Department of Computer ScienceJanos Project Janos A Java-oriented Active Network Operating System Jay Lepreau, Patrick Tullmann, Kristin Wright Wilson.

Slides:



Advertisements
Similar presentations
Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
Advertisements

NetServ Dynamic in-network service deployment Henning Schulzrinne (Columbia University) Srinivasan Seetharaman (Georgia Tech) Volker Hilt (Bell Labs)
OS Components and Structure
Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,
Chapter 6 Security Kernels.
Chorus and other Microkernels Presented by: Jonathan Tanner and Brian Doyle Articles By: Jon Udell Peter D. Varhol Dick Pountain.
Janos A Java-oriented Active Network Operating System Jay Lepreau, Patrick Tullmann, Kristin Wright Wilson Hsieh, Godmar Back, many more... University.
Introduction to Operating Systems CS-2301 B-term Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.
The Alta Operating System Patrick Tullmann Masters Thesis Defense University of Utah.
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
Dawson R. Engler, M. Frans Kaashoek, and James O'Tool Jr.
Extensibility, Safety and Performance in the SPIN Operating System Brian Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,
Active Messages: a Mechanism for Integrated Communication and Computation von Eicken et. al. Brian Kazian CS258 Spring 2008.
Figure 1.1 Interaction between applications and the operating system.
Rob Jaeger, University of Maryland, Department of Computer Science 1 Active Networking “ The active network provides a platform on which network services.
New Results in Fluke/Flask Jay Lepreau Flux Group University of Utah July 13, 1998.
1 Janos Patrick Tullmann Flux Research Group University of Utah.
Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr. M.I.T.
Object Based Operating Systems1 Learning Objectives Object Orientation and its benefits Controversy over object based operating systems Object based operating.
Extensible Kernels Mingsheng Hong. OS Kernel Types Monolithic Kernels Microkernels – Flexible (?) – Module Design – Reliable – Secure Extensible Kernels.
Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.
ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.
Protection and the Kernel: Mode, Space, and Context.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
Kernel, processes and threads Windows and Linux. Windows Architecture Operating system design Modified microkernel Layered Components HAL Interacts with.
Chapter 2 Operating System Overview
Silberschatz, Galvin and Gagne  2002 Modified for CSCI 399, Royden, Operating System Concepts Operating Systems Lecture 7 OS System Structure.
Copyright © George Coulouris, Jean Dollimore, Tim Kindberg This material is made available for private study and for direct.
Hardware process When the computer is powered up, it begins to execute fetch-execute cycle for the program that is stored in memory at the boot strap entry.
CE Operating Systems Lecture 3 Overview of OS functions and structure.
Nested Java Processes: OS Structure for Mobile Code Patrick Tullmann & Jay Lepreau September 10, 1998 Flux Project University of Utah
Computers Operating System Essentials. Operating Systems PROGRAM HARDWARE OPERATING SYSTEM.
Ihr Logo Operating Systems Internals & Design Principles Fifth Edition William Stallings Chapter 2 (Part II) Operating System Overview.
Operating Systems David Goldschmidt, Ph.D. Computer Science The College of Saint Rose CIS 432.
A Summary of the Distributed System Concepts and Architectures Gayathri V.R. Kunapuli
Processes Introduction to Operating Systems: Module 3.
The Mach System Abraham Silberschatz, Peter Baer Galvin, Greg Gagne Presentation By: Agnimitra Roy.
Processes and Process Control 1. Processes and Process Control 2. Definitions of a Process 3. Systems state vs. Process State 4. A 2 State Process Model.
Silberschatz, Galvin and Gagne  Operating System Concepts Chapter 3: Operating-System Structures System Components Operating System Services.
1 Choices “Our object-oriented system architecture embodies the notion of customizing operating systems to tailor them to support particular hardware configuration.
Operating System Organization Chapter 3 Michelle Grieco.
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Wireless and Mobile Security
Concepts and Structures. Main difficulties with OS design synchronization ensure a program waiting for an I/O device receives the signal mutual exclusion.
Copyright 2002 Stephen F. Bush1 Three Points to Remember Active Networks Are Cool Active Networks Are Cool Active Networks Can Be At Least As Secure As.
Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK
CSCI/CMPE 4334 Operating Systems Review: Exam 1 1.
1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.
Overview of today’s lecture Major components of an operating system Structure and internal architecture of an operating system Monolithic Vs Micro-kernels.
Introduction to Operating Systems Concepts
Operating Systems : Overview
CS490 Windows Internals Quiz 2 09/27/2013.
KERNEL ARCHITECTURE.
Operating Systems : Overview
Operating Systems : Overview
Chapter 2: System Structures
Operating Systems Bina Ramamurthy CSE421 11/27/2018 B.Ramamurthy.
Chapter 3: Operating-System Structures
Operating Systems : Overview
Mid Term review CSC345.
Operating Systems : Overview
Operating Systems : Overview
Operating Systems : Overview
Operating Systems : Overview
Outline Chapter 2 (cont) OS Design OS structure
Operating Systems : Overview
Operating Systems : Overview
Outline Operating System Organization Operating System Examples
System calls….. C-program->POSIX call
Lecture Topics: 11/1 Hand back midterms
Presentation transcript:

Department of Computer ScienceJanos Project Janos A Java-oriented Active Network Operating System Jay Lepreau, Patrick Tullmann, Kristin Wright Wilson Hsieh, Godmar Back, many more... University of Utah Flux Research Group March 30, 1999

Department of Computer Science Janos Project Goals l Develop a principled yet efficient local OS architecture for active nodes, oriented to hierarchical structure, resource control, and security. l Produce separately useful OS, security, and Java VM components.

