Stop Hiding The Sharp Knives: The WebAssembly Linux Interface

WebAssembly is gaining popularity as a portable binary format targetable from many programming languages. With a well-specified low-level virtual instruction set, minimal memory footprint and many high-performance implementations, it has been successfully adopted for lightweight in-process memory sandboxing in many contexts. Despite these advantages, WebAssembly lacks many standard system interfaces, making it difficult to reuse existing applications. This paper proposes WALI: The WebAssembly Linux Interface, a thin layer over Linux's userspace system calls, creating a new class of virtualization where WebAssembly seamlessly interacts with native processes and the underlying operating system. By virtualizing the lowest level of userspace, WALI offers application portability with little effort and reuses existing compiler backends. With WebAssembly's control flow integrity guarantees, these modules gain an additional level of protection against remote code injection attacks. Furthermore, capability-based APIs can themselves be virtualized and implemented in terms of WALI, improving reuse and robustness through better layering. We present an implementation of WALI in a modern WebAssembly engine and evaluate its performance on a number of applications which we can now compile with mostly trivial effort.Comment: 12 pages, 8 figure

Improving Desktop System Security Using Compartmentalization

abstract: Compartmentalizing access to content, be it websites accessed in a browser or documents and applications accessed outside the browser, is an established method for protecting information integrity [12, 19, 21, 60]. Compartmentalization solutions change the user experience, introduce performance overhead and provide varying degrees of security. Striking a balance between usability and security is not an easy task. If the usability aspects are neglected or sacrificed in favor of more security, the resulting solution would have a hard time being adopted by end-users. The usability is affected by factors including (1) the generality of the solution in supporting various applications, (2) the type of changes required, (3) the performance overhead introduced by the solution, and (4) how much the user experience is preserved. The security is affected by factors including (1) the attack surface of the compartmentalization mechanism, and (2) the security decisions offloaded to the user. This dissertation evaluates existing solutions based on the above factors and presents two novel compartmentalization solutions that are arguably more practical than their existing counterparts. The first solution, called FlexICon, is an attractive alternative in the design space of compartmentalization solutions on the desktop. FlexICon allows for the creation of a large number of containers with small memory footprint and low disk overhead. This is achieved by using lightweight virtualization based on Linux namespaces. FlexICon uses two mechanisms to reduce user mistakes: 1) a trusted file dialog for selecting files for opening and launching it in the appropriate containers, and 2) a secure URL redirection mechanism that detects the user’s intent and opens the URL in the proper container. FlexICon also provides a language to specify the access constraints that should be enforced by various containers. The second solution called Auto-FBI, deals with web-based attacks by creating multiple instances of the browser and providing mechanisms for switching between the browser instances. The prototype implementation for Firefox and Chrome uses system call interposition to control the browser’s network access. Auto-FBI can be ported to other platforms easily due to simple design and the ubiquity of system call interposition methods on all major desktop platforms.Dissertation/ThesisDoctoral Dissertation Computer Science 201

High-Performance Cloud Computing: A View of Scientific Applications

Scientific computing often requires the availability of a massive number of computers for performing large scale experiments. Traditionally, these needs have been addressed by using high-performance computing solutions and installed facilities such as clusters and super computers, which are difficult to setup, maintain, and operate. Cloud computing provides scientists with a completely new model of utilizing the computing infrastructure. Compute resources, storage resources, as well as applications, can be dynamically provisioned (and integrated within the existing infrastructure) on a pay per use basis. These resources can be released when they are no more needed. Such services are often offered within the context of a Service Level Agreement (SLA), which ensure the desired Quality of Service (QoS). Aneka, an enterprise Cloud computing solution, harnesses the power of compute resources by relying on private and public Clouds and delivers to users the desired QoS. Its flexible and service based infrastructure supports multiple programming paradigms that make Aneka address a variety of different scenarios: from finance applications to computational science. As examples of scientific computing in the Cloud, we present a preliminary case study on using Aneka for the classification of gene expression data and the execution of fMRI brain imaging workflow.Comment: 13 pages, 9 figures, conference pape

Reusable generic software robot

Abstract. The main purpose of this thesis was to create a generic reusable software robot which can be deployed into any IaaS type of a cloud service. In this thesis the first thing to be researched was how to implement a virtualised environment into a cloud service. The possibilities for virtualising the environment were a container and a virtual machine. The two possible implementations were researched since the resulting implementation must be compatible with a cloud service. Firstly, it was found that a container-based implementation would be the best option because it is lightweight to move around and secondly, a start-up time of a new instance in a cloud service is fast. Possible cloud providers were scanned after researching possible implementation methods. Two possible cloud providers, AWS and Azure, were studied more closely since they offer an infrastructure as a service and once they are commonly used. AWS was chosen to be the platform to be used because of a higher maturity level and also because of the possibility to add or remove container capabilities. Finally, it was discussed how a generic reusable software robot was implemented. Notable circumstances of suitable tasks for a software robot were considered.Kertakäyttöinen geneerinen ohjelmistorobotti. Tiivistelmä. Tässä työssä tutkittiin, kuinka geneerinen kertakäyttöinen ohjelmistorobotti voidaan toteuttaa pilvipalvelussa. Ensin tarkasteltiin erilaisia virtualisointimenetelmiä, joilla ohjelmistorobotti voitaisiin toteuttaa. Tutkitut menetelmät olivat virtuaalikone ja kontti. Näitä kahta toteutustapaa vertailtiin huomioiden valmiin toteutuksen sopivuus pilvipalveluun. Kontti todettiin sopivimmaksi toteutustavaksi, koska se vie vähän tilaa ja uuden instanssin käynnistäminen on nopeaa. Pilvipalvelutarjoajia tutkittiin, kun sopiva toteutusmenetelmä ohjelmistorobotille oli löydetty. Tutkimuksessa keskityttiin AWS:ään ja Azureen, jotka ovat tällä hetkellä suurimpia markkinoilla toimivia infrastructure as a service -tyyppisten pilvipalveuiden tarjoajia. AWS valittiin toteutusalustaksi, koska se on teknisesti edistyneempi kuin Azure ja AWS:ssä on mahdollista lisätä ja poistaa kontin oikeuksia. Lopuksi esiteltiin, kuinka geneerinen kertakäyttöinen ohjelmistorobotti toteutettiin ja mitä täytyy ottaa huomioon, kun päätetään sopivasta käyttökohteesta ohjelmistorobotille

Are Unikernels Ready for Serverless on the Edge?

Function-as-a-Service (FaaS) is a promising edge computing execution model but requires secure sandboxing mechanisms to isolate workloads from multiple tenants on constrained infrastructure. Although Docker containers are lightweight and popular in open-source FaaS platforms, they are generally considered insufficient for executing untrusted code and providing sandbox isolation. Commercial cloud FaaS platforms thus rely on Linux microVMs or hardened container runtimes, which are secure but come with a higher resource footprint. Unikernels combine application code and limited operating system primitives into a single purpose appliance, reducing the footprint of an application and its sandbox while providing full Linux compatibility. In this paper, we study the suitability of unikernels as an edge FaaS execution environment using the Nanos and OSv unikernel tool chains. We compare performance along several metrics such as cold start overhead and idle footprint against sandboxes such as Firecracker Linux microVMs, Docker containers, and secure gVisor containers. We find that unikernels exhibit desirable cold start performance, yet lag behind Linux microVMs in stability. Nevertheless, we show that unikernels are a promising candidate for further research on Linux-compatible FaaS isolation

Mining sandboxes for Linux containers

NSFC Progra