的研究结果表明,SNooPy可以在对抗环境中有效地解释状态,它可以以最小的努力应用,并且它的成本足够低,具有实用性。
{"title":"Secure network provenance","authors":"Wenchao Zhou, Qiong Fei, Arjun Narayan, Andreas Haeberlen, B. T. Loo, M. Sherr","doi":"10.1145/2043556.2043584","DOIUrl":"https://doi.org/10.1145/2043556.2043584","url":null,"abstract":"This paper introduces secure network provenance (SNP), a novel technique that enables networked systems to explain to their operators why they are in a certain state -- e.g., why a suspicious routing table entry is present on a certain router, or where a given cache entry originated. SNP provides network forensics capabilities by permitting operators to track down faulty or misbehaving nodes, and to assess the damage such nodes may have caused to the rest of the system. SNP is designed for adversarial settings and is robust to manipulation; its tamper-evident properties ensure that operators can detect when compromised nodes lie or falsely implicate correct nodes. We also present the design of SNooPy, a general-purpose SNP system. To demonstrate that SNooPy is practical, we apply it to three example applications: the Quagga BGP daemon, a declarative implementation of Chord, and Hadoop MapReduce. Our results indicate that SNooPy can efficiently explain state in an adversarial setting, that it can be applied with minimal effort, and that its costs are low enough to be practical.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"58 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83722658","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 155
PTask: operating system abstractions to manage GPUs as compute devices PTask:将gpu作为计算设备进行管理的操作系统抽象
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043579
C. Rossbach, J. Currey, M. Silberstein, Baishakhi Ray, E. Witchel
We propose a new set of OS abstractions to support GPUs and other accelerator devices as first class computing resources. These new abstractions, collectively called the PTask API, support a dataflow programming model. Because a PTask graph consists of OS-managed objects, the kernel has sufficient visibility and control to provide system-wide guarantees like fairness and performance isolation, and can streamline data movement in ways that are impossible under current GPU programming models. Our experience developing the PTask API, along with a gestural interface on Windows 7 and a FUSE-based encrypted file system on Linux show that the PTask API can provide important system-wide guarantees where there were previously none, and can enable significant performance improvements, for example gaining a 5× improvement in maximum throughput for the gestural interface.
我们提出了一套新的操作系统抽象,以支持gpu和其他加速器设备作为一流的计算资源。这些新的抽象统称为PTask API,它们支持数据流编程模型。因为PTask图由操作系统管理的对象组成,内核有足够的可见性和控制权来提供系统范围的保证,如公平性和性能隔离,并且可以以当前GPU编程模型不可能的方式简化数据移动。我们开发PTask API,以及Windows 7上的手势接口和Linux上基于fuse的加密文件系统的经验表明,PTask API可以提供以前没有的重要的系统范围保证,并且可以实现显着的性能改进,例如手势接口的最大吞吐量提高了5倍。
{"title":"PTask: operating system abstractions to manage GPUs as compute devices","authors":"C. Rossbach, J. Currey, M. Silberstein, Baishakhi Ray, E. Witchel","doi":"10.1145/2043556.2043579","DOIUrl":"https://doi.org/10.1145/2043556.2043579","url":null,"abstract":"We propose a new set of OS abstractions to support GPUs and other accelerator devices as first class computing resources. These new abstractions, collectively called the PTask API, support a dataflow programming model. Because a PTask graph consists of OS-managed objects, the kernel has sufficient visibility and control to provide system-wide guarantees like fairness and performance isolation, and can streamline data movement in ways that are impossible under current GPU programming models. Our experience developing the PTask API, along with a gestural interface on Windows 7 and a FUSE-based encrypted file system on Linux show that the PTask API can provide important system-wide guarantees where there were previously none, and can enable significant performance improvements, for example gaining a 5× improvement in maximum throughput for the gestural interface.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"27 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82082652","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 266
Session details: OS Architecture 会话详细信息:操作系统架构
N. Zeldovich
{"title":"Session details: OS Architecture","authors":"N. Zeldovich","doi":"10.1145/3247977","DOIUrl":"https://doi.org/10.1145/3247977","url":null,"abstract":"","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"8 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77368289","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Efficient deterministic multithreading through schedule relaxation 通过调度放松实现高效的确定性多线程
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043588
