• Corpus ID: 1948692

Sikker : A High-Performance Distributed System Architecture for Secure Service-Oriented Computing

@inproceedings{McDonald2016SikkerA,
  title={Sikker : A High-Performance Distributed System Architecture for Secure Service-Oriented Computing},
  author={Nic McDonald and William J. Dally},
  year={2016}
}
In this paper, we present Sikker1, a high-performance distributed system architecture for secure service-oriented computing. Sikker includes a novel service-oriented application model upon which security and isolation policies are derived and enforced. The workhorse of Sikker is a custom network interface controller, called the Network Management Unit (NMU), that enforces Sikker’s security and isolation policies while providing high-performance network access. Sikker’s application model… 
cva.stanford.edu

Figures and Tables from this paper

References

SHOWING 1-10 OF 50 REFERENCES
Maximizing Throughput of Overprovisioned HPC Data Centers Under a Strict Power Budget
TLDR
A software-based online resource management system that leverages hardware facilitated capability to constrain the power consumption of each node in order to optimally allocate power and nodes to a job and a performance modeling scheme that estimates the essential power characteristics of a job at any scale is proposed.
High performance cloud computing
Towards predictable datacenter networks
TLDR
The case for extending the tenant-provider interface to explicitly account for the network is made, and the design of virtual network abstractions that capture the trade-off between the performance guarantees offered to tenants, their costs and the provider revenue are proposed.
Managing Performance Overhead of Virtual Machines in Cloud Computing: A Survey, State of the Art, and Future Directions
TLDR
The causes of VM performance overhead are unveiled by illustrating representative scenarios, the performance modeling methods with a particular focus on their accuracy and cost are discussed, and the overhead mitigation techniques are compared by identifying their effectiveness and implementation complexity.
SecondNet: a data center network virtualization architecture with bandwidth guarantees
TLDR
This paper proposes virtual data center (VDC) as the unit of resource allocation for multiple tenants in the cloud and introduces a centralized VDC allocation algorithm for bandwidth guaranteed virtual to physical mapping.
The PERCS High-Performance Interconnect
TLDR
The Blue Waters System, which is being constructed at NCSA, is an exemplar large-scale PERCS installation that is expected to deliver sustained Pet scale performance over a wide range of applications.
Sharing the Data Center Network
TLDR
This work presents Seawall, a network bandwidth allocation scheme that divides network capacity based on an administrator-specified policy that adds little overhead and achieves strong performance isolation.
Extending Networking into the Virtualization Layer
TLDR
This work describes how Open vSwitch can be used to tackle problems such as isolation in joint-tenant environments, mobility across subnets, and distributing configuration and visibility across hosts.
Enabling fair pricing on HPC systems with node sharing
TLDR
POPPA is a runtime system that enables fair pricing by delivering precise online interference detection and facilitates the adoption of supercomputers with co-locations and is able to quantify inter-application interference within 4% mean absolute error on a variety of co-located benchmark and real scientific workloads.
FairCloud: sharing the network in cloud computing
TLDR
This paper starts from the above requirements--payment proportionality and minimum guarantees--and shows that the network-specific challenges lead to fundamental tradeoffs when sharing cloud networks, and proposes a set of properties to explicitly express these tradeoffs.
...
1
2
3
4
5
...