Department of Computer Science Janos Project Goals 2 l Investigate local resource management and security in language-based systems –Java, in particular l Investigate OS support for active networking l Investigate broader resource management issues

Department of Computer Science Janos Project Resources (obvious) l Memory l CPU l Network bandwidth

Department of Computer Science Janos Project Resources (less obvious) l Backing/caching store l Persistent store l Encryption hardware l Other specialized hardware… –DSPsl –Reconfigurable HW? –Special links (eg long set up time) l Specialized data... –Routing table entries? –...

Department of Computer Science Janos Project Genesis l Builds on three lines of existing work: –Fluke Nested Process Model »Strong OS model with a new protection mechanism: focus on resource control –Flask security architecture »Policy-flexible fine-grain mechanisms –The OSKit »Reusable low-level components and a framework (COM, APIs) l Other: –Optimization of Java for systems code »predictability, speed –Network testbed (possibly)

Department of Computer Science Janos Project Janos Structure The OSKit AN Execution Environment Janos VM Hardware or Unix

Department of Computer Science Janos Project Primary Execution Environment l Java-based l Prototype will be based on ANTS [Wetherall et al. 97] –Initial changes to ANTS structure and execution model to better support resource control (released June ‘98) l Integration with Janos resource management –Admission control –Prevent denial of service –Fair sharing

Department of Computer Science Janos Project “Incoming” Bandwidth »Early demultiplexing and packet discard. »Minimize unaccounted processing through lazy receiver processing. »Flexible and extensible dispatch. Link ANEP ANTS Prot AProt B PLAN... Unknown

Department of Computer Science The Nested Process Model Child process is encapsulated in its parent. Parent has complete control over the child. Traditional Process ModelNested Process Model Parent Process State Child State Child State Child State Child State Parent Process State

Department of Computer Science Janos Project Nested Process Model l Derived from a recursive virtual machine model l Resources for a process are obtained from parent l Parent services requests for new resources and for management l Strict hierarchy enabled, not enforced Parent Process State Child State Child State Child State Child State Parent Process State TraditionalFluke

Department of Computer Science Janos Project Obscure Names l Fluke: microkernel and server implementation of OS model l Flask: high-security version of Fluke Alta: Fluke architecture implemented in a JVM, using type-safety for memory protection

Department of Computer Science Janos Project Swap in Patrick

Department of Computer Science Janos Project Flask: High-security version of Fluke l Joint with NSA R23, SCC l Security architecture orthogonal to Flask implementation l Augments Fluke with fine grained security mechanisms –Explicit security bindings –Mandatory controls –Mutual authentication

Department of Computer Science Janos Project Flask: Security Policy l Policy flexibility: –Dynamic both in time and in configuration –Economic and market reasons –Separate security policy “decider” makes all policy decisions –Revocation support l Investigating extensions to multiple policy servers

Department of Computer Science Janos Project The OSKit

Department of Computer Science Janos Project Dual Execution Modes

Department of Computer Science Janos Project User Friendly OS Development ….!?

Department of Computer Science Example Working Kernel #include main() { printf("Hello, world.\n"); return 0; }

Department of Computer Science Janos Project OSKit Status l Major releases 18 Dec 98, 15 Jan 99 –Unique downloads running 1000/month –600 on mailing list l Base for Janos prototype on bare hardware l Another route for Utah/NSA security tech xfer l Likely vehicle for external OS research tech xfer (Quorum, NT) l Evolving into flexible OS itself

Department of Computer Science Janos Project OSKit: Ongoing and Future l Make components more separable l Dynamic loading and linking l Module configuration language & GUI l “Protection” component l Further integrate with languages –Java –Scheme (Indiana, Kansas, Rice) –ML (MIT, CMU) l ….

Department of Computer Science Janos Project OSKit future components l Buffering/caching (IO-Lite?), network mgmt protocols,... l Modular protocol impl. l Secure boot (Penn), filesys (Linux xfer), policy engine l Network components –access checks at all levels and objects (local node, remote node, interface, routing table, …) l Crypto, auth, l PCC verifier (w/ CMU/Cedilla) l ….

Department of Computer Science Janos Project CPU Inheritance Scheduling l Threads schedule each other by donating the CPU using a directed yield primitive l One root scheduler per processor sources all CPU time l Kernel dispatcher manages threads, events, and CPU donation without making any scheduling policy decisions

Department of Computer Science Janos Project CPU Inheritance Scheduling l Did prototype for OSDI’96.. l Now making it real in the OSKit and Janos: –Fast context switches. –Client-scheduler communication (NPM). –Integration with I/O, Synchronization. –Extensible policy modules.

Department of Computer Science Janos Project Stride (WFQ) Scheduling % CPU 60 % CPU

Department of Computer Science Janos Project Possible Curves in the Road l Fluke model will likely be modified l Hardware protection may be included l Flask security architecture may not map well to Java and Janos l Challenges in GC and cpu interactions. l More surprises undoubtedly await…

Department of Computer Science Janos Project The Big Todo l GVM and Alta prototypes: evaluate, choose best pieces, synthesize l Evaluate use of hardware protection in the OSKit l Refine and integrate AN execution environment l Measure and tune performance l Leverage AN-specifc fine-grained sharing

Department of Computer Science Janos Project Summary l Resource control and security in Java –Applicable in other language-based systems –Explore power/speed of software mechanisms l Primary motivation: active networks and other mobile code l Useful in other contexts –Servlet environments –Active service environments –OS without hardware protection l Wide applicability and tech xfer thru the OSKit l

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.