Heming Cui, Jingyue Wu, J. Gallagher, Huayang Guo, Junfeng Yang
Deterministic multithreading (DMT) eliminates many pernicious software problems caused by nondeterminism. It works by constraining a program to repeat the same thread interleavings, or schedules, when given same input. Despite much recent research, it remains an open challenge to build both deterministic and efficient DMT systems for general programs on commodity hardware. To deterministically resolve a data race, a DMT system must enforce a deterministic schedule of shared memory accesses, or mem-schedule, which can incur prohibitive overhead. By using schedules consisting only of synchronization operations, or sync-schedule, this overhead can be avoided. However, a sync-schedule is deterministic only for race-free programs, but most programs have races. Our key insight is that races tend to occur only within minor portions of an execution, and a dominant majority of the execution is still race-free. Thus, we can resort to a mem-schedule only for the "racy" portions and enforce a sync-schedule otherwise, combining the efficiency of sync-schedules and the determinism of mem-schedules. We call these combined schedules hybrid schedules. Based on this insight, we have built Peregrine, an efficient deterministic multithreading system. When a program first runs on an input, Peregrine records an execution trace. It then relaxes this trace into a hybrid schedule and reuses the schedule on future compatible inputs efficiently and deterministically. Peregrine further improves efficiency with two new techniques: determinism-preserving slicing to generalize a schedule to more inputs while preserving determinism, and schedule-guided simplification to precisely analyze a program according to a specific schedule. Our evaluation on a diverse set of programs shows that Peregrine is deterministic and efficient, and can frequently reuse schedules for half of the evaluated programs.
确定性多线程(DMT)消除了许多由不确定性引起的有害软件问题。它的工作原理是,当给定相同的输入时,约束程序重复相同的线程交织或调度。尽管最近有很多研究,但在商用硬件上为通用程序构建确定性和高效的DMT系统仍然是一个开放的挑战。为了确定地解决数据争用,DMT系统必须强制执行共享内存访问的确定性调度,或称为内存调度,这可能会导致过高的开销。通过使用只包含同步操作的调度或sync-schedule,可以避免这种开销。然而,同步调度只对没有竞争的程序是确定的,但大多数程序都有竞争。我们的主要见解是,种族倾向于只出现在执行的一小部分,而执行的绝大多数仍然是没有种族的。因此,我们可以将同步调度的效率和mems调度的确定性结合起来,只对“不稳定”的部分使用mems调度,而对其他部分使用同步调度。我们称这些组合时间表为混合时间表。基于这一见解,我们构建了Peregrine,一个高效的确定性多线程系统。当程序第一次在输入上运行时,Peregrine记录执行跟踪。然后,它将此跟踪放松为混合调度,并在未来兼容的输入上高效且确定地重用该调度。Peregrine进一步提高了效率,采用了两种新技术:保持确定性的切片技术,在保持确定性的同时将调度推广到更多的输入,以及计划引导简化技术,根据特定的调度精确地分析程序。我们对一组不同的程序的评估表明Peregrine是确定的和高效的,并且可以频繁地重用一半的评估程序的时间表。
{"title":"Efficient deterministic multithreading through schedule relaxation","authors":"Heming Cui, Jingyue Wu, J. Gallagher, Huayang Guo, Junfeng Yang","doi":"10.1145/2043556.2043588","DOIUrl":"https://doi.org/10.1145/2043556.2043588","url":null,"abstract":"Deterministic multithreading (DMT) eliminates many pernicious software problems caused by nondeterminism. It works by constraining a program to repeat the same thread interleavings, or schedules, when given same input. Despite much recent research, it remains an open challenge to build both deterministic and efficient DMT systems for general programs on commodity hardware. To deterministically resolve a data race, a DMT system must enforce a deterministic schedule of shared memory accesses, or mem-schedule, which can incur prohibitive overhead. By using schedules consisting only of synchronization operations, or sync-schedule, this overhead can be avoided. However, a sync-schedule is deterministic only for race-free programs, but most programs have races. Our key insight is that races tend to occur only within minor portions of an execution, and a dominant majority of the execution is still race-free. Thus, we can resort to a mem-schedule only for the \"racy\" portions and enforce a sync-schedule otherwise, combining the efficiency of sync-schedules and the determinism of mem-schedules. We call these combined schedules hybrid schedules. Based on this insight, we have built Peregrine, an efficient deterministic multithreading system. When a program first runs on an input, Peregrine records an execution trace. It then relaxes this trace into a hybrid schedule and reuses the schedule on future compatible inputs efficiently and deterministically. Peregrine further improves efficiency with two new techniques: determinism-preserving slicing to generalize a schedule to more inputs while preserving determinism, and schedule-guided simplification to precisely analyze a program according to a specific schedule. Our evaluation on a diverse set of programs shows that Peregrine is deterministic and efficient, and can frequently reuse schedules for half of the evaluated programs.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"11 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72717935","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 84
