can cloud computing systems offer high assurance without
play

CAN CLOUD COMPUTING SYSTEMS OFFER HIGH ASSURANCE WITHOUT LOSING KEY - PowerPoint PPT Presentation

Dec 23, 2023 •270 likes •672 views

1 CAN CLOUD COMPUTING SYSTEMS OFFER HIGH ASSURANCE WITHOUT LOSING KEY CLOUD PROPERTIES? CS6410 Ken Birman, Cornell University High Assurance in Cloud Settings 2 A wave of applications that need high assurance is fast approaching

  1. 1 CAN CLOUD COMPUTING SYSTEMS OFFER HIGH ASSURANCE WITHOUT LOSING KEY CLOUD PROPERTIES? CS6410 Ken Birman, Cornell University

  2. High Assurance in Cloud Settings 2  A wave of applications that need high assurance is fast approaching  Control of the “smart” electric power grid  mHealth applications  Self-driving vehicles….  To run these in the cloud, we’ll need better tools  Today’s cloud is inconsistent and insecure by design  Issues arise at every layer (client… Internet… data center) but we’ll focus on the data center today

  3. Isis 2 System “join update update myGroup” state transfer myGroup 3  Core functionality: groups of objects  … fault-tolerance, speed (parallelism), coordination  Intended for use in very large-scale settings  The local object instance functions as a gateway  Read-only operations performed on local state  Update operations update all the replicas

  4. Isis 2 Functionality 4  We implement a wide range of basic functions  Multicast (many “flavors”) to update replicated data  Multicast “query” to initiate parallel operations and collect the results  Lock-based synchronization  Distributed hash tables  Persistent storage…  Easily integrated with application-specific logic

  5. Example: Cloud-Hosted Service 5 Standard Web-Services method invocation A B C D Some service A distributed request that SafeSend updates group “state”... SafeSend SafeSend ... and the response SafeSend is a version of Paxos.

  6. Isis 2 System 6  C# library (but callable from any .NET language) offering replication techniques for cloud computing developers  Based on a model that fuses virtual synchrony and state machine replication models  Research challenges center on creating protocols that function well despite cloud “events” Elasticity (sudden scale changes) Long scheduling delays, resource contention   Potentially heavily loads Bursts of message loss   High node failure rates Need for very rapid response times   Concurrent (multithreaded) apps Community skeptical of “assurance properties”  

  7. Isis2 makes developer’s life easier 7 Benefits of Using Formal model Importance of Sound Engineering  Isis2 implementation needs to  Formal model permits us to be fast, lean, easy to use, in achieve correctness many ways  Think of Isis2 as a collection of  Developer must see it as easier modules, each with rigorously to use Isis2 than to build from stated properties scratch  These help in debugging  Need great performance under (model checking) “cloudy conditions”

  8. Isis 2 makes developer’s life easier 8 First sets up group  Group g = new Group(“myGroup”); Dictionary<string,double> Values = new Dictionary<string,double>(); g.ViewHandlers += delegate(View v) { Join makes this entity a member.  Console.Title = “myGroup members: “+v.members; State transfer isn’t shown }; g.Handlers[UPDATE] += delegate(string s, double v) { Then can multicast, query. Values[s] = v;  Runtime callbacks to the }; “delegates” as events arrive g.Handlers[LOOKUP] += delegate(string s) { g.Reply(Values[s]); }; Easy to request security  g.Join(); (g.SetSecure), persistence g.SafeSend(UPDATE, “Harry”, 20.75); “Consistency” model dictates the  ordering aseen for event upcalls List<double> resultlist = new List<double>(); and the assumptions user can nr = g.Query(ALL, LOOKUP , “Harry”, EOL, resultlist); make

