Paper: Storyboard: Optimistic Deterministic Multithreading at HotDep 2010

2010/10/10 by Leave a Comment Print This Post Print This Post

Storyboard: Optimistic Deterministic Multithreading
Rüdiger Kapitza, Matthias Schunter, and Christian Cachin, IBM Research—Zurich; Klaus Stengel and Tobias Distler, Friedrich-Alexander University Erlangen-Nuremberg, 6th USENIX Workshop on Hot Topics in System Dependability (HotDep ’10), Vancouver BC, CAN, October 4–6, 2010.

Abstract: State-machine replication is a general approach to address the increasing importance of network-based services by improving their availability and reliability via replicated execution. If a service is deterministic, multiple replicas will produce the same results, and faults can be tolerated by means of agreement protocols. Unfortunately, real-life services are often not deterministic. One major source of non-determinism is multi-threaded execution with shared data access in which the thread execution order is determined by the run-time system and the outcome may depend on which thread accesses data first. We present Storyboard, an approach that ensures deterministic execution of multi-threaded programs. Storyboard achieves this by utilizing application-specific knowledge to minimize costly inter-replica coordination and to exploit concurrency in a similar way as non-deterministic execution. This is accomplished by making a forecast for a likely execution path, provided as an ordered sequence of locks that protect critical sections. If this forecast is correct, a request is executed in parallel to other running requests without further actions. Only in case of an incorrect forecast will an alternative execution path be resolved by inter-replica coordination.

Paper (PDF)

Read more of this post

Filed under Publications Tagged with ,

CCSW 2010: Paper on Auditing Cloud Infrastructures published at ACM CCSW

2010/07/11 by Leave a Comment Print This Post Print This Post

Sören Bleikertz, Matthias Schunter, Christian W. Probst, Dimitrios Pendarakis, Konrad Eriksson: Security Audits of Multi-tier Virtual Infrastructures in Public Infrastructure Clouds, The ACM Cloud Computing Security Workshop (CCSW 2010); in conjunction with the 17th ACM Conference on Computer and Communications Security (CCS), Hyatt Regency Chicago, Chicago, IL, October 2010.

Download (PDF)

Abstract
Cloud computing has gained remarkable popularity in the recent years by a wide spectrum of consumers, ranging from small start-ups to governments. However, its benefits in terms of flexibility, scalability, and low upfront investments, are shadowed by security challenges which inhibit its adoption. Managed through a web-services interface, users can configure highly flexible but complex cloud computing environments. Furthermore, users misconfiguring such cloud services poses a severe security risk that can lead to security incidents, \eg, erroneous exposure of services due to faulty network security configurations.

In this article we present a novel approach in the security assessment of the end-user configuration of multi-tier architectures deployed on infrastructure clouds such as Amazon EC2. In order to perform this assessment for the currently deployed configuration, we automated the process of extracting the configuration using the Amazon API. In the assessment we focused on the reachability and vulnerability of services in the virtual infrastructure, and presented a way for the visualization and automated analysis based on reachability and attack graphs. We proposed a query and policy language for the analysis which can be used to obtain insights into the configuration and to specify desired and undesired configurations. We have implemented the security assessment in a prototype and evaluated it for practical scenarios. Our approach effectively allows to remediate today’s security concerns through validation of configurations of complex cloud infrastructures.

Read more of this post

Filed under Publications Tagged with , ,

Newer posts