Making information flow explicit in HiStar

HiStar is a new operating system designed to minimize the amount of code that must be trusted. HiStar provides strict information flow control, which allows users to specify precise data security policies without unduly limiting the structure of applications. HiStar's security features make it possible to implement a Unix-like environment with acceptable performance almost entirely in an untrusted user-level library. The system has no notion of superuser and no fully trusted code other than the kernel. HiStar's features permit several novel applications, including privacy-preserving, untrusted virus scanners and a dynamic Web server with only a few thousand lines of trusted code.National Science Foundation (U.S.) (Cybertrust Award CNS-0716806)National Science Foundation (U.S.) (Cybertrust/DARPA Grant CNS-0430425

Distributed file systems for Unix

With the advent of distributed systems, mechanisms that support efficient resource sharing are necessary to exploit a distributed architecture. One of the key resources UNIX provides is a hierarchical file system. Early efforts supported distributed UNIX systems by copying files and sending mail between individual machines. The desire to provide transparent mechanisms on which distributed systems access resources has propelled the development of distributed file systems. This thesis presents a brief history of the development of distributed systems based on UNIX, and surveys recent implementations of distributed file systems based on UNIX. The IBIS distributed file system is an example of the latter. The original capabilities of IBIS are discussed and modifications that enhance these capabilities described

Concurrent Execution of Mutually Exclusive Alternatives

We examine the task of concurrently computing alternative solutions to a problem. We restrict our interest to the case where only one solution is needed: in this case we need some rule for selecting between the solutions. We use "fastest first," where the first successful alternative is selected. For problems where the required execution time is unpredictable this method can show substantial execution time performance increases. These increases are dependent on the mean execution time of the alternatives, the fastest execution time, the overhead involved in concurrent computation, and the overhead of selecting and deleting alternatives. Rather than using the traditional approach of multiple computers cooperating on the solution to a problem, this method achieves a solution competitively. Among the problems with exploring multiple alternatives in parallel are side-effects and combinatorial explosion in the amount of state which must be preserved. These are solved by process management and an application of "copy-on-write" virtual memory management. The side effects resulting from interprocess communication are handled by a specialized message layer which interacts with process management. We show how the scheme for parallel execution can be applied to several application areas. The applications are distributed execution of recovery blocks, OR-parallelism in Prolog, and polynomial root-finding

A Compilation Target for Probabilistic Programming Languages

Forward inference techniques such as sequential Monte Carlo and particle Markov chain Monte Carlo for probabilistic programming can be implemented in any programming language by creative use of standardized operating system functionality including processes, forking, mutexes, and shared memory. Exploiting this we have defined, developed, and tested a probabilistic programming language intermediate representation language we call probabilistic C, which itself can be compiled to machine code by standard compilers and linked to operating system libraries yielding an efficient, scalable, portable probabilistic programming compilation target. This opens up a new hardware and systems research path for optimizing probabilistic programming systems.Comment: In Proceedings of the 31st International Conference on Machine Learning (ICML), 201

Advances in the M-machine runtime system

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1997.Includes bibliographical references (leaf 53).by Andrew Shultz.M.Eng

System call interface for Asbestos labels

Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2005.Includes bibliographical references (p. 53-55).Acetone is a secure operating system kernel that uses a shared address space and supports Asbestos labels. Acetone uses Asbestos labels to enable a wide variety of security policies including ones that prevent untrusted applications from being able to disclose private data. All threads run in the same address space, but have different memory access privileges. Acetone uses standard memory protection mechanisms to ensure that all memory accesses are consistent with label rules. The performance results show that these checks have a relatively low cost.by Clifford A. Frey.M.Eng