  9. Isis 2 makes developer’s life easier 9 First sets up group  Group g = new Group(“myGroup”); Dictionary<string,double> Values = new Dictionary<string,double>(); g.ViewHandlers += delegate(View v) { Join makes this entity a member.  Console.Title = “myGroup members: “+v.members; State transfer isn’t shown }; g.Handlers[UPDATE] += delegate(string s, double v) { Then can multicast, query. Values[s] = v;  Runtime callbacks to the }; “delegates” as events arrive g.Handlers[LOOKUP] += delegate(string s) { g.Reply(Values[s]); }; Easy to request security  g.Join(); (g.SetSecure), persistence g.SafeSend(UPDATE, “Harry”, 20.75); “Consistency” model dictates the  ordering seen for event upcalls List<double> resultlist = new List<double>(); and the assumptions user can nr = g.Query(ALL, LOOKUP , “Harry”, EOL, resultlist); make

  10. Isis 2 makes developer’s life easier 10 First sets up group Group g = new Group(“myGroup”);  Dictionary<string,double> Values = new Dictionary<string,double>(); g.ViewHandlers += delegate(View v) { Join makes this entity a  Console.Title = “myGroup members: “+v.members; member. State transfer isn’t }; shown g.Handlers[UPDATE] += delegate(string s, double v) { Values[s] = v; }; Then can multicast, query.  Runtime callbacks to the g.Handlers[LOOKUP] += delegate(string s) { “delegates” as events arrive g.Reply(Values[s]); }; g.Join(); Easy to request security  (g.SetSecure), persistence g.SafeSend(UPDATE, “Harry”, 20.75); “Consistency” model dictates the List<double> resultlist = new List<double>();  ordering seen for event upcalls nr = g.Query(ALL, LOOKUP , “Harry”, EOL, resultlist); and the assumptions user can make

  11. Isis 2 makes developer’s life easier 11 First sets up group  Group g = new Group(“myGroup”); Dictionary<string,double> Values = new Dictionary<string,double>(); g.ViewHandlers += delegate(View v) { Join makes this entity a member.  Console.Title = “myGroup members: “+v.members; State transfer isn’t shown }; g.Handlers[UPDATE] += delegate(string s, double v) { Then can multicast, query. Values[s] = v;  Runtime callbacks to the }; “delegates” as events arrive g.Handlers[LOOKUP] += delegate(string s) { g.Reply(Values[s]); }; Easy to request security  g.Join(); (g.SetSecure), persistence g.SafeSend(UPDATE, “Harry”, 20.75); “Consistency” model dictates the  ordering seen for event upcalls List<double> resultlist = new List<double>(); and the assumptions user can make nr = g.Query(ALL, LOOKUP , “Harry”, EOL, resultlist);

  12. Isis 2 makes developer’s life easier 12 First sets up group  Group g = new Group(“myGroup”); Dictionary<string,double> Values = new Dictionary<string,double>(); g.ViewHandlers += delegate(View v) { Join makes this entity a member.  Console.Title = “myGroup members: “+v.members; State transfer isn’t shown }; g.Handlers[UPDATE] += delegate(string s, double v) { Then can multicast, query. Values[s] = v;  Runtime callbacks to the }; “delegates” as events arrive g.Handlers[LOOKUP] += delegate(string s) { g.Reply(Values[s]); }; Easy to request security  g.Join(); (g.SetSecure), persistence g.SafeSend(UPDATE, “Harry”, 20.75); “Consistency” model dictates the  ordering seen for event upcalls List<double> resultlist = new List<double>(); and the assumptions user can make nr = g.Query(ALL, LOOKUP, “Harry”, EOL, resultlist);

  13. Isis 2 makes developer’s life easier 13 First sets up group  Group g = new Group(“myGroup”); Dictionary<string,double> Values = new Dictionary<string,double>(); Join makes this entity a member. g.ViewHandlers += delegate(View v) {  State transfer isn’t shown Console.Title = “myGroup members: “+v.members; }; g.Handlers[UPDATE] += delegate(string s, double v) { Then can multicast, query. Runtime Values[s] = v;  callbacks to the “delegates” as }; events arrive g.Handlers[LOOKUP] += delegate(string s) { g.Reply(Values[s]); }; Easy to request security,  g.SetSecure(myKey); persistence, tunnelling on TCP... g.Join(); g.SafeSend(UPDATE, “Harry”, 20.75); “Consistency” model dictates the  ordering seen for event upcalls List<double> resultlist = new List<double>(); and the assumptions user can nr = g.Query(ALL, LOOKUP , “Harry”, EOL, resultlist); make

