云计算-论文题目及摘要1

一、 系统虚拟化

1. Directvisor: Virtualization for Bare-metal Cloud

Abstract Bare-metal cloud platforms allow customers to rent remote physical servers and install their

preferred operating systems and software to make the best of servers’ raw hardware capabilities. However,

this quest for bare-metal performance compromises cloud manageability. To avoid overheads, cloud

operators cannot install traditional hypervisors that provide common manageability functions such as live

migration and introspection. We aim to bridge this gap between performance, isolation, and manageability

for such VMs having direct hardware access.

2. Lightweight Kernel Isolation with Virtualization and VM Functions

Abstract Commodity operating systems execute core kernel subsystems in a single address space along with

hundreds of dynamically loaded extensions and device drivers. Lack of isolation within the kernel implies

that a vulnerability in any of the kernel subsystems or device drivers opens a way to mount a successful

attack on the entire kernel. Historically, isolation within the kernel remained prohibitive due to the high cost

of hardware isolation primitives. Recent CPUs, however, bring a new set of mechanisms. Extended page-

table (EPT) switching with VM functions and memory protection keys (MPKs) provide memory isolation

new isolation boundary that leverages extended page table (EPT) switching with the VMFUNC instruction.

We define a set of invariants that allows us to isolate kernel components in the face of an intricate execution

model of the kernel, e.g., provide isolation of preemptable, concurrent interrupt handlers. To minimize

overheads of virtualization, we develop support for exitless interrupt delivery across isolated domains. We

evaluate our approach by developing isolated versions of several device drivers in the Linux kernel.

3. Learn-as-you-go with Megh: Efficient Live Migration of Virtual Machines

Abstract—Cloud providers leverage live migration of virtual machines to reduce energy consumption and

allocate resources efficiently in data centers. Each migration decision depends on three questions: when to

learning algorithm called Megh. Megh does not require prior knowledge of the workload rather learns the

dynamics of workloads as-it-goes. Megh models the problem of energy- and performance-efficient resource

management during live migration as a Markov decision process and solves it using a functional

approximation scheme. While several reinforcement learning algorithms are proposed to solve this problem,

these algorithms remain confined to the academic realm as they face the curse of dimensionality. They are

either not scalable in real-time, as it is the case of MadVM, or need an elaborate offline training, as it is the

case of Q-learning. These algorithms often incur execution overheads which are comparable with the

migration time of a VM. Megh overcomes these deficiencies. Megh uses a novel dimensionality reduction

scheme to project the combinatorially explosive state-action space to a polynomial dimensional space with a

sparse basis. Megh has the capacity to learn uncertain dynamics and the ability to work in real-time without

4. Optimizing Live Migration of Multiple Virtual Machines

Abstract—The Cloud computing paradigm is enabling innovative and disruptive services by allowing

enterprises to lease computing, storage and network resources from physical infrastructure owners. This

shift in infrastructure management responsibility has brought new revenue models and new challenges to

Cloud providers. One of those challenges is to efficiently migrate multiple virtual machines (VMs) within

the hosting infrastructure with minimum service interruptions. In this paper we first present a live-migration

performance testing, captured on a production-level Linux-based virtualization platform, that motivates the

need for a better multi-VM migration strategy. We then propose a geometric programming model whose

goal is to optimize the bit rate allocation for the live-migration of multiple VMs and minimize the total

5. Scatter-Gather Live Migration of Virtual Machines

Abstract—We introduce a new metric for live migration of virtual machines (VM) called eviction time

defined as the time to evict the state of one or more VMs from the source host. Eviction time determines

how quickly the source can be taken offline or its resources repurposed for other VMs. In traditional live

migration, such as pre-copy and post-copy, eviction time equals the total migration time because the source

is tied up until the destination receives the entire VM. We present Scatter-Gather live migration which

decouples the source and destination during migration to reduce eviction time when the destination is slow.

The source scatters the memory of VMs to multiple nodes, including the destination and one or more

6. Securing Time in Untrusted Operating Systems with TimeSeal

Abstract—An accurate sense of elapsed time is essential for the safe and correct operation of hardware,

software, and networked systems. Unfortunately, an adversary can manipulate the system’s time and violate

causality, consistency, and scheduling properties of underlying applications. Although cryptographic

techniques are used to secure data, they cannot ensure time security as securing a time source is much more

challenging, given that the result of inquiring time must be delivered in a timely fashion. In this paper, we

first describe general attack vectors that can compromise a system’s sense of time. To counter these attacks,

we propose a secure time architecture, TIMESEAL that leverages a Trusted Execution Environment (TEE)

applications in the presence of a strong adversary. It delivers all temporal use cases pertinent to secure

sensing, computing, and actuating in networked systems

7. Using Intel SGX to Protect Authentication Credentials in an Untrusted Operating System

Abstract—An important principle in computational security is to reduce the attack surface, by maintaining

the Trusted Computing Base (TCB) small. Even so, no security technique ensures full protection against any

adversary. Thus, sensitive applications should be designed with several layers of protection so that, even if a

layer might be violated, sensitive content will not be compromised. In 2015, Intel released the Software

Guard Extensions (SGX) technology in its processors. This mechanism allows applications to allocate

an extra security layer, the password file is stored using SGX sealing. A threat model was proposed to assess

the security of the proposed solution. The obtained results show that the proposed solution is secure against

the threat model considered, and that its performance overhead is acceptable from the user point of view.

