the java isolation api
play

The Java Isolation API: Introduction, applications and inspir ation - PowerPoint PPT Presentation

Nov 30, 2023 •385 likes •779 views

http://bitser.net/isolate-interest The Java Isolation API: Introduction, applications and inspir ation Pete Soper Doug Lea Sun Microsystems SUNY Oswego pete.soper@sun.com dl@cs.oswego.edu Miles Sabin miles@milessabin.com June 24b, 2004-a

  1. http://bitser.net/isolate-interest The Java Isolation API: Introduction, applications and inspir ation Pete Soper Doug Lea Sun Microsystems SUNY Oswego pete.soper@sun.com dl@cs.oswego.edu Miles Sabin miles@milessabin.com June 24b, 2004-a

  2. Overview • Isolate noun . pronounciation: isolet . 1. A thing that has http://bitser.net/isolate-interest been isolated, as by geographic, ecologic or social barriers - American Heritage Dictionary Outline Motivation Some design and implementation issues API overview and code examples Application to mobility Relationship to the π -calculus Status Public review draft in JSR-121 was aimed at J2SE 1.5, nd public draft aimed at J2SE & J2ME. now planning 2

  3. Aggregates vs Isolates vs Threads http://bitser.net/isolate-interest possibly shared run-time data bytecodes exec code statics, statics, class reps heap heap anIsolate d a d e d a r e a h r link e t h r h t t another Aggregate Isolate OS resources and services RMI etc each isolate acts as a separate Aggregate logical virtual machine

  4. Motivation Performance http://bitser.net/isolate-interest Reduce footprint, start-up overheads for running independent programs Security Prevent interference via shared resources or communication Simplify construction of obviously secure systems Management Configure, monitor and kill activities without disrupting others Especially in container frameworks Stay within Java; not OS via Runtime.exec

  5. JVMs vs Aggregates http://bitser.net/isolate-interest Not necessarily a "single program" anymore Each Isolate is a logical virtual machine A JVM is, A running instance of the JRE Strongly associated with a single OS process An Aggregate is, A container of Isolates An administrative and management boundary A set of services and service guarantees Bytecode execution and run-time functions Aggregate as a less ambiguous term

  6. Isolating State http://bitser.net/isolate-interest Visible Per-Aggregate vs per-Isolate state Case-by-case analysis of statics, startup settings, global JVM state See also Czajkowski et al MVM papers (in bibliography) Spec requires very few global settings All immutable: User identity, command-line settings Native methods JSR-121 does not strictly guarantee that bad JNI code will not crash some or all Isolates Implementations can make stronger guarantees, but at likely cost of crossing address spaces for JNI calls

  7. Security http://bitser.net/isolate-interest Per-Isolate Security Managers Can arrange different managers and policies for different Isolates Common default security policy files Checks for creating, controlling and communication between isolates IsolatePermission controls access (CDC&J2SE) Aggregate runs under single User identity No Unix-style substitute-user capability Capability-style communication Must have Link to communicate, and must have Isolate handle to create Link

  8. Resource Management http://bitser.net/isolate-interest Not specified in JSR-121 NO guarantees about scheduling, heap mgt, etc Hints are possible via IsolateParameters Current Sun Research Sun technical report TR-2003-124 (in bib.) More papers coming Interactions with system-wide resource monitoring, profiling, debugging APIs JMX, JVMPI, JVMTI, etc

  9. Implementation Styles http://bitser.net/isolate-interest One Isolate per OS process Internal sharing via OS-level “Simple RI” shared memory, comms via IPC class representations, bytecodes, compiled code, immutable statics, other internal data structures All Isolates in one OS address MVM, Janos VM space / process Isolates still get own versions of all statics/globals including AWT thread, shutdown hooks, ... Isolates scheduled onto JVMs SAP Research LAN Cluster JVMs Isolates on different machines, one admin domain.