  14. Consistency model: Virtual synchrony meets Paxos (and they live happily ever after…) 14  Membership epochs: begin when a new configuration is installed and reported by delivery of a new “view” and associated state  Protocols run “during” a single epoch: rather than overcome failure, we reconfigure when a failure occurs A=3 B=7 B = B-A A=A+1 Non-replicated reference execution p p q q r r s s t t Time: 0 10 20 30 40 50 60 70 Time: 0 10 20 30 40 50 60 70 Synchronous execution Virtually synchronous execution

  15. Exact comparison 15  What I am calling a synchronous (by which I mean “step by step”) execution actually matches what Paxos offers, but Paxos, as we will see, uses quorum operations to implement this without group views  Virtual synchrony has managed group membership, but also has some optimistic steps (early message delivery, which speeds things up, but it comes at the price of needing to do a “flush” to sync to the network)  Analogy: when you write to a file often the IO system buffers and until you do a file-sync, data might not yet be certain to have reached the disk

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing &amp; Cloud Models Cloud Models Topics Defining cloud computing Understanding: Distributed Application Design Resource Management Automation Virtualized Computing Environments High-performance Computing

1.02k views • 49 slides
What is the Cloud? Simply put, Cloud Computing is the delivery of computing services,

What is the Cloud? Simply put, Cloud Computing is the delivery of computing services,

What is the Cloud? Simply put, Cloud Computing is the delivery of computing services, including Servers, Storage, Databases, Networking, Software, Analytics and Intelligence over the Internet (The Cloud) to offer faster innovation,

338 views • 13 slides
Introduction to Cloud computing Viet Tran Type of Cloud computing Infrastructure as a

Introduction to Cloud computing Viet Tran Type of Cloud computing Infrastructure as a

Introduction to Cloud computing Viet Tran Type of Cloud computing Infrastructure as a Service IaaS: offer full virtual machines via hardware virtualization tech. Amazon EC2, AbiCloud, ElasticHosts, Platform as a Service PaaS:

481 views • 15 slides
Selected Topics in Cloud Computing Marko Vukoli Distributed Systems and Cloud Computing This

Selected Topics in Cloud Computing Marko Vukoli Distributed Systems and Cloud Computing This

Selected Topics in Cloud Computing Marko Vukoli Distributed Systems and Cloud Computing This part of the course Sample distributed systems that power clouds Amazon Dynamo Apache Cassandra Apache Zookeeper To complement HDFS,

961 views • 60 slides
Data Assurance in Opaque Computations High Assurance Systems Engineering Guy Haworth

Data Assurance in Opaque Computations High Assurance Systems Engineering Guy Haworth

Data Assurance in Opaque Computations High Assurance Systems Engineering Guy Haworth guy.haworth@bnc.oxon.org 1 Data Assurance - ACG12, 2009-05-11 Topics Motivation Systems Engineering Cycle Definition: the Problem Domain and the

824 views • 27 slides
Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing

Security and Privacy for Cloud Computing Refik Molva Cloud Computing Outsourcing Storage Computation High availability No maintenance Decreased Costs Elasticity &amp; Flexibility Security and Privacy for Cloud

529 views • 36 slides
A View of Cloud Computing Summary by Nikhil Buduma Cloud Computing Definition Refers to: 1)

A View of Cloud Computing Summary by Nikhil Buduma Cloud Computing Definition Refers to: 1)

A View of Cloud Computing Summary by Nikhil Buduma Cloud Computing Definition Refers to: 1) applications delivered over the Internet 2) Hardware and systems software in data centers that provide these services The composite of SaaS

551 views • 16 slides
Distributed Systems CS6421 Cloud Computing: Servers and Virtualization Prof. Tim Wood

Distributed Systems CS6421 Cloud Computing: Servers and Virtualization Prof. Tim Wood

