Learn More
Locating mobile objects in a worldwide system requires a scalable location service. An object can be a telephone or a notebook computer, but also a software or data object, such as a file or an electronic document. Our service strictly separates an object's name from the addresses where it can be contacted. This is done by introducing a location-independent(More)
Smartphone usage has been continuously increasing in recent years. Moreover, smartphones are often used for privacy-sensitive tasks, becoming highly valuable targets for attackers. They are also quite different from PCs, so that PC-oriented solutions are not always applicable, or do not offer comprehensive security. We propose an alternative solution, where(More)
frastructure is still lacking. We propose Globe: a novel scalable infrastructure for a massive worldwide distributed system. Currently, designers build applications on top of a limited number of communication services. On the Internet, for example , this means that applications communicate mainly through transmission-control protocol (TCP) connections, but(More)
Studies have shown that device drivers and extensions contain 3–7 times more bugs than other code and thus are more likely to fail. Therefore, we present a failure-resilient operating system that can recover from dead device drivers and other critical components—primarily through monitoring and replacing malfunctioning components on the fly—transparent to(More)
In this paper, we discuss the architecture of a modular UNIX-compatible operating system, MINIX 3, that provides reliability beyond that of most other systems. With nearly the entire operating system running as a set of user-mode servers and drivers atop a minimal kernel, the system is fully compartmentalized. By moving most of the code to unprivileged(More)
Different kinds of people use computers now than several decades ago, but operating systems have not fully kept pace with this change. It is true that we have point-and-click GUIs now instead of command line interfaces, but the expectation of the average user is different from what it used to be, because the user is different. Thirty or 40 years ago, when(More)
It has been well established that most operating system crashes are due to bugs in device drivers. Because drivers are normally linked into the kernel address space, a buggy driver can wipe out kernel tables and bring the system crashing to a grinding halt. We have greatly mitigated this problem by reducing the kernel to an absolute minimum and running each(More)
This work explores the principles and practice of isolating low-level device drivers in order to improve OS dependability. In particular, we explore the operations drivers can perform and how fault propagation in the event a bug is triggered can be prevented. We have prototyped our ideas in an open-source multiserver OS (MINIX 3) that isolates drivers by(More)
In order to facilitate the construction of wide area distributed systems, it is necessary that we adopt a model that simplifies application development. In this position paper we advocate an object-based approach. Our approach allows for flexibility because many of the technical details of distribution, such as communication protocols , consistency rules,(More)