Correlated multi-streaming in distributed interactive multimedia systems

Distributed Interactive Multimedia Environments (DIMEs) enable geographically distributed people to interact with each other in a joint media-rich virtual environment for a wide range of activities, such as art performance, medical consultation, sport training, etc. The real-time collaboration is made possible by exchanging a set of multi-modal sensory streams over the network in real time. The characterization and evaluation of such multi-stream interactive environments is challenging because the traditional Quality of Service metrics (e.g., delay, jitter) are limited to a per stream basis. In this work, we present a novel ???Bundle of Streams??? concept to de???ne correlated multi-streams in DIMEs and present new cyber-physical, spatio-temporal QoS metrics to measure QoS over bundle of streams. We realize Bundle of Streams concept by presenting a novel paradigm of Bundle Streaming as a Service (SAS). We propose and develop SAS Kernel, a generic, distributed, modular and highly ???exible streaming kernel realizing SAS concept. We validate the Bundle of Streams model by comparing the QoS performance of bundle of streams over different transport protocols in a 3D tele-immersive testbed. Also, further experiments demonstrate that the SAS Kernel incurs low overhead in delay, CPU, and bandwidth demands

Foundations of secure computation

Issued as Workshop proceedings and Final report, Project no. G-36-61

The design and implementation of a prototype exokernel operating system

Thesis (M.S.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1996.Includes bibliographical references (p. 99-106).by Dawson R. Engler.M.S

Establishing mandatory access control on Android OS

Common characteristic of all mobile operating systems for smart devices is an extensive middleware that provides a feature-rich API for the onboard sensors and user’s data (e.g., contacts). To effectively protect the device’s integrity, the user’s privacy, and to ensure non-interference between mutually distrusting apps, it is imperative that the middleware enforces rigid security and privacy policies. This thesis presents a line of work that integrates mandatory access control (MAC) mechanisms into the middleware of the popular, open source Android OS. While our early work established a basic understanding for the integration of enforcement hooks and targeted very specific use-cases, such as multi-persona phones, our most recent works adopt important lessons learned and design patterns from established MAC architectures on commodity systems and intertwine them with the particular security requirements of mobile OS architectures like Android. Our most recent work also complemented the Android IPC mechanism with provisioning of better provenance information on the origins of IPC communication. Such information is a crucial building block for any access control mechanism on Android. Lastly, this dissertation outlines further directions of ongoing and future research on access control on modern mobile operating systems.Gemeinsame Charakteristik aller modernen mobilen Betriebssysteme für sog. ”smart devices” ist eine umfangreiche Diensteschicht, die funktionsreiche Programmierschnittstellen zu der Gerätehardware sowie den Endbenutzerdaten (z.B. Adressbuch) bereitstellt. Um die Systemintegrität, die Privatsphäre des Endbenutzers, sowie die Abgrenzung sich gegenseitig nicht vertrauender Apps effektiv zu gewährleisten, ist es unabdingbar, dass diese Diensteschichten rigide Sicherheitspolitiken umsetzen. Diese Dissertation präsentiert mehrere Forschungsarbeiten, die “Mandatory Access Control” (MAC) in die Diensteschicht des weit verbreiteten Android Betriebssystems integrieren. Die ersten dieser Arbeiten schufen ein grundlegendes Verständnis für die Integration von Zugriffsmechanismen in das Android Betriebssystem und waren auf sehr spezielle Anwendungsszenarien ausgerichtet. Neuere Arbeiten haben hingegen wichtige Erkenntnisse und Designprinzipien etablierter MAC Architekturen auf herkömmlichen Betriebssystemen für Android adaptiert und mit den speziellen Sicherheitsanforderungen mobiler Systeme verflochten. Die letzte Arbeit in dieser Reihe hat zudem Androids IPC Mechanismus untersucht und dahingehend ergänzt, dass er bessere Informationen über den Ursprung von IPC Nachrichten bereitstellt. Diese Informationen sind fundamental für jedwede Art von Zugriffskontrolle auf Android. Zuletzt diskutiert diese Dissertation aktuelle und zukünftige Forschungsthemen für Zugriffskontrollen auf modernen, mobilen Endgeräten

Operating R.S. Gaines Systems Editor Reflections on an Operating System Design

The main features of a general purpose multiaccess operating system developed for the CDC 6400 at Berke-ley are presented, and its good and bad points are discussed as they appear in retrospect. Distinctive features of the design were the use of capabilities for protection, and the organization of the system into a sequence of layers, each building on the facilities provided by earlier ones and protecting itself from the malfunctions of later ones. There were serious problems in maintaining the protection between layers when levels were added to the memory hierarchy; these problems are discussed and a new solution is described. Key Words and Phrases: operating system, pro-tection, capabilities, layering domains, memor