Using continuations to implement thread management and communication in operating systems
SOSP '91 Proceedings of the thirteenth ACM symposium on Operating systems principles
A Retrospective on the VAX VMM Security Kernel
IEEE Transactions on Software Engineering
Microkernels meet recursive virtual machines
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Lazy receiver processing (LRP): a network subsystem architecture for server systems
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
The Flux OSKit: a substrate for kernel and language research
Proceedings of the sixteenth ACM symposium on Operating systems principles
Application performance and flexibility on exokernel systems
Proceedings of the sixteenth ACM symposium on Operating systems principles
Extensible security architectures for Java
Proceedings of the sixteenth ACM symposium on Operating systems principles
Disco: running commodity operating systems on scalable multiprocessors
Proceedings of the sixteenth ACM symposium on Operating systems principles
Computer security
Resource containers: a new facility for resource management in server systems
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Improving the granularity of access control in Windows NT
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
An empirical study of operating systems errors
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
The persistent relevance of the local operating system to global applications
EW 7 Proceedings of the 7th workshop on ACM SIGOPS European workshop: Systems support for worldwide applications
Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
Design and verification of secure systems
SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
WSCLOCK—a simple and effective algorithm for virtual memory management
SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
Analysis of the Intel Pentium's ability to support a secure virtual machine monitor
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Alpine: a user-level infrastructure for network protocol development
USITS'01 Proceedings of the 3rd conference on USENIX Symposium on Internet Technologies and Systems - Volume 3
Organization-based analysis of web-object sharing and caching
USITS'99 Proceedings of the 2nd conference on USENIX Symposium on Internet Technologies and Systems - Volume 2
WindowBox: a simple security model for the connected desktop
WSS'00 Proceedings of the 4th conference on USENIX Windows Systems Symposium - Volume 4
Agent Tcl: a flexible and secure mobile-agent system
TCLTK'96 Proceedings of the 4th conference on USENIX Tcl/Tk Workshop, 1996 - Volume 4
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Virtual services: a new abstraction for server consolidation
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
An architecture for large scale Internet measurement
IEEE Communications Magazine
The design and implementation of an operating system to support distributed multimedia applications
IEEE Journal on Selected Areas in Communications
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
A comparison of software and hardware techniques for x86 virtualization
Proceedings of the 12th international conference on Architectural support for programming languages and operating systems
Transparent network services via a virtual traffic layer for virtual machines
Proceedings of the 16th international symposium on High performance distributed computing
Bridging the gap between software and hardware techniques for I/O virtualization
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
The turtles project: design and implementation of nested virtualization
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
SymCall: symbiotic virtualization through VMM-to-guest upcalls
Proceedings of the 7th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
A case for scaling applications to many-core with OS clustering
Proceedings of the sixth conference on Computer systems
Performance evaluation of MapReduce using full virtualisation on a departmental cloud
International Journal of Applied Mathematics and Computer Science - SPECIAL SECTION: Efficient Resource Management for Grid-Enabled Applications
Cloud terminal: secure access to sensitive applications from untrusted systems
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
Synchronous programming of device drivers for global resource control in embedded operating systems
ACM Transactions on Embedded Computing Systems (TECS) - Special section on ESTIMedia'12, LCTES'11, rigorous embedded systems design, and multiprocessor system-on-chip for cyber-physical systems
Enabling fast, dynamic network processing with clickOS
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
ClickOS and the art of network function virtualization
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
Hi-index | 0.00 |
This paper describes the Denali isolation kernel, an operating system architecture that safely multiplexes a large number of untrusted Internet services on shared hardware. Denali's goal is to allow new Internet services to be "pushed" into third party infrastructure, relieving Internet service authors from the burden of acquiring and maintaining physical infrastructure. Our isolation kernel exposes a virtual machine abstraction, but unlike conventional virtual machine monitors, Denali does not attempt to emulate the underlying physical architecture precisely, and instead modifies the virtual architecture to gain scale, performance, and simplicity of implementation. In this paper, we first discuss design principles of isolation kernels, and then we describe the design and implementation of Denali. Following this, we present a detailed evaluation of Denali, demonstrating that the overhead of virtualization is small, that our architectural choices are warranted, and that we can successfully scale to more than 10,000 virtual machines on commodity hardware.