Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Janos A Java-oriented Active Network Operating System Jay Lepreau, Patrick Tullmann, Kristin Wright Wilson Hsieh, Godmar Back, many more... University of Utah Flux Research Group www.cs.utah.edu/flux/ April 16, 1999 What is Janos? Single-address space OS, with some but not much hardware memory protection Contains a JVM Primary target application code is Java byte code Can also run Posix-like apps Our Primary Hard Problem Availability: Resource Management and Control Other Hard Problems Information security Performance Tech transfer Approach Custom JVM providing inter-AA (inter-applet, interservlet) isolation within the same JVM Add a policy-free strong security architecture that NSA, SCC, and we developed in another OS. Underneath is a highly-modular “embedded” OS Produce separately useful OS, security, and Java VM components. Claim: Broad Relevance Our custom JVM, and probably the accompanying security architecture implementation, can run wherever JVM’s run today. Resource Control Leverage experience providing resource control in more traditional OS’es. Apply user/kernel mode boundary to a type-safe environment (Java) Obvious resources: Cycles / Bandwidth / Memory Other resources: Caching store, persistent store, specialized hardware, specialized data Admission control, prevent denial of service, fair sharing, perhaps latency constraints, early accounting Janos Structure Active Protocols ANTS-5 EE Custom Java VM The OSKit++ Hardware Janos Structure Active Protocols ANTS-5 EE Custom Java VM The OSKit++ Hardware Janos Structure Active Protocols ANTS-5 EE Custom Java VM Sec. Policy Engine The OSKit++ Hardware Janos Structure Active Protocols Other Java EE ANETD Non-Java EE Sec. Policy Engine ANTS-5 EE Custom Java VM The OSKit++ Hardware Active Protocols Other Java EE ANETD Non-Java EE Sec. Policy Engine ANTS-5 EE Custom Java VM The OSKit++ UNIX Hardware Possible Curves in the Road Neither prototype JVM OS model is the right one Hardware protection may be included Flask security architecture may not map well to Java and Janos Challenges in GC and cpu interactions. More surprises undoubtedly await… Status Done: To Do: Prototype of JVM with strong OS process model Eval and unify aspects of prototypes Prototype of JVM with resource controls for memory,cycles, GC New OSKit modules – Security components – Modular and optimized network access Partially modified ANTS to allow resource control – Crypto, secure boot, … Checks in enforcers Performance, performance 9/99: Team3, support PANDA and Ninja