Advanced Search
DSpace@MIT

Browsing MIT Open Access Articles by Author "Zeldovich, Nickolai"

Research and Teaching Output of the MIT Community

Browsing MIT Open Access Articles by Author "Zeldovich, Nickolai"

Sort by: Order: Results:

  • Boyd-Wickizer, Silas; Clements, Austin T.; Mao, Yandong; Pesterev, Aleksey; Kaashoek, M. Frans; Morris, Robert Tappan; Zeldovich, Nickolai (USENIX Association, 2010-10)
    This paper analyzes the scalability of seven system applications (Exim, memcached, Apache, PostgreSQL, gmake, Psearchy, and MapReduce) running on Linux on a 48- core computer. Except for gmake, all applications ...
  • Rumble, Stephen M.; Stutsman, Ryan; Levis, Philip; Mazières, David; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2009-08)
    Energy is the critical limiting resource to mobile computing devices. Correspondingly, an operating system must track, provision, and ration how applications consume energy. The emergence of third-party application stores ...
  • Chandra, Ramesh; Kim, Taesoo; Zeldovich, Nickolai (Association for Computing Machinery, 2013)
    Recovering from attacks in an interconnected system is difficult, because an adversary that gains access to one part of the system may propagate to many others, and tracking down and recovering from such an attack requires ...
  • Yang, Hsin-Jung; Zeldovich, Nickolai; Devadas, Srinivas; Costan, Victor Mariu (Association for Computing Machinery (ACM), 2013-11)
    A major security concern with outsourcing data storage to third-party providers is authenticating the integrity and freshness of data. State-of-the-art software-based approaches require clients to maintain state and cannot ...
  • Metreveli, Zviad; Zeldovich, Nickolai; Kaashoek, M. Frans (Association for Computing Machinery (ACM), 2012-02)
    CPHash is a concurrent hash table for multicore processors. CPHash partitions its table across the caches of cores and uses message passing to transfer lookups/inserts to a partition. CPHash's message passing avoids the ...
  • Popa, Raluca Ada; Redfield, Catherine M.; Zeldovich, Nickolai; Balakrishnan, Hari (Association for Computing Machinery (ACM), 2011-10)
    Online applications are vulnerable to theft of sensitive information because adversaries can exploit software bugs to gain access to private data, and because curious or malicious administrators may capture and leak data. ...
  • Naous, Jad; Stutsman, Ryan; Mazieres, David; McKeown, Nick; Zeldovich, Nickolai (Association for Computing Machinery, 2009-08)
    Network security is gravitating towards more centralized control. Strong centralization places a heavy burden on the administrator who has to manage complex security policies and be able to adapt to users' requests. To be ...
  • Roy, Arjun; Rumble, Stephen M.; Stutsman, Ryan; Levis, Philip; Mazieres, David; Zeldovich, Nickolai (Association for Computing Machinery, 2011-04)
    We argue that controlling energy allocation is an increasingly useful and important feature for operating systems, especially on mobile devices. We present two new low-level abstractions in the Cinder operating system, ...
  • Roy, Arjun; Rumble, Stephen M.; Stutsman, Ryan; Levis, Philip; Mazieres, David; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2011-04)
    We argue that controlling energy allocation is an increasingly useful and important feature for operating systems, especially on mobile devices. We present two new low-level abstractions in the Cinder operating system, ...
  • Goldwasser, Shafi; Kalai, Yael Tauman; Popa, Raluca Ada; Vaikuntanathan, Vinod; Zeldovich, Nickolai (Springer-Verlag Berlin Heidelberg, 2013)
    Cryptographic schemes for computing on encrypted data promise to be a fundamental building block of cryptography. The way one models such algorithms has a crucial effect on the efficiency and usefulness of the resulting ...
  • Popa, Raluca Ada; Li, Frank H.; Zeldovich, Nickolai (Institute of Electrical and Electronics Engineers (IEEE), 2013-05)
    Order-preserving encryption - an encryption scheme where the sort order of ciphertexts matches the sort order of the corresponding plaintexts - allows databases and other applications to process queries involving order ...
  • Yip, Alexander; Wang, Xi; Zeldovich, Nickolai; Kaashoek, M. Frans (Association for Computing Machinery, 2009-10)
    Resin is a new language runtime that helps prevent security vulnerabilities, by allowing programmers to specify application-level data flow assertions. Resin provides policy objects, which programmers use to specify assertion ...
  • Pesterev, Aleksey; Strauss, Jacob; Zeldovich, Nickolai; Morris, Robert Tappan (Association for Computing Machinery (ACM), 2012-04)
    Incoming and outgoing processing for a given TCP connection often execute on different cores: an incoming packet is typically processed on the core that receives the interrupt, while outgoing data processing occurs on the ...
  • Chandra, Ramesh; Kim, Taesoo; Shah, Meelap; Narula, Neha; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2011-10)
    Warp is a system that helps users and administrators of web applications recover from intrusions such as SQL injection, cross-site scripting, and clickjacking attacks, while preserving legitimate user changes. Warp repairs ...
  • Kim, Taesoo; Wang, Xi; Zeldovich, Nickolai; Kaashoek, M. Frans (USENIX Association, 2010-10)
    RETRO repairs a desktop or server after an adversary compromises it, by undoing the adversary's changes while preserving legitimate user actions, with minimal user involvement. During normal operation, RETRO records an ...
  • Chen, Haogang; Mao, Yandong; Wang, Xi; Zhou, Dong; Zeldovich, Nickolai; Kaashoek, M. Frans (Association for Computing Machinery (ACM), 2011-07)
    Avoiding kernel vulnerabilities is critical to achieving security of many systems, because the kernel is often part of the trusted computing base. This paper evaluates the current state-of-the-art with respect to kernel ...
  • Pesterev, Aleksey; Zeldovich, Nickolai; Morris, Robert Tappan (Association for Computing Machinery (ACM), 2010-04)
    Effective use of CPU data caches is critical to good performance, but poor cache use patterns are often hard to spot using existing execution profiling tools. Typical profilers attribute costs to specific code locations. ...
  • Zeldovich, Nickolai; Boyd-Wickizer, Silas; Kohler, Eddie; Mazieres, David (Association for Computing Machinery (ACM), 2011-11)
    HiStar is a new operating system designed to minimize the amount of code that must be trusted. HiStar provides strict information flow control, which allows users to specify precise data security policies without unduly ...
  • Kim, Taesoo; Zeldovich, Nickolai (USENIX Association, 2010-08)
    UserFS provides egalitarian OS protection mechanisms in Linux. UserFS allows any user—not just the system administrator—to allocate Unix user IDs, to use chroot, and to set up firewall rules in order to confine untrusted ...
  • Dalton, Michael; Kozyrakis, Christos; Zeldovich, Nickolai (USENIX Association, 2009-08)
    This paper presents Nemesis, a novel methodology for mitigating authentication bypass and access control vulnerabilities in existing web applications. Authentication attacks occur when a web application authenticates ...
Open Access