Revealing the unseen: how to expose cloud usage while protecting user privacy

Cloud users have little visibility into the performance characteristics and utilization of the physical machines underpinning the virtualized cloud resources they use. This uncertainty forces users and researchers to reverse engineer the inner workings of cloud systems in order to understand and optimize the conditions their applications operate. At Massachusetts Open Cloud (MOC), as a public cloud operator, we'd like to expose the utilization of our physical infrastructure to stop this wasteful effort. Mindful that such exposure can be used maliciously for gaining insight into other user's workloads, in this position paper we argue for the need for an approach that balances openness of the cloud overall with privacy for each tenant inside of it. We believe that this approach can be instantiated via a novel combination of several security and privacy technologies. We discuss the potential benefits, implications of transparency for cloud systems and users, and technical challenges/possibilities.Accepted manuscrip

HIL: designing an exokernel for the data center

We propose a new Exokernel-like layer to allow mutually untrusting physically deployed services to efficiently share the resources of a data center. We believe that such a layer offers not only efficiency gains, but may also enable new economic models, new applications, and new security-sensitive uses. A prototype (currently in active use) demonstrates that the proposed layer is viable, and can support a variety of existing provisioning tools and use cases.Partial support for this work was provided by the MassTech Collaborative Research Matching Grant Program, National Science Foundation awards 1347525 and 1149232 as well as the several commercial partners of the Massachusetts Open Cloud who may be found at http://www.massopencloud.or

User-profile-based analytics for detecting cloud security breaches

While the growth of cloud-based technologies has benefited the society tremendously, it has also increased the surface area for cyber attacks. Given that cloud services are prevalent today, it is critical to devise systems that detect intrusions. One form of security breach in the cloud is when cyber-criminals compromise Virtual Machines (VMs) of unwitting users and, then, utilize user resources to run time-consuming, malicious, or illegal applications for their own benefit. This work proposes a method to detect unusual resource usage trends and alert the user and the administrator in real time. We experiment with three categories of methods: simple statistical techniques, unsupervised classification, and regression. So far, our approach successfully detects anomalous resource usage when experimenting with typical trends synthesized from published real-world web server logs and cluster traces. We observe the best results with unsupervised classification, which gives an average F1-score of 0.83 for web server logs and 0.95 for the cluster traces

Aortocaval Fistula in a Behcet's Disease Patient

Behcet's disease (BD) is a chronic, recurrent, systemic disease that is characterized by oral and genital ulcers and oculocutaneous inflammatory lesions. Cardiovascular involvement especially large artery involvement is a serious and vital complication of BD. Pseudoaneurysms in the major arteries may be the cause of sudden death in BD. In our case a pulsatile abdominal mass was determined to be an aortic pseudoaneurysm associated with BD and an aortocaval fistula. Here we report this case and a short review of literature because this is the first reported aortocaval fistula in a BD patient in English literature

Coronary arteriovenous fistulas in the adults: natural history and management strategies

<p>Abstract</p> <p>Objective</p> <p>To describe aspects of the natural history and pathophysiology of coronary arteriovenous fistula and to propose potential treatment strategies.</p> <p>Methods</p> <p>Eleven adult patients were treated surgically for coronary arteriovenous fistulas (8 male, 3 female) during the last three years. Mean age was 48,7 ± 9,5 years (range 32-65 years). Diagnosis was made by coronary angiography and transesophageal echocardiography</p> <p>Results</p> <p>All patients were symptomatic due to the associating cardiac disorder or fistula. Presenting symptoms were chest pain, exertional dyspnea and palpitation. All patients were diagnosed by selective angiography. Transthoracic and transoesophageal echocardiography was performed to identify the Qp/Qs ratio in one patient. One patient who had an LAD to pulmonary artery coronary arteriovenous fistula with a vascular malformation needed early reoperation due to recurrence of the fistula. Echocardiographic evaluation at the postoperative third month revealed no residual shunts in all patients.</p> <p>Conclusion</p> <p>Because of the severe complications that may develop due to coronary arteriovenous fistula, we believe that every coronary artery fistula should be treated invasively by surgery or transcatheter closure. But both treatment modalities still need to be evaluated with randomized multicenter studies for long term survival and effectiveness.</p

Extended Durability of a Cloth-Covered Star-Edwards Caged Ball Prosthesis in Aortic Position

The Starr-Edwards caged ball valve is one of the oldest cardiac valve prosthesis and was widely used all around the world in the past decades. Despite the long-term results that have been reported there are only a few cases reported that exceed 30 years of durability. Here in, we report a 53-year-old patient with a well-functioning 35-year-old aortic Starr-Edwards caged ball prosthesis

An Experiment on Bare-Metal BigData Provisioning

Many BigData customers use on-demand platforms in the cloud, where they can get a dedicated virtual cluster in a couple of minutes and pay only for the time they use. Increasingly, there is a demand for bare-metal bigdata solutions for applications that cannot tolerate the unpredictability and performance degradation of virtualized systems. Existing bare-metal solutions can introduce delays of 10s of minutes to provision a cluster by installing operating systems and applications on the local disks of servers. This has motivated recent research developing sophisticated mechanisms to optimize this installation. These approaches assume that using network mounted boot disks incur unacceptable run-time overhead. Our analysis suggest that while this assumption is true for application data, it is incorrect for operating systems and applications, and network mounting the boot disk and applications result in negligible run-time impact while leading to faster provisioning time.This research was supported in part by the MassTech Collaborative Research Matching Grant Program, NSF awards 1347525 and 1414119 and several commercial partners of the Massachusetts Open Cloud who may be found at http://www.massopencloud.or

Temporal workload-aware replicated partitioning for social networks

Most frequent and expensive queries in social networks involve multi-user operations such as requesting the latest tweets or news-feeds of friends. The performance of such queries are heavily dependent on the data partitioning and replication methodologies adopted by the underlying systems. Existing solutions for data distribution in these systems involve hashor graph-based approaches that ignore the multi-way relations among data. In this work, we propose a novel data partitioning and selective replication method that utilizes the temporal information in prior workloads to predict future query patterns. Our method utilizes the social network structure and the temporality of the interactions among its users to construct a hypergraph that correctly models multi-user operations. It then performs simultaneous partitioning and replication of this hypergraph to reduce the query span while respecting load balance and I/O load constraints under replication. To test our model, we enhance the Cassandra NoSQL system to support selective replication and we implement a social network application (a Twitter clone) utilizing our enhanced Cassandra. We conduct experiments on a cloud computing environment (Amazon EC2) to test the developed systems. Comparison of the proposed method with hash- and enhanced graph-based schemes indicate that it significantly improves latency and throughput