Apiary: Easy-to-use Desktop Application Fault Containment on Commodity Operating Systems

Desktop computers are often compromised by the interaction of untrusted data and buggy software. To address this problem, we present Apiary, a system that provides transparent application fault containment while retaining the ease of use of a traditional integrated desktop environment. Apiary accomplishes this with three key mechanisms. It isolates applications in containers that integrate in a controlled manner at the display and file system. It introduces ephemeral containers that are quickly instantiated for single application execution and then removed, to prevent any exploit that occurs from persisting and to protect user privacy. It introduces the virtual layered file system to make instantiating containers fast and space efficient, and to make managing many containers no more complex than having a single traditional desktop. We have implemented Apiary on Linux without any application or operating system kernel changes. Our results from running real applications, known exploits, and a 24-person user study show that Apiary has modest performance overhead, is effective in limiting the damage from real vulnerabilities to enable quick recovery, and is as easy to use as a traditional desktop while improving desktop computer security and privacy

Improvement of DHRA-DMDC Physical Access Software DBIDS Using Cloud Computing Technology: a Case Study

The U.S government has created and been executing an Identity and Management (IdM) vision to support a global, robust, trusted and interoperable identity management capability that provides the ability to correctly identify individuals and non-person entities in support of DoD mission operations. Many Directives and Instructions have been issued to standardize the process to design, re-designed new and old systems with latest available technologies to meet the visions requirements. In this thesis we introduce a cloud-based architecture for the Defense Biometric Identification System (DBIDS), along with a set of DBIDS Cloud Services that supports the proposed architecture. This cloud-based architecture will move DBIDS in the right direction to meet Dod IdM visions and goals by decoupling current DBIDS functions into DBIDS core services to create interoperability and flexibility to expand future DBIDS with new requirements. The thesis will show its readers how DBIDS Cloud Services will help Defense Manpower Data Center (DMDC) easily expanding DBIDS functionalities such as connecting to other DMDC services or federated services for vetting purposes. This thesis will also serve as a recommendation of a blue-print for DBIDS architecture to support new generation of DBIDS application. This is a step closer in moving DMDC Identity Enterprise Solution toward DoD IdM realizing vision and goals. The thesis also includes a discussion of how to utilize virtualized DBIDS workstations to address software-deployment and maintenance issues to resolve configuration and deployment issues which have been costly problems for DMDC over the years.http://archive.org/details/improvementofdhr109457379Civilian, Department of Defens

MobiDesk: Mobile Virtual Desktop Computing

We present MobiDesk, a mobile virtual desktop computing hosting infrastructure that leverages continued improvements in network speed, cost, and ubiquity to address the complexity, cost, and mobility limitations of today's personal computing infrastructure. MobiDesk transparently virtualizes a user's computing session by abstracting underlying system resources in three key areas: display, operating system and network. MobiDesk provides a thin virtualization layer that decouples a user's computing session from any particular end user device and moves all application logic from end user devices to hosting providers. MobiDesk virtualization decouples a user's computing session from the underlying operating system and server instance, enabling high availability service by transparently migrating sessions from one server to another during server maintenance or upgrades. We have implemented a MobiDesk prototype in Linux that works with existing unmodified applications and operating system kernels. Our experimental results demonstrate that MobiDesk has very low virtualization overhead, can provide a full-featured desktop experience including full-motion video support, and is able to migrate users' sessions efficiently and reliably for high availability, while maintaining existing network connections

A METHOD FOR ADDING IMAGE CLUSTER NODE APIS

The present disclosure discloses a method for adding image cluster node APIs. The objective of the present disclosure is to initiate cluster add node to a Jenkins pipeline by calling the Jenkins APIs. The present disclosure focuses to automatically update the status of the job to the MongoDB. In some embodiments, the present disclosure focuses on adding one or more nodes to the image cluster by initiating Jenkins APIs. Further, the present disclosure includes configuring the cluster files and validating the input data related to new node and initiating capacity add playbook and updating status back to the image cluster