API and point out where the API has the
ability to scale but its OS implementation hits a bottleneck. They employ the
results to develop a new OS that is practically free of scalability bottlenecks.
The scalable commutativity rule applies not just to operating system design, but also to any multicore software
system. It should be part of the toolkit
of any multicore application developer.
Keeping Sensitive Data Confidential
Baumann, A., et al. 2014.
Shielding applications from an untrusted
cloud with Haven.
Usenix Symposium on Operating
Systems Design and Implementation.
Customers trust their cloud providers
not to expose any of their data—a tall
order, given the staggering complexity
of the cloud hardware/software platform. Bugs may easily compromise
sensitive data. This paper introduces
Haven, a software system that protects
the integrity of a program and its data
from the entire cloud-execution platform, except for a small trusted block
To achieve this, Haven uses the recently introduced Intel SGX technology
to develop a non-hierarchical OS security model that allows applications to
run in a secure region of memory that
is protected from outside access, including privileged software such as OS
kernels and hypervisors. To support
execution on top of an untrusted OS
kernel, Haven introduces a mutually
distrusting kernel interface that applications access via a user-level library
that provides the Windows API.
Haven introduces a new way of
protecting data confidentiality. While
previous attempts use encryption techniques such as homomorphic encryption to compute on encrypted data in
limited cases, Haven relies on hard-ware-protection technology to address
the problem in a more general way.
An Ecosystem of Application
These papers establish a new baseline
for datacenter OS design. Not the tra-
ditional Unix model where processes
run on top of a shared kernel invoked
via POSIX system calls, but protected
software containers using scalable li-
brary invocations that map directly to
hardware mechanisms allow applica-
tions to break out of existing OS perfor-
mance and protection limitations.
This new OS design has the potential to enable an ecosystem of library
execution environments that support
applications in various ways. For example, a fast library network stack
may be linked to a Web server to improve its webpage delivery latency and
throughput. A Haven-like system call
library may be linked to protect the integrity of confidential data held by the
application. Finally, a scalable storage
stack may be linked to a database to
allow it to keep pace with the throughput offered by parallel flash memory.
In many cases, these libraries can improve application execution transparently. Together, these new execution
environments have the potential to allow applications to match the performance and integrity demands of current and future datacenter workloads.
Simon Peter is an assistant professor at the University
of Texas at Austin, where he leads research in operating
systems and networks.
NFV and Middleboxes
By Justine Sherry
We usually think of networks as performing
only one task: Delivering
packets from sender to receiver. Today’s networks, however, do a lot more
by deploying special-purpose
middleboxes to inspect and transform packets,
usually to improve performance or security. A middlebox may scan a connection for malicious behavior, compress
data to provide better performance on
low-resource mobile devices, or serve
content from a cache inside the network to reduce bandwidth costs. Both
industry and research sources have
recently begun to refer to the features
implemented by middleboxes as “
network functions.” Popular open source
network functions include the Snort
Intrusion Detection System3 and the
Squid Web Proxy.
To deploy a new network function,
a network administrator traditionally
purchases a specialized, fixed-func-tion hardware device (the middlebox)
implementing, for example, intrusion
ACM’s Interactions magazine
explores critical relationships
between people and
emerging innovations and
industry leaders from around
the world across important
applications of design thinking
and the broadening ;eld of
Our readers represent a growing
community of practice that is
of increasing and vital global
To learn more about us,
visit our award-winning website
Follow us on
Facebook and Twitter
IX_XRDS_ThirdVertical_V01.indd 1 3/18/15 3:35PM