  10. API Design Goals http://bitser.net/isolate-interest Minimality The smallest API that fills need Mechanism, not policy Enable layered frameworks Simple, clean semantics For termination, communication, etc Compatibility No changes required in pre-JSR-121 code Generality Allow multiple mapping strategies to platforms

  11. API Structure (base package) http://bitser.net/isolate-interest Package javax.isolate New Exceptions IsolateStartupException Isolate Changes to existing IsolateParameters APIs Link Documentation DataMessage clarifications StatusMessage CompositeMessage New Interface Message (just a tag)

  12. API Structure (additional pkgs) http://bitser.net/isolate-interest javax.isolate.tbd (CDC+) javax.isolate.util (J2SE) IsolatePermission Visitor pattern & support ObjectMessage javax.isolate.io (J2SE) IOMessage interface file/network I/O classes javax.isolate.nio (J2SE) ByteBuffer ChannelMessage

  13. Open API Design Issues http://bitser.net/isolate-interest Base package deemed by some to be too big for CLDC But don't want to abandon strong typing Total package set deemed by some to be “overkill” even for J2SE

  14. Main Classes http://bitser.net/isolate-interest public final class Isolate implements Message Create with name of class with a " main ", arguments (simple) or with IsolateParameters (two flavors of additional parms) Methods to start and terminate and query isolate, get its parms and starting links public class Link A pipe-like data channel to another isolate byte arrays, ByteBuffers, Strings and serializable types SocketChannels, FileChannels and other IO types Isolates, Links

  15. Starting Isolates http://bitser.net/isolate-interest Isolate creation establishes existence Isolates may (but need not) perform resource allocation and internal initialization upon creation Static initializers, then main run at start Isolates may continue initialization before running All classes are loaded in new Isolate's context Failures detected before running user code result in exceptions at creation or start time Cannot be sure whether the same exceptions will be thrown at the same points in all Implementations Other failures merely terminate the Isolate

  16. Running Independent Programs http://bitser.net/isolate-interest void runProgram(String classname, String[] args) { try { new Isolate(classname, args).start(); } catch (SecurityException se) { ... } catch (IsolateStartException ise) { ... } catch (Exception other) { ... } }

  17. Configuration http://bitser.net/isolate-interest Inheriting execution contexts Different rules and defaults for IsolateParameters (context, in/out/err bindings and start links)?FIXTHIS? Impossible to unify all of the ways to provide initial settings while maintaining compatibility Other Mechanisms Contained Isolates may obtain additional configuration parameters via JNDI or other means Frameworks can supply a common main that establishes context and then loads application

  18. Stopping Isolates http://bitser.net/isolate-interest Preserves distinction between exit and halt exit causes Isolate to run shutdown hooks etc Does NOT guarantee eventual termination halt causes sure, abrupt termination Isolates may also terminate for the usual reasons Aggregate shuts down when ALL Isolates do Monitoring lifecycles Receiving start, exit, terminated events Not hierarchical Parents may terminate independently of children Can layer on methods to await termination

  19. Initializing and Monitoring http://bitser.net/isolate-interest Class Runner { Link data; Isolate child; CompositeMessage getMessage() { return data.receive(); } StatusMessage runStarlet(String mCls, String[] mArgs, String[] sec /*,...*/) { IsolateParameters context = new IsolateParameters(mCls, mArgs); context.setContext( “jsr121.exp.java.properties.java.security.manager”, sec); child = new Isolate(context); data = Link.newLink(child, Isolate.currentIsolate()); StatusLink s = child.newStatusLink(); child.start(new Link[] { data } ); return s.receive(); } }

  20. Communication and Control http://bitser.net/isolate-interest App frameworks can impose policies: Hierarchical Parent/child trees Centralized Ad-hoc Can add monitoring for application-specific events and/or tie to external monitoring

