Now showing items 1-20 of 21

    • An Analysis of Linux Scalability to Many Cores 

      Boyd-Wickizer, Silas; Clements, Austin T.; Mao, Yandong; Pesterev, Aleksey; Kaashoek, M. Frans; e.a. (USENIX Association, 2010-10)
      This paper analyzes the scalability of seven system applications (Exim, memcached, Apache, PostgreSQL, gmake, Psearchy, and MapReduce) running on Linux on a 48- core computer. Except for gmake, all applications ...
    • Certifying a file system using crash hoare logic 

      Chajed, Tej; Chen, Haogang; Chlipala, Adam; Kaashoek, M. Frans; Zeldovich, Nickolai; e.a. (Association for Computing Machinery (ACM), 2017-04)
      FSCQ is the frst fle system with a machine-checkable proof that its implementation meets a specifcation, even in the presence of fail-stop crashes. FSCQ provably avoids bugs that have plagued previous fle systems, such as ...
    • CPHASH: A cache-partitioned hash table 

      Metreveli, Zviad; Zeldovich, Nickolai; Kaashoek, M. Frans (Association for Computing Machinery (ACM), 2012-02)
      CPHash is a concurrent hash table for multicore processors. CPHash partitions its table across the caches of cores and uses message passing to transfer lookups/inserts to a partition. CPHash's message passing avoids the ...
    • Device Transparency: a New Model for Mobile Storage 

      Strauss, Jacob A.; Lesniewski-Laas, Christopher Tur; Paluska, Justin Mazzola; Ford, Bryan; Morris, Robert Tappan; e.a. (Association for Computing Machinery, 2010-01)
      This paper proposes a new storage model, device transparency, in which users view and manage their entire data collection from any of their devices, even from disconnected storage-limited devices holding only a subset of ...
    • Flexible, Wide-Area Storage for Distributed Systems with WheelFS 

      Stribling, Jeremy; Sovran, Yair; Zhang, Irene; Pretzer, Xavid F.; Li, Jinyang; e.a. (USENIX Association, 2009-04)
      WheelFS is a wide-area distributed storage system intended to help multi-site applications share data and gain fault tolerance. WheelFS takes the form of a distributed file system with a familiar POSIX interface. Its design ...
    • Hare: a file system for non-cache-coherent multicores 

      Gruenwald, Charles; Sironi, Filippo; Kaashoek, M. Frans; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2015-04)
      Hare is a new file system that provides a POSIX-like interface on multicore processors without cache coherence. Hare allows applications on different cores to share files, directories, and file descriptors. The challenge ...
    • Improving application security with data flow assertions 

      Yip, Alexander; Wang, Xi; Zeldovich, Nickolai; Kaashoek, M. Frans (Association for Computing Machinery, 2009-10)
      Resin is a new language runtime that helps prevent security vulnerabilities, by allowing programmers to specify application-level data flow assertions. Resin provides policy objects, which programmers use to specify assertion ...
    • Intrusion Recovery Using Selective Re-execution 

      Kim, Taesoo; Wang, Xi; Zeldovich, Nickolai; Kaashoek, M. Frans (USENIX Association, 2010-10)
      RETRO repairs a desktop or server after an adversary compromises it, by undoing the adversary's changes while preserving legitimate user actions, with minimal user involvement. During normal operation, RETRO records an ...
    • Ksplice: Automatic Rebootless Kernel Updates 

      Kaashoek, M. Frans; Arnold, Jeffrey B. (Association for Computing Machinery, 2009)
      Ksplice allows system administrators to apply patches to their operating system kernels without rebooting. Unlike previous hot update systems, Ksplice operates at the object code layer, which allows Ksplice to transform ...
    • Linux Kernel Vulnerabilities: State-of-the-Art Defenses and Open Problems 