Distributed Systems CS6421 Cloud Computing: Servers and Virtualization Prof. Tim Wood Amazons Cloud Amazon built its cloud platform so that other people could pay for its infrastructure during the rest of the year Now its cloud users

1.28k views • 79 slides
The MNM-CloudLab -- Ideas, Concepts &amp; Implemenation 17.7. 22.7. 2011 Nils gentschen Felde

The MNM-CloudLab -- Ideas, Concepts &amp; Implemenation 17.7. 22.7. 2011 Nils gentschen Felde

DEUTSCH-FRANZSISCHE SOMMERUNIVERSITT UNIVERSIT DT FRANCO-ALLEMANDE FR NACHWUCHSWISSENSCHAFTLER 2011 POUR JEUNES CHERCHEURS 2011 CLOUD COMPUTING : CLOUD COMPUTING : CLOUD COMPUTING : CLOUD COMPUTING : DFIS ET OPPORTUNITS

965 views • 50 slides
DSC 102 Systems for Scalable Analytics Arun Kumar Topic 2: Basics of Cloud Computing 1

DSC 102 Systems for Scalable Analytics Arun Kumar Topic 2: Basics of Cloud Computing 1

DSC 102 Systems for Scalable Analytics Arun Kumar Topic 2: Basics of Cloud Computing 1 Cloud Computing Compute, storage, memory, networking, etc. are virtualized and exist on remote servers ; rented by application users Main pros of

378 views • 21 slides
Dominant Resource Fairness in Cloud Computing Systems with Heterogeneous Servers Wei Wang ,

Dominant Resource Fairness in Cloud Computing Systems with Heterogeneous Servers Wei Wang ,

Dominant Resource Fairness in Cloud Computing Systems with Heterogeneous Servers Wei Wang , Baochun Li, Ben Liang Department of Electrical and Computer Engineering University of Toronto April 30, 2014 Introduction Cloud computing system

424 views • 40 slides
Usable High-Assurance Operating Systems Doug McIlroy Sean Smith Sergey Bratus Alex Ferguson

Usable High-Assurance Operating Systems Doug McIlroy Sean Smith Sergey Bratus Alex Ferguson

Usable High-Assurance Operating Systems Doug McIlroy Sean Smith Sergey Bratus Alex Ferguson Motivation Available high-assurance systems have large monolithic policies Hard to write and maintain Crafted by trial and error E.g.:

455 views • 16 slides
CLOUD COMPUTING Overview of Use, Benefits, and Risks of Commercial Cloud Computing Commercial

CLOUD COMPUTING Overview of Use, Benefits, and Risks of Commercial Cloud Computing Commercial

CLOUD COMPUTING Overview of Use, Benefits, and Risks of Commercial Cloud Computing Commercial Cloud Computing PRESENTED TO HOUSE COMMITTEE ON GOVERNMENT TRANSPARENCY &amp; OPERATION LEGISLATIVE BUDGET BOARD STAFF April 5, 2016 Statement of

373 views • 8 slides
Distributed and Cloud Storage Systems Corso di Sistemi Distribuiti e Cloud Computing A.A. 2017/18

Distributed and Cloud Storage Systems Corso di Sistemi Distribuiti e Cloud Computing A.A. 2017/18

Universit degli Studi di Roma Tor Vergata Dipartimento di Ingegneria Civile e Ingegneria Informatica Distributed and Cloud Storage Systems Corso di Sistemi Distribuiti e Cloud Computing A.A. 2017/18 Valeria Cardellini Why to scale

1.15k views • 82 slides
Distributed and Cloud Storage Systems Corso di Sistemi Distribuiti e Cloud Computing A.A. 2018/19

Distributed and Cloud Storage Systems Corso di Sistemi Distribuiti e Cloud Computing A.A. 2018/19

Universit degli Studi di Roma Tor Vergata Dipartimento di Ingegneria Civile e Ingegneria Informatica Distributed and Cloud Storage Systems Corso di Sistemi Distribuiti e Cloud Computing A.A. 2018/19 Valeria Cardellini Why to scale

396 views • 37 slides
Cloud Computing Tom Hendrickx RESEARCH QUESTION Define Cloud Computing in context of the higher

