Advanced Search
DSpace@MIT

Browsing MIT Open Access Articles by Author "Zeldovich, Nickolai"

Research and Teaching Output of the MIT Community

Browsing MIT Open Access Articles by Author "Zeldovich, Nickolai"

Sort by: Order: Results:

  • Boyd-Wickizer, Silas; Clements, Austin T.; Mao, Yandong; Pesterev, Aleksey; Kaashoek, M. Frans; Morris, Robert Tappan; Zeldovich, Nickolai (USENIX Association, 2010-10)
    This paper analyzes the scalability of seven system applications (Exim, memcached, Apache, PostgreSQL, gmake, Psearchy, and MapReduce) running on Linux on a 48- core computer. Except for gmake, all applications ...
  • Rumble, Stephen M.; Stutsman, Ryan; Levis, Philip; Mazières, David; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2009-08)
    Energy is the critical limiting resource to mobile computing devices. Correspondingly, an operating system must track, provision, and ration how applications consume energy. The emergence of third-party application stores ...
  • Yang, Hsin-Jung; Zeldovich, Nickolai; Devadas, Srinivas; Costan, Victor Mariu (Association for Computing Machinery (ACM), 2013-11)
    A major security concern with outsourcing data storage to third-party providers is authenticating the integrity and freshness of data. State-of-the-art software-based approaches require clients to maintain state and cannot ...
  • Metreveli, Zviad; Zeldovich, Nickolai; Kaashoek, M. Frans (Association for Computing Machinery (ACM), 2012-02)
    CPHash is a concurrent hash table for multicore processors. CPHash partitions its table across the caches of cores and uses message passing to transfer lookups/inserts to a partition. CPHash's message passing avoids the ...
  • Popa, Raluca Ada; Redfield, Catherine M.; Zeldovich, Nickolai; Balakrishnan, Hari (Association for Computing Machinery (ACM), 2011-10)
    Online applications are vulnerable to theft of sensitive information because adversaries can exploit software bugs to gain access to private data, and because curious or malicious administrators may capture and leak data. ...
  • Naous, Jad; Stutsman, Ryan; Mazieres, David; McKeown, Nick; Zeldovich, Nickolai (Association for Computing Machinery, 2009-08)
    Network security is gravitating towards more centralized control. Strong centralization places a heavy burden on the administrator who has to manage complex security policies and be able to adapt to users' requests. To be ...
  • Roy, Arjun; Rumble, Stephen M.; Stutsman, Ryan; Levis, Philip; Mazieres, David; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2011-04)
    We argue that controlling energy allocation is an increasingly useful and important feature for operating systems, especially on mobile devices. We present two new low-level abstractions in the Cinder operating system, ...
  • Roy, Arjun; Rumble, Stephen M.; Stutsman, Ryan; Levis, Philip; Mazieres, David; Zeldovich, Nickolai (Association for Computing Machinery, 2011-04)
    We argue that controlling energy allocation is an increasingly useful and important feature for operating systems, especially on mobile devices. We present two new low-level abstractions in the Cinder operating system, ...
  • Yip, Alexander; Wang, Xi; Zeldovich, Nickolai; Kaashoek, M. Frans (Association for Computing Machinery, 2009-10)
    Resin is a new language runtime that helps prevent security vulnerabilities, by allowing programmers to specify application-level data flow assertions. Resin provides policy objects, which programmers use to specify assertion ...
  • Pesterev, Aleksey; Strauss, Jacob; Zeldovich, Nickolai; Morris, Robert Tappan (Association for Computing Machinery (ACM), 2012-04)
    Incoming and outgoing processing for a given TCP connection often execute on different cores: an incoming packet is typically processed on the core that receives the interrupt, while outgoing data processing occurs on the ...
  • Chandra, Ramesh; Kim, Taesoo; Shah, Meelap; Narula, Neha; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2011-10)
    Warp is a system that helps users and administrators of web applications recover from intrusions such as SQL injection, cross-site scripting, and clickjacking attacks, while preserving legitimate user changes. Warp repairs ...
  • Kim, Taesoo; Wang, Xi; Zeldovich, Nickolai; Kaashoek, M. Frans (USENIX Association, 2010-10)
    RETRO repairs a desktop or server after an adversary compromises it, by undoing the adversary's changes while preserving legitimate user actions, with minimal user involvement. During normal operation, RETRO records an ...
  • Chen, Haogang; Mao, Yandong; Wang, Xi; Zhou, Dong; Zeldovich, Nickolai; Kaashoek, M. Frans (Association for Computing Machinery (ACM), 2011-07)
    Avoiding kernel vulnerabilities is critical to achieving security of many systems, because the kernel is often part of the trusted computing base. This paper evaluates the current state-of-the-art with respect to kernel ...
  • Pesterev, Aleksey; Zeldovich, Nickolai; Morris, Robert Tappan (Association for Computing Machinery (ACM), 2010-04)
    Effective use of CPU data caches is critical to good performance, but poor cache use patterns are often hard to spot using existing execution profiling tools. Typical profilers attribute costs to specific code locations. ...
  • Zeldovich, Nickolai; Boyd-Wickizer, Silas; Kohler, Eddie; Mazieres, David (Association for Computing Machinery (ACM), 2011-11)
    HiStar is a new operating system designed to minimize the amount of code that must be trusted. HiStar provides strict information flow control, which allows users to specify precise data security policies without unduly ...
  • Kim, Taesoo; Zeldovich, Nickolai (USENIX Association, 2010-08)
    UserFS provides egalitarian OS protection mechanisms in Linux. UserFS allows any user—not just the system administrator—to allocate Unix user IDs, to use chroot, and to set up firewall rules in order to confine untrusted ...
  • Dalton, Michael; Kozyrakis, Christos; Zeldovich, Nickolai (USENIX Association, 2009-08)
    This paper presents Nemesis, a novel methodology for mitigating authentication bypass and access control vulnerabilities in existing web applications. Authentication attacks occur when a web application authenticates ...
  • Kim, Taesoo; Chandra, Ramesh; Zeldovich, Nickolai (Association for Computing Machinery, 2013-07)
    Tao is a system that optimizes the execution of unit tests in large software programs and reduces the programmer wait time from minutes to seconds. Tao is based on two key ideas: First, Tao focuses on efficiency, unlike ...
  • Tu, Stephen Lyle; Kaashoek, M. Frans; Madden, Samuel R.; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2013-08)
    MONOMI is a system for securely executing analytical workloads over sensitive data on an untrusted database server. MONOMI works by encrypting the entire database and running queries over the encrypted data. MONOMI introduces ...
  • Clements, Austin T.; Kaashoek, M. Frans; Zeldovich, Nickolai (Association for Computing Machinery (ACM), 2013-04)
    RadixVM is a new virtual memory system design that enables fully concurrent operations on shared address spaces for multithreaded processes on cache-coherent multicore computers. Today, most operating systems serialize ...
Open Access