  21. Communicating ( old API) http://bitser.net/isolate-interest void appRunner() throws ... { Isolate child = new Isolate("Child", ...); Link toChild = Link.newLink(Isolate.currentIsolate(), child); Link fromChild = Link.newLink(child, Isolate.currentIsolate()); app.start(new IsolateMessage[] { IsolateMessage.newLinkMessage(toChild), IsolateMessage.newLinkMessage(fromChild) } ); toChild.send(IsolateMessage.newStringMessage("hi")); String reply = fromChild.receive().getString(); System.out.println(reply); child.exit(0); Thread.sleep(10 * 1000); if (!app.isTerminated()) app.halt(1); } class Child { ... public static void main(...) { Link fromParent = Isolate.currentIsolateStartMessages()[0]; Link toParent = Isolate.currentIsolateStartMessages()[1]; String hi = fromParent.receive().getString(); toParent.send(IsolateMessage.newStringMessage("bye")); System.exit(0);

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

A Type System for Checking Applet Isolation in Java Card Peter Mller ETH Zrich Joint work

A Type System for Checking Applet Isolation in Java Card Peter Mller ETH Zrich Joint work

A Type System for Checking Applet Isolation in Java Card Peter Mller ETH Zrich Joint work with Werner Dietl and Arnd Poetzsch-Heffter 2 A Type System for Checking Applet Isolation in Java Card Applet Isolation Firewall Applet Context 1

398 views • 15 slides
Serializable Snapshot Isolation Making ISOLATION LEVEL SERIALIZABLE Provide Serializable

Serializable Snapshot Isolation Making ISOLATION LEVEL SERIALIZABLE Provide Serializable

Serializable Snapshot Isolation Making ISOLATION LEVEL SERIALIZABLE Provide Serializable Isolation Dan Ports Kevin Grittner MIT Wisconsin Court System Saturday, May 21, 2011 1 Overview Serializable isolation makes it easier to reason

922 views • 60 slides
JAVA Java vs. Java Java Language Specification

JAVA Java vs. Java Java Language Specification

BR 10/05 JAVA Java vs. Java Java Language Specification http://java.sun.com/docs/books/jls/second_edition/html/j.title.doc.html Java programming language is compiled into java byte code Java Virtual Machine Specification

1.07k views • 44 slides
ADAPTED SPAULDING PYRAMID Making Isolation: How does it work? Patient Isolation- Creating

ADAPTED SPAULDING PYRAMID Making Isolation: How does it work? Patient Isolation- Creating

ADAPTED SPAULDING PYRAMID Making Isolation: How does it work? Patient Isolation- Creating auxiliary isolation rooms (CDC) SCRUBBERS - 1 ea to serve patient room, and 1 for Airlock Typically deployed on supplied wheel platform

144 views • 3 slides
Multi-core in JVM/Java Concurrent programming in java Prior Java 5 Java 5 (2006)

Multi-core in JVM/Java Concurrent programming in java Prior Java 5 Java 5 (2006)

Multi-core in JVM/Java Concurrent programming in java Prior Java 5 Java 5 (2006) Java 7 (2010) Other topics Basic concurrency in Java Java Memory Model describes how threads interact through memory Single thread

812 views • 34 slides
Virtual Machine Introspection Isolation Interpretation Interposition Isolation

Virtual Machine Introspection Isolation Interpretation Interposition Isolation

Virtual Machine Introspection Isolation Interpretation Interposition Isolation From in-guest kernel/userspace Provided by Xen Buggy emulation blurres the line From trusted computing base (TCB) Possible via Xen

286 views • 26 slides
Java Java Basics Java Program Statements Java Review Conditional statements

Java Java Basics Java Program Statements Java Review Conditional statements

Java Java Basics Java Program Statements Java Review Conditional statements Repetition statements (loops) Writing Classes in Java Selim Aksoy Class definitions Bilkent University Encapsulation and Java modifiers

346 views • 11 slides
2 Fault Isolation & Restoration Manual Fault Isolation & Restoration The