Cloud Computing Tom Hendrickx RESEARCH QUESTION Define Cloud Computing in context of the higher

Cloud Computing Tom Hendrickx RESEARCH QUESTION Define Cloud Computing in context of the higher education and research community in general and of an NREN in specific. CLOUD COMPUTING SaaS PaaS STaaS IaaS Utility GRID computing

458 views • 9 slides
Interconnection Structures Patrick Happ Raul Queiroz Feitosa Objective To present key issues

Interconnection Structures Patrick Happ Raul Queiroz Feitosa Objective To present key issues

Interconnection Structures Patrick Happ Raul Queiroz Feitosa Objective To present key issues that affect interconnection design. 2 Interconnection Structures Outline Introduction Computer Busses Bus Types PCI PCI Express

922 views • 49 slides
Diogenes: A tool for exposing Hidden GPU Performance Opportunities Benjamin Welton and Barton

Diogenes: A tool for exposing Hidden GPU Performance Opportunities Benjamin Welton and Barton

Diogenes: A tool for exposing Hidden GPU Performance Opportunities Benjamin Welton and Barton Miller 2019 Performance T ools Workshop July 29th, Tahoe, CA. Overview of Diogenes Automatically detect performance issues with CPU- GPU

506 views • 32 slides
1 Data path basic building blocks. Register file Storage elements Basic building block (at

1 Data path basic building blocks. Register file Storage elements Basic building block (at

Levels in Processor Design Register transfer level Circuit design Two types of components (cf. CSE 370) Keywords: transistors, wires etc.Results in gates, flip-flops etc. Combinational : the output is a function of the input

268 views • 3 slides
S YNCHRONOUS &amp; 24-Nov-2010 A SYNCHRONOUS D ATA T RANSFER www.eazynotes.com Maninder Kaur 1

S YNCHRONOUS &amp; 24-Nov-2010 A SYNCHRONOUS D ATA T RANSFER www.eazynotes.com Maninder Kaur 1

S YNCHRONOUS &amp; 24-Nov-2010 A SYNCHRONOUS D ATA T RANSFER www.eazynotes.com Maninder Kaur 1 professormaninder@gmail.com S YNCHRONOUS D ATA T RANSFER 24-Nov-2010 In a digital system, the internal operations are synchronized by means of

219 views • 18 slides
Content Synchronization Content Synchronization March 2nd 2005 Jukka Honkola T-110.456

Content Synchronization Content Synchronization March 2nd 2005 Jukka Honkola T-110.456

Content Synchronization Content Synchronization March 2nd 2005 Jukka Honkola T-110.456 Synchronization Synchronization Needed whenever multiple copies of an object may be updated independently After synchronization objects should be

413 views • 14 slides
Architecture Design Principles for the Integration of Synchronization Interfaces into

Architecture Design Principles for the Integration of Synchronization Interfaces into

Architecture Design Principles for the Integration of Synchronization Interfaces into Network-on-Chip Switches Daniele Ludovici Alessandro Strano Davide Bertozzi Computer Engineering lab TUDelft - NL MPSoC research group

1.48k views • 32 slides
Introduction to the Microsoft Sync Framework Michael Clark Development Manager Microsoft Agenda

Introduction to the Microsoft Sync Framework Michael Clark Development Manager Microsoft Agenda

Introduction to the Microsoft Sync Framework Michael Clark Development Manager Microsoft Agenda Why Is Sync both Interesting and Hard Sync Framework Overview Using the Sync Framework Future Directions Summary m Microsoft

772 views • 36 slides
Logic and State Circuits Lecture 10 CAP 3103 06-18-2014 New- School Machine Structures

Logic and State Circuits Lecture 10 CAP 3103 06-18-2014 New- School Machine Structures

Stateless Combinational Logic and State Circuits Lecture 10 CAP 3103 06-18-2014 New- School Machine Structures (It s a bit more complicated!) Software Hardware Parallel Requests Warehouse Smart Assigned to computer Scale

814 views • 22 slides

More recommend