      Chen, Haogang; Mao, Yandong; Wang, Xi; Zhou, Dong; Zeldovich, Nickolai; e.a. (Association for Computing Machinery (ACM), 2011-07)
      Avoiding kernel vulnerabilities is critical to achieving security of many systems, because the kernel is often part of the trusted computing base. This paper evaluates the current state-of-the-art with respect to kernel ...
    • Processing Analytical Queries over Encrypted Data 

      Tu, Stephen Lyle; Kaashoek, M. Frans; Madden, Samuel R.; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2013-08)
      MONOMI is a system for securely executing analytical workloads over sensitive data on an untrusted database server. MONOMI works by encrypting the entire database and running queries over the encrypted data. MONOMI introduces ...
    • RadixVM: Scalable address spaces for multithreaded applications 

      Clements, Austin T.; Kaashoek, M. Frans; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2013-04)
      RadixVM is a new virtual memory system design that enables fully concurrent operations on shared address spaces for multithreaded processes on cache-coherent multicore computers. Today, most operating systems serialize ...
    • Reinventing Scheduling for Multicore Systems 

      Boyd-Wickizer, Silas; Morris, Robert Tappan; Kaashoek, M. Frans (IEEE Computer Society Press, 2009-05)
      High performance on multicore processors requires that schedulers be reinvented. Traditional schedulers focus on keeping execution units busy by assigning each core a thread to run. Schedulers ought to focus, however, ...
    • Retroactive auditing 

      Wang, Xi; Zeldovich, Nickolai; Kaashoek, M. Frans (Association for Computing Machinery (ACM), 2011-01)
      Retroactive auditing is a new approach for detecting past intrusions and vulnerability exploits based on security patches. It works by spawning two copies of the code that was patched, one with and one without the patch, ...
    • Scalable Address Spaces Using Rcu Balanced Trees 

      Clements, Austin T.; Kaashoek, M. Frans; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2012-03)
      Software developers commonly exploit multicore processors by building multithreaded software in which all threads of an application share a single address space. This shared address space has a cost: kernel virtual memory ...
    • The scalable commutativity rule: designing scalable software for multicore processors 

      Clements, Austin T.; Kaashoek, M. Frans; Zeldovich, Nickolai; Morris, Robert Tappan; Kohler, Edward W. (Association for Computing Machinery, 2013)
      What fundamental opportunities for scalability are latent in interfaces, such as system call APIs? Can scalability opportunities be identified even before any implementation exists, simply by considering interface ...
    • Security bugs in embedded interpreters 

      Chen, Haogang; Cutler, Cody; Kim, Taesoo; Mao, Yandong; Wang, Xi; e.a. (Edition Open Access, 2013-07)
      Because embedded interpreters offer flexibility and performance, they are becoming more prevalent, and can be found at nearly every level of the software stack. As one example, the Linux kernel defines languages to describe ...
    • Software Fault Isolation with Api Integrity and Multi-Principal Modules 

      Mao, Yandong; Chen, Haogang; Zhou, Dong; Wang, Xi; Zeldovich, Nickolai; e.a. (Association for Computing Machinery (ACM), 2011-10)
      The security of many applications relies on the kernel being secure, but history suggests that kernel vulnerabilities are routinely discovered and exploited. In particular, exploitable vulnerabilities in kernel modules are ...
    • Undefined behavior: what happened to my code? 

      Wang, Xi; Chen, Haogang; Cheung, Alvin K.; Jia, Zhihao; Zeldovich, Nickolai; e.a. (Association for Computing Machinery, 2012)
      System programming languages such as C grant compiler writers freedom to generate efficient code for a specific instruction set by defining certain language constructs as undefined behavior. Unfortunately, the rules for ...
    • VerSum: Verifiable Computations over Large Public Logs 

      van den Hooff, Jelle; Kaashoek, M. Frans; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2014-11)
      VerSum allows lightweight clients to outsource expensive computations over large and frequently changing data structures, such as the Bitcoin or Namecoin blockchains, or a Certificate Transparency log. VerSum clients ensure ...