Session details: Threads and races 会话细节:线程和竞争
B. Ford
{"title":"Session details: Threads and races","authors":"B. Ford","doi":"10.1145/3247979","DOIUrl":"https://doi.org/10.1145/3247979","url":null,"abstract":"","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"9 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90086673","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Session details: Key-value 会话详细信息:Key-value
M. Theimer
{"title":"Session details: Key-value","authors":"M. Theimer","doi":"10.1145/3247972","DOIUrl":"https://doi.org/10.1145/3247972","url":null,"abstract":"","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"19 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82542953","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Atlantis: robust, extensible execution environments for web applications Atlantis:健壮的、可扩展的web应用程序执行环境
Pub Date : 2011-10-23 DOI: 10.1145/2043556.2043577
James W. Mickens, Mohan Dhawan
Today's web applications run inside a complex browser environment that is buggy, ill-specified, and implemented in different ways by different browsers. Thus, web applications that desire robustness must use a variety of conditional code paths and ugly hacks to deal with the vagaries of their runtime. Our new exokernel browser, called Atlantis, solves this problem by providing pages with an extensible execution environment. Atlantis defines a narrow API for basic services like collecting user input, exchanging network data, and rendering images. By composing these primitives, web pages can define custom, high-level execution environments. Thus, an application which does not want a dependence on Atlantis'predefined web stack can selectively redefine components of that stack, or define markup formats and scripting languages that look nothing like the current browser runtime. Unlike prior microkernel browsers like OP, and unlike compile-to-JavaScript frameworks like GWT, Atlantis is the first browsing system to truly minimize a web page's dependence on black box browser code. This makes it much easier to develop robust, secure web applications.
今天的web应用程序在一个复杂的浏览器环境中运行,这个环境有很多bug,没有明确的规定,并且由不同的浏览器以不同的方式实现。因此,要求健壮性的web应用程序必须使用各种条件代码路径和丑陋的hack来处理其运行时的变幻莫测。我们名为Atlantis的新exokernel浏览器通过为页面提供可扩展的执行环境来解决这个问题。Atlantis为收集用户输入、交换网络数据和渲染图像等基本服务定义了一个狭窄的API。通过组合这些原语,网页可以定义自定义的高级执行环境。因此,不希望依赖Atlantis预定义的web堆栈的应用程序可以选择性地重新定义该堆栈的组件,或者定义与当前浏览器运行时完全不同的标记格式和脚本语言。与之前的微内核浏览器(如OP)和编译到javascript框架(如GWT)不同,Atlantis是第一个真正减少网页对黑盒浏览器代码依赖的浏览系统。这使得开发健壮、安全的web应用程序变得更加容易。
{"title":"Atlantis: robust, extensible execution environments for web applications","authors":"James W. Mickens, Mohan Dhawan","doi":"10.1145/2043556.2043577","DOIUrl":"https://doi.org/10.1145/2043556.2043577","url":null,"abstract":"Today's web applications run inside a complex browser environment that is buggy, ill-specified, and implemented in different ways by different browsers. Thus, web applications that desire robustness must use a variety of conditional code paths and ugly hacks to deal with the vagaries of their runtime. Our new exokernel browser, called Atlantis, solves this problem by providing pages with an extensible execution environment. Atlantis defines a narrow API for basic services like collecting user input, exchanging network data, and rendering images. By composing these primitives, web pages can define custom, high-level execution environments. Thus, an application which does not want a dependence on Atlantis'predefined web stack can selectively redefine components of that stack, or define markup formats and scripting languages that look nothing like the current browser runtime. Unlike prior microkernel browsers like OP, and unlike compile-to-JavaScript frameworks like GWT, Atlantis is the first browsing system to truly minimize a web page's dependence on black box browser code. This makes it much easier to develop robust, secure web applications.","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"5 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88619887","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 26
Session details: Security 会话详细信息:安全性
Pub Date : 2011-10-23 DOI: 10.1145/1240624.3258885
A. Perrig
{"title":"Session details: Security","authors":"A. Perrig","doi":"10.1145/1240624.3258885","DOIUrl":"https://doi.org/10.1145/1240624.3258885","url":null,"abstract":"","PeriodicalId":20672,"journal":{"name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","volume":"44 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-10-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89763234","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1