Loading...
Please wait, while we are loading the content...
Similar Documents
Protection of Application Service Hosting Platforms: An Operating System Perspective
| Content Provider | Semantic Scholar |
|---|---|
| Author | Jiang, Xuxian Xu, Dongyan |
| Copyright Year | 2003 |
| Abstract | The Application Service Hosting Platform (ASHoP), as a realization of the utility computing vision, has recently received tremendous attention from both industry and academia. An ASHoP provides a shared and high performance platform to host multiple Application Services (ASes). The ASes are outsourced by Application Service Providers (ASPs) to save their own IT resources. Furthermore, ASHoP resources are allocated to the ASes in an ondemand fashion, so that resource supply always follows the time-varying service load. In this paper, we argue that the protection of ASHoPs poses new challenges. Different from a dedicated server platform which is analogous to a private house, an ASHoP is like an apartment building, involving the ‘host’ the ASHoP infrastructure and the ‘tenants’ the ASes. As a result, an ASHoP has inherent requirement of openness, sharing, and mutual isolation: it must provide protection and isolation between the host and the tenants, as well as between different tenants. Unfortunately, traditional OS architecture and mechanisms are not adequate to meet these requirements. We advocate new OS architecture and mechanisms for ASHoP protection, based on the virtual OS technology. Our experience shows that virtual OS achieves better protection of ASHoP infrastructure, as well as better isolation between the ASes hosted. Furthermore, we present novel protection mechanisms we have implemented: (1) resource isolation between ASes, (2) virtual networking and firewalling between ASes in a physical ASHoP server, and (3) untamperable and privacy-conserving AS blackboxing for the logging of activities inside each AS. Analogous to the blackbox on an aircraft, the software blackbox in each AS is untamperable; and it continues to log even after this AS has been compromised. Moreover, for the privacy of the AS, log data in the AS blackbox are not viewable to the ‘landlord’ Submitted for publication. Also as CS Technical Report TR-03-010, Purdue University, February 2003. (namely ASHoP owner) without authorization. |
| File Format | PDF HTM / HTML |
| Alternate Webpage(s) | http://docs.lib.purdue.edu/cgi/viewcontent.cgi?article=2558&context=cstech |
| Alternate Webpage(s) | http://www.cs.purdue.edu/homes/dxu/pubs/SODA-protection.pdf |
| Alternate Webpage(s) | https://docs.lib.purdue.edu/cgi/viewcontent.cgi?article=2558&context=cstech |
| Language | English |
| Access Restriction | Open |
| Content Type | Text |
| Resource Type | Article |
