Protection in the Think exokernel

In this paper, we present our preliminary ideas concerning the adaptation of security and protection techniques in the Think exokernel. Think is our proposition of a distributed adaptable kernel, designed according to the exokernel architecture. After summing up the main motivations for using the exokernel architecture, we describe the Think exokernel as it has been implemented on a PowerPC machine. We then present the major protection and security techniques that we plan to adapt to the Think environment, and give an example of how some of these techniques can be combined with the Think model to provide fair and protected resource management. Finally, we briefly present the iPAQ Pocket PC to which we plan to port the Think exokernel and explain our interest in this kind of mobile devices

Mobile Interactive Data Acquisition System (MIDAS)

MIDAS is an application framework for remote data acquisition and visualization that allows dynamic reconfiguration of its constituent components. There are three types of reconfiguration, namely, component replacement, component interposition and component deletion. A two-phase protocol to maintain the consistency of the system during reconfiguration is described. MIDAS has a multi-tiered architecture. This architecture is illustrated with a visual model. The model was described with Unified Modeling Language (UML) during the design and analysis phase. Two applications of the MIDAS framework are described. The first application uses a sensor to measure the temperature, pressure and humidity of the atmosphere. In this application, the components that provide timing information can be dynamically reconfigured. The second experiment measures natural fluorescence emitted by phytoplankton. In this experiment, the component that models the daytime light cycle and the components that provide timing information can be dynamically replaced. In both these applications, filter components can be dynamically inserted to filter the sampled data. These filter components can be deleted when they are no longer required.1998 best estimate for issue date based on available information

An Autonomic Cross-Platform Operating Environment for On-Demand Internet Computing

The Internet has evolved into a global and ubiquitous communication medium interconnecting powerful application servers, diverse desktop computers and mobile notebooks. Along with recent developments in computer technology, such as the convergence of computing and communication devices, the way how people use computers and the Internet has changed people´s working habits and has led to new application scenarios. On the one hand, pervasive computing, ubiquitous computing and nomadic computing become more and more important since different computing devices like PDAs and notebooks may be used concurrently and alternately, e.g. while the user is on the move. On the other hand, the ubiquitous availability and pervasive interconnection of computing systems have fostered various trends towards the dynamic utilization and spontaneous collaboration of available remote computing resources, which are addressed by approaches like utility computing, grid computing, cloud computing and public computing. From a general point of view, the common objective of this development is the use of Internet applications on demand, i.e. applications that are not installed in advance by a platform administrator but are dynamically deployed and run as they are requested by the application user. The heterogeneous and unmanaged nature of the Internet represents a major challenge for the on demand use of custom Internet applications across heterogeneous hardware platforms, operating systems and network environments. Promising remedies are autonomic computing systems that are supposed to maintain themselves without particular user or application intervention. In this thesis, an Autonomic Cross-Platform Operating Environment (ACOE) is presented that supports On Demand Internet Computing (ODIC), such as dynamic application composition and ad hoc execution migration. The approach is based on an integration middleware called crossware that does not replace existing middleware but operates as a self-managing mediator between diverse application requirements and heterogeneous platform configurations. A Java implementation of the Crossware Development Kit (XDK) is presented, followed by the description of the On Demand Internet Computing System (ODIX). The feasibility of the approach is shown by the implementation of an Internet Application Workbench, an Internet Application Factory and an Internet Peer Federation. They illustrate the use of ODIX to support local, remote and distributed ODIC, respectively. Finally, the suitability of the approach is discussed with respect to the support of ODIC

Dynamic Reconfiguration with Virtual Services

We present a new architecture (virtual services) and accompanying implementation for dynamically adapting and reconfiguring the behavior of network services. Virtual services are a compositional middleware system that transparently interposes itself between a service and a client, overlaying new functionality with configurations of modules organized into processing chains. Virtual services allow programmers and system administrators to extend, modify, and reconfigure dynamically the behavior of existing services for which source code, object code, and administrative control are not available. Virtual service module processing chains are instantiated on a per connection or invocation basis, thereby enabling the reconfiguration of individual connections to a service without affecting other connections to the same service. To validate our architecture, we have implemented a virtual services software development toolkit and middleware server. Our experiments demonstrate that virtual services can modularize concerns that cut across network services. We show that we can reconfigure and enhance the security properties of services implemented as either TCP client-server systems, such as an HTTP server, or as remotely invocable objects, such as a Web service. We demonstrate that virtual services can reconfigure the following security properties and abilities: authentication, access control, secrecy/encryption, connection monitoring, security breach detection, adaptive response to security breaches, concurrent and dynamically mutable implementation of multiple security policies for different clients