Distributed virtual machines: a system architecture for network computing

Modern virtual machines, such as Java and Inferno, are emerging as network computing platforms. While today’s virtual machines provide higher-level abstractions and more sophisticated services than their predecessors, and while they have migrated from dedicated mainframes to heterogeneous networked computers, their architecture has essentially remained intact. State of the art virtual machines are still monolithic, that is, all system components reside on the same host and are replicated among all clients in an organization. This crude replication of services among clients creates problems of security, manageability, performance and scalability. We propose a distributed architecture for virtual machines based on distributed service components. In our proposed system, services that control security, resource management, and code optimization are factored out of clients and reside in enterprisewide network servers. The services produce self-certifying, self-regulating, selfoptimizing programs via binary rewriting. We are currently building a Java virtual machine based on this architecture. We argue that distributed virtual machine architectures enable higher integrity, manageability, performance and scalability than monolithic virtual machines where all components reside on all clients.

[1]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[2]  Susan L. Graham,et al.  Gprof: A call graph execution profiler , 1982, SIGPLAN '82.

[3]  Bruce Walker,et al.  The LOCUS distributed operating system , 1983, SOSP '83.

[4]  William J. Bolosky,et al.  Mach: A New Kernel Foundation for UNIX Development , 1986, USENIX Summer.

[5]  Jeffrey C. Mogul,et al.  The packer filter: an efficient mechanism for user-level network code , 1987, SOSP '87.

[6]  Jeffrey D. Case,et al.  Simple Network Management Protocol , 1988, RFC.

[7]  Robbert van Renesse,et al.  Experiences with the Amoeba distributed operating system , 1990, CACM.

[8]  Jeffrey D. Case,et al.  Simple Network Management Protocol (SNMP) , 1990, RFC.

[9]  L Robertson Introduction to operating systems , 1990 .

[10]  Sape J. Mullender Experiences with Amoeba , 1991 .

[11]  Helen Custer,et al.  Inside Windows NT , 1992 .

[12]  Michael B. Jones,et al.  Interposition agents: transparently interposing user code at the system interface , 1994, SOSP '93.

[13]  George Eckel Inside Windows NT , 1993 .

[14]  Daniel F. Sterne,et al.  A Domain and Type Enforcement UNIX Prototype , 1995, Comput. Syst..

[15]  Brian N. Bershad,et al.  Extensibility safety and performance in the SPIN operating system , 1995, SOSP.

[16]  Daniel F. Sterne,et al.  Practical Domain and Type Enforcement for UNIX , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[17]  Bill Cheswick,et al.  Firewalls and internet security - repelling the wily hacker , 2003, Addison-Wesley professional computing series.

[18]  B. Briscoe Internet Engineering Task Force , 1995 .

[19]  Dawson R. Engler,et al.  Exokernel: an operating system architecture for application-level resource management , 1995, SOSP.

[20]  Julian Jakubowski Firewalls and internet security: Repelling the wily hacker. By William R. Cheswick, Steven M. Bellovin. Addison‐Wesley, Amsterdam 1994, XIV, 306 pp., softcover, $26.95, 0–201–63357–4 , 1996 .

[21]  James A. Gosling,et al.  The Java application programming interface , 1996 .

[22]  Robert Wahbe,et al.  Efficient and language-independent mobile programs , 1996, PLDI '96.

[23]  Frank Yellin,et al.  The Java Virtual Machine Specification , 1996 .

[24]  Andrew C. Myers,et al.  A decentralized model for information flow control , 1997, SOSP.

[25]  Dan S. Wallach,et al.  Extensible security architectures for Java , 1997, SOSP.

[26]  C. M. Sperberg-McQueen,et al.  Extensible Markup Language (XML) , 1997, World Wide Web J..

[27]  Dan S. Wallach,et al.  Java security: Web browsers and beyond , 1997 .

[28]  Stephen N. Freund,et al.  A type system for object initialization in the Java bytecode language , 1998, OOPSLA '98.

[29]  Benedict G. E. Wiedemann Protection? , 1998, Science.

[30]  Robert Grimm,et al.  Providing Policy-Neutral and Transparent Access Control in Extensible Systems , 2001, Secure Internet Programming.

[31]  Martín Abadi,et al.  A type system for Java bytecode subroutines , 1999, TOPL.

[32]  Thomas de Quincey [C] , 2000, The Works of Thomas De Quincey, Vol. 1: Writings, 1799–1820.