Learn More
Dune is a system that provides applications with direct but safe access to hardware features such as ring protection, page tables, and tagged TLBs, while preserving the existing OS interfaces for processes. Dune uses the virtualiza-tion hardware in modern processors to provide a process, rather than a machine abstraction. It consists of a small kernel(More)
Modern extensible web platforms like Facebook and Yammer depend on third-party software to offer a rich experience to their users. Unfortunately, users running a third-party " app " have little control over what it does with their private data. Today's platforms offer only ad-hoc constraints on app behavior, leaving users an unfortunate trade-off between(More)
Information flow control allows untrusted code to access sensitive and trustworthy information without leaking this information. However, the presence of covert channels subverts this security mechanism, allowing processes to communicate information in violation of IFC policies. In this paper, we show that concurrent deterministic IFC systems that use(More)
Software security research spans a broad spectrum of approaches. At one end, experts attempt to build systems that are secure by construction. At the other end, people deploy faulty software and leave it to security practitioners to clean up the mess. But cleaning up the mess isn't working: experience shows that post-hoc fixes can't be deployed in time to(More)
We present Canary, a scheduling architecture that allows high performance analytics workloads to scale out to run on thousands of cores. Canary is motivated by the observation that a central scheduler is a bottleneck for high performance codes: a handful of multicore workers can execute tasks faster than a controller can schedule them. The key insight in(More)
Projects ESpectro Security architecture for building least privileged Node.js applications. ESpectro provides application-level virtualization for implementing different security mechanisms. COWL Backwards-compatible browser confinement system. COWL provides a way to build secure client-side applications (e.g., mashups) that involve multiple untrusted(More)
Real-world garbage collectors in managed languages are complex. We investigate whether this complexity is really necessary and show that by having a different (but wider) interface between the collector and the developer, we can achieve high performance with off-the-shelf components for real applications. We propose to assemble a memory manager out of(More)