2 Fault Isolation & Restoration Manual Fault Isolation & Restoration The

1 Self Healing Network (Centralized Restoration Gateway) IEEE PES 2015 General Meeting 2 Fault Isolation & Restoration Manual Fault Isolation & Restoration The operator makes switching decisions Automatic Fault Location

724 views • 22 slides
GCC Highlighted Products GSure Gel Extraction kit GSure Soil DNA Isolation kit GSure Sputum DNA

GCC Highlighted Products GSure Gel Extraction kit GSure Soil DNA Isolation kit GSure Sputum DNA

GSure Bacterial genomic DNA isolation kit GCC Highlighted Products GSure Gel Extraction kit GSure Soil DNA Isolation kit GSure Sputum DNA Isolation Kit GSure Stool DNA Isolation Kit GSure Urine DNA Isolation Kit GSure Yeast RNA

455 views • 23 slides
Introduction to pixel track isolation The purpose of track isolation algorithm is an additional

Introduction to pixel track isolation The purpose of track isolation algorithm is an additional

Introduction to pixel track isolation The purpose of track isolation algorithm is an additional improvement of level-1 pixel trigger performance. Procedure of pixel track isolation Reconstructed pixel tracks using kinematic parameters

669 views • 27 slides
#KEEPTHECONVERSATIONGOING Sick pay and self isolation Day one right SSP for up to 14 days

#KEEPTHECONVERSATIONGOING Sick pay and self isolation Day one right SSP for up to 14 days

#KEEPTHECONVERSATIONGOING Sick pay and self isolation Day one right SSP for up to 14 days will be reimbursed Self isolation notes from online 111 Self isolation and pay Working from Home Everyone should be working

398 views • 12 slides
1 Java compilation model Java bytecode format void spin () { int i; for (i = 0; i < 100;

1 Java compilation model Java bytecode format void spin () { int i; for (i = 0; i < 100;

The Java programming environment Introduction to JVM Based on material produced by Bill Venners 1 2 The Java platform The role of the virtual machime byte code generated by the Java front-end is an intermediate representation (IR)

834 views • 3 slides
TM Technology for Blu-ray and TV: Java Creating your own Blu-ray Java Discs The Blu-ray Java

TM Technology for Blu-ray and TV: Java Creating your own Blu-ray Java Discs The Blu-ray Java

TM Technology for Blu-ray and TV: Java Creating your own Blu-ray Java Discs The Blu-ray Java Authoring Team: Bill Foote, Chihiro Saito, A. Sundararajan, Jaya Hangal TS-5449 Talk Outline HD Cookbook Community Overview Target: Blu-ray

592 views • 44 slides
Using technology to reduce social isolation: research on dementia and social isolation Professor

Using technology to reduce social isolation: research on dementia and social isolation Professor

Using technology to reduce social isolation: research on dementia and social isolation Professor Josie Tetley Dr Emma-Reetta Koivunen Ageing and Long Term Conditions Group Faculty of Health, Psychology & Social Care Manchester

338 views • 19 slides
456 457 458 The purpose of shallow trench isolation (STI) is to provide isolation between

456 457 458 The purpose of shallow trench isolation (STI) is to provide isolation between

In this module we would review a typical gate first, poly-Si gate CMOS process flow. 456 457 458 The purpose of shallow trench isolation (STI) is to provide isolation between individual devices in a CMSO chip. Typical process details and the

381 views • 8 slides
W E OFTEN THINK : Isolation is when others leave us alone ( and its often true) B UT WE TEND

W E OFTEN THINK : Isolation is when others leave us alone ( and its often true) B UT WE TEND

W HEN F EELINGS OF I SOLATION B ECOME A R OADBLOCK Joe & Cindi Ferrini Joeferrini.com Cindiferrini.com W E OFTEN THINK : Isolation is when others leave us alone ( and its often true) B UT WE TEND TOWARD ISOLATION PULLING AWAY FROM :