The scheme presented here is also suitable to other authentication frameworks.

8. Dynamic VM Scaling: Provisioning and Pricing through an Online Auction

Abstract—Today’s IaaS clouds allow dynamic scaling of VMs allocated to a user, according to real-time

demand of the user. There are two types of scaling: horizontal scaling (scale-out) by allocating more VM

instances to the user, and vertical scaling (scale-up) by boosting resources of VMs owned by the user. It has

designs an efficient, truthful online auction for resource provisioning and pricing in the practical cases of

dynamic VM scaling, where: (i) users bid for customized VMs to use in future durations, and can bid again

in the following time to increase resources, indicating both scale-up and scale-out options; (ii) the cloud

provider packs the demanded VMs on heterogeneous servers for energy cost minimization on the go. We

carefully design resource prices maintained for each type of resource on each server to achieve threshold-

based online allocation and charging, as well as a novel competitive analysis technique based on

submodularity of the offline objective, to show a good competitive ratio is achieved. The efficacy of the

online auction is validated through solid theoretical analysis and trace-driven simulations.

9. A new cost-effective mechanism for VM-to-user mapping in cloud data centers

customers are classified into theses classes in terms of their previous buying behavior using fuzzy system in

name FCLCDS. Second, another fuzzy system in name FNTSVMTDS is designed to determine the value of

necessity to sell resource type. The outputs of FCLCDS and FNTSVMTDS are called Loyalty Class (LC)

and Necessity to Sell VM Type (NtSVMT), respectively. Finally, a fuzzy system in name FDCDS is

proposed to determine the discount coefficient based on both LC and NtSVMT inputs. Furthermore,

appropriate times for calculating/re-calculating the discount coefficients that are applied by a resource

provider to relax its counter-offers are calculated. We perform extensive simulation experiments to compare

our designed negotiator in name FDMDA with MDA and FNSSA. The results show that our designed

FDMDA outperforms MDA and FNSSA.

CrashTuner lies in how we identify fault-injection points (crash points) that are likely to expose errors. We

observe that if a node crashes while accessing meta-info variables, i.e., variables referencing high-level

system state information (e.g., an instance of node or task), it often triggers crash-recovery bugs. Hence, we

identify crash points by automatically inferring meta-info variables via a log-based static program analysis.

Our approach is automatic and no manual specification is required. We have applied CrashTuner to five

representative distributed systems: Hadoop2/Yarn, HBase, HDFS, ZooKeeper, and Cassandra. CrashTuner

can finish testing each system in 17.39 hours, and reports 21 new bugs that have never been found before.

All new bugs are confirmed by the original developers and 16 of them have already been fixed (14 with our

patches). These new bugs can cause severe damages such as cluster down or start-up failures.

significantly expand hardware resources in response to load spikes. In this paper, we introduce Model-

Switching, a new approach to dealing with fluctuating workloads when serving DNN models. Motivated by

the observation that endusers of ML primarily care about the accuracy of responses that are returned within

the deadline (which we refer to as effective accuracy), we propose to switch from complex and highly

accurate DNN models to simpler but less accurate models in the presence of load spikes. We show that the

flexibility introduced by enabling online model switching provides higher effective accuracy in the presence

of fluctuating workloads compared to serving using any single model. We implement Model-Switching

within Clipper, a state-of-art DNN model serving system, and demonstrate its advantages over baseline

approaches.

12. Rethinking Isolation Mechanisms for Datacenter Multitenancy

IME (Isolated Monitor Execution) provides SGX-style memory encryption, but strictly prevents

microarchitectural co-tenancy of secure and insecure code. IME also uses a separate, microarchitecturally-

isolated pipeline to run dynamic security checks on monitored code, enabling post-load monitoring for

security invariants like CFI or type safety. Finally, an IME processor exports a machine-readable description

of its microarchitectural implementation, allowing tenants to reason about the security properties of a

particular IME instance.

13. More IOPS for Less: Exploiting Burstable Storage in Public Clouds

Burstable storage is a public cloud feature that enhances cloud storage volumes with credits that can be used

increase IOPS by up to 100× at a cost increase of only 10–40%. Compared to an AWS io1 volume

provisioned for the same performance, such interchanging reduces cost by 97.5%.

14. JACKPOT: Online Experimentation of Cloud Microservices

Online experimentation is an agile software development practice, which plays a central role in enabling

rapid innovation. It helps shorten code delivery cycles, which is critical for companies to survive in a

competitive software-driven market. Recent advances in cloud computing, including the maturity of

container-based technologies and cloud infrastructure, as well as the advent of service meshes, have created

an opportunity to broaden the scope of online experimentation and further increase developers’ agility. In