Steve Muir
Abstract
Virtualised systems have experienced a resurgence in popularity in recent years, whether used to support multiple OSes running on a user's desktop, provide commercial application hosting facilities, or isolate a large number of users from each other in global network testbeds. We also see an increasing level of interest in having entities within these virtualised systems interact with each other, either as peers or as helpers providing a service to clients.Very little work has been previously conducted on how such interaction between virtualised environments can take place. We introduce Proper, a service running on the PlanetLab system, that allows unprivileged entities to access privileged operations in a safe, tightly controlled manner.This paper describes our work designing and implementing Proper, including a discussion of the various architectural decisions made. We describe how implementing such a system in a traditional UNIX environment is non-trivial, and provide a number of examples of how services running on PlanetLab actually use Proper.
- Debian APT tool ported to RedHat Linux. http://www.apt-get.org/.Google Scholar
- Barham, P., Dragovic, B., Fraser, K., Hand, S., Harris, T., Ho, A., Neugebauer, R., Pratt, I., and Warfield, A. Xen and the Art of Virtualization. In Proc. 19th SOSP (Lake George, NY, Oct 2003). Google ScholarDigital Library
- Bavier, A., Bowman, M., Culler, D., Chun, B., Karlin, S., Muir, S., and And, T. S. Operating System Support for Planetary-Scale Network Services. In Proc. 1st NSDI (San Francisco, CA, Mar. 2004). Google ScholarDigital Library
- ENSIM CORP. Ensim Virtual Private Server. http://www.ensim.com/products/privateservers/index.html.Google Scholar
- Ford, B., Hibler, M., Lepreau, J., McGrath, R., and Tullmann, P. Interface and Execution Models in the Fluke Kernel. In Proc. 3rd OSDI (New Orleans, LA, Feb 1999). Google ScholarDigital Library
- Fournet, C., and Gordon, A. D. Stack Inspection: Theory and Variants. In Proceedings of the 29th ACM Symposium on Principles of Programming Languages (Portland, OR, Jan 2002). Google ScholarDigital Library
- Garfinkel, T., Pfaff, B., and Rosenblum, M: Ostia: A Delegating Architecture for Secure System Call Interposition. In Proc. 2004 Symposium on Network and Distributed System Security (2004).Google Scholar
- Gong, L. Inside Java 2 Platform Security. Addison Wesley, 1999. Google ScholarDigital Library
- Jim, T., Morrisett, G., Grossman, D., and Hicks, M. Cyclone: A Safe Dialect of C. In Proc. USENIX '02 (Monterey, CA, Jun 2002). Google ScholarDigital Library
- Kamp, P.-H., and Watson, R. N. M. Jails: Confining the Omnipotent Root. In Proc. 2nd Int. SANE Conf. (Maastricht, The Netherlands, May 2000).Google Scholar
- Kotsovinos, E., Moreton, T., Pratt, I., Ross, R., Fraser, K., Hand, S., and Harris, T. Global-scale service deployment in the XenoServer platform. In Proc. of the 1st Workshop on Real, Large Distributed Systems (San Francisco, CA, Dec 2004).Google Scholar
- Leslie, I. M., McAuley, D., Black, R., Roscoe. T., Barham, P. T., Evers, D., Fairbairns, R., and Hyden, E. The Design and Implementation of an Operating System to Support Distributed Multimedia Applications. IEEE J. Sel. Areas Comm. 14, 7 (1996), 1280--1297. Google ScholarDigital Library
- LINUX VSERVERS PROJECT. http://linux-vserver.org/.Google Scholar
- Loscocco, P., and Smalley, S. Integrating Flexible Support for Security Policies into the Linux Operating System. In Proc. of the 2001 USENIX Annual Technical Conference (FREENIX Track) (Boston, MA, Jun 2001). Google ScholarDigital Library
- Object Management Group (OMG). Common Object Request Broker Architecture (CORBA). http://www.corba.org/.Google Scholar
- Provos, N. Improving Host Security with System Call Policies. In Proc. 12th USENIX Security Symposium (Washington, DC, Aug 2003), pp. 257--272. Google ScholarDigital Library
- Shapiro, J. S., Smith, J. M., and Farber, D. J. EROS: A Capability System. In Proc. 17th SOSP (Kiawah Island Resort, SC, Dec 1999). Google ScholarDigital Library
- Spencer, R., Smalley, S., Loscocco, P., Hibler, M., Andersen, D., and Lepreau, L. The Flask Security Architecture: System Support for Diverse Security Policies. In Proc. 8th USENIX Security Symposium (WA, Aug 1999). Google ScholarDigital Library
- Tucker, A., and Comay. Solaris Zones: Operating System Support for Server Consolidation. In 3rd Virtual Machine Research and Technology Symposium Works-in-Progress (San Jose, CA, May 2004).Google Scholar
- User-Mode Linux. http://user-mode-linux.sourceforge.net/.Google Scholar
- Virtual PC. http://www.microsoft.com/windows/virtualpc/default.mspx.Google Scholar
- VMWare. http://www.vmware.com/.Google Scholar
- Whitaker, A., Shaw, M., and Gribble, S. D. Scale and Performance in the Denali Isolation Kernel. In Proc. 5th OSDI (Boston, MA, December 2002), pp. 195--209. Google ScholarDigital Library
- Wright, C., Cowan, C., Smalley, S., Morris, J., and Kroah-Hartman, G. Linux Security Modules: General Security Support for the Linux Kernel. In Proceedings of the 11th USENIX Security Symposium (San Francisco, CA, Aug 2002). Google ScholarDigital Library
- Xie, Y., Kim, H., O'Hallaron, D., Reiter, M., and Zhang. H. Seurat: A Pointillist Approach to Anomaly Detection. In Proceedings of the 7th International Symposium on Recent Advances in Intrusion Detection (RAID 2004) (Sep 2004).Google ScholarCross Ref
- Yum: Yellow Dog Updater Modified. http://linux.duke.edu/projects/yum/.Google Scholar
Index Terms
- Privileged operations in the PlanetLab virtualised environment
Recommendations
On Exploiting Page Sharing in a Virtualised Environment - An Empirical Study of Virtualization Versus Lightweight Containers
CLOUD '15: Proceedings of the 2015 IEEE 8th International Conference on Cloud ComputingWhile virtualized solutions are firmly entrenched in cloud data centers to provide isolated execution environments, the chief overhead it suffers from is that of memory consumption. Even pages that are common in multiple virtual machines (VMs) on the ...
Critical analysis of layer 2 network security in virtualised environments
In this article, we explore whether layer 2 network attacks that work on physical switches apply to their virtualised counterparts by performing a systematic study across four major hypervisor environments - Open vSwitch, Citrix XenServer, Microsoft ...
The impact of management operations on the virtualized datacenter
ISCA '10: Proceedings of the 37th annual international symposium on Computer architectureVirtualization has the potential to dramatically reduce the total cost of ownership of datacenters and increase the flexibility of deployments for general-purpose workloads. If present trends continue, the datacenter of the future will be largely ...
Comments