723 views • 18 slides
Proof Mining for Nonexpansive Semigroups PhDs in Logic IX, Bochum 2017 Angeliki

Proof Mining for Nonexpansive Semigroups PhDs in Logic IX, Bochum 2017 Angeliki

Proof Mining for Nonexpansive Semigroups PhDs in Logic IX, Bochum 2017 Angeliki Koutsoukou-Argyraki Research Group Logic, Department of Mathematics TU Darmstadt, Germany Origin of proof interpretations Hilberts 2nd problem (1900): Is

1.05k views • 84 slides
Hypergeometric evaluations of L -values of an elliptic curve Wadim Zudilin 1722 December 2012

Hypergeometric evaluations of L -values of an elliptic curve Wadim Zudilin 1722 December 2012

Hypergeometric evaluations of L -values of an elliptic curve Wadim Zudilin 1722 December 2012 Ramanujan-125 Conference The Legacy of Srinivasa Ramanujan (University of Delhi, New Delhi, India) Wadim Zudilin (CARMA, UoN) Evaluations of

593 views • 25 slides
The Case for the Reduced Instruction Set Computer David Patterson and David Ditzel 1 Context

The Case for the Reduced Instruction Set Computer David Patterson and David Ditzel 1 Context

The Case for the Reduced Instruction Set Computer David Patterson and David Ditzel 1 Context Its the early 80s Single-chip processors have just become feasible (area is expensive, but seems it might get cheaper) High-level

283 views • 5 slides
Rational preferences Idea: preferences of a rational agent must obey constraints. Rational

Rational preferences Idea: preferences of a rational agent must obey constraints. Rational

Rational preferences Idea: preferences of a rational agent must obey constraints. Rational preferences behavior describable as maximization of expected utility Rational decisions Constraints: Orderability ( A B ) ( B A ) (

320 views • 5 slides
Static and Dynamic Robustness in Emergency- Phase Communication Networks Sean M. Fitzhugh 1 and

Static and Dynamic Robustness in Emergency- Phase Communication Networks Sean M. Fitzhugh 1 and

Static and Dynamic Robustness in Emergency- Phase Communication Networks Sean M. Fitzhugh 1 and Carter T. Butts 1,2 1 Department of Sociology 2 Institute of Mathematical Behavioral Sciences University of California, Irvine MURI AHM May 25 th ,

748 views • 47 slides
Measuring Segregation in Social Networks Micha l Bojanowski Rense Corten ICS/Sociology,

Measuring Segregation in Social Networks Micha l Bojanowski Rense Corten ICS/Sociology,

Introduction Problem Approach Properties Measures Summary Measuring Segregation in Social Networks Micha l Bojanowski Rense Corten ICS/Sociology, Utrecht University July 2, 2010 Sunbelt XXX, Riva del Garda Introduction Problem

692 views • 40 slides
Model theory in positive and continuous logics Itay Ben-Yaacov Logic Colloquium 2005 Athens,

Model theory in positive and continuous logics Itay Ben-Yaacov Logic Colloquium 2005 Athens,

Model theory in positive and continuous logics Itay Ben-Yaacov Logic Colloquium 2005 Athens, Greece July 2005 1 Positive logic 1.1 Motivation: the semantics of hyperimaginary sorts Classical approach: Semantics encoded by syntactic objects

446 views • 22 slides
3/29/2010 Boosting Collective IQ A Design for Dramatic Improvements in Productivity,

3/29/2010 Boosting Collective IQ A Design for Dramatic Improvements in Productivity,

3/29/2010 Boosting Collective IQ A Design for Dramatic Improvements in Productivity, Effectiveness, and Competitiveness Douglas C. Engelbart Christina Engelbart dougengelbart.org 2 3 4 2 The Bootstrap "Paradigm Map" Capability

828 views • 39 slides

More recommend