Nong Xiao

Wukong: A cloud-oriented file service for mobile Internet devices

Along with the rapid growth of heterogeneous cloud services and network technologies, an increasing number of mobile devices use cloud storage services to enlarge their capacity and share data in our daily lives. We commonly use cloud service client-side software in a straightforward fashion. However, when more devices and users participate in heterogeneous services, the difficulty of managing these services efficiently and conveniently increases. In this paper, we report a novel cloud-oriented file service, Wukong, which provides a user-friendly and highly available facilitative data access method for mobile devices in cloud settings. Wukong supports mobile applications, which may access local files only, transparently accessing cloud services with a relatively high performance. To the best of our knowledge, Wukong is the first file service that supports heterogeneous cloud services for mobile devices by using the innovative storage abstraction layer. We have implemented a prototype with several plugins and evaluated it in a systematic way. We find that this easily operable file service has a high usability and extensibility. It costs about 50 to 150 lines of code to implement a new backend service support plugin. Wukong achieves an acceptable throughput of 179.11 kB/s in an ADSL environment and 80.68 kB/s under a countryside EVDO 3G network with negligible overhead.

SyncViews: Toward Consistent User Views in Cloud-Based File Synchronization Services

As more and more individuals have multiple computing devices, how to maintain the consistency of user files stored on multiple devices becomes a challenge. Cloud-based file synchronization services (FSS), e.g., Drop box and iFolder, are promising approaches. However, we havent seen any public documents discussing the consistency protocol, which plays a vital role in any FSS. This paper focuses on maintaining the consistency of user files in FSS. We define a new file abstraction layer called user view, which describes all the files and their metadata in a sync-folder. We propose a user view based file consistency protocol with a conflicts resolution mechanism for FSS. The consistency protocol automatically keeps user files synchronized among the clients and server. We implement our consistency protocol into a prototype called Sync Views and set up a LAN-based environment to evaluate its feasibility and performance. We measured the time consumption of each synchronous operation on Sync Views and compared with iFolder, an open source implementation. The results show that our protocol works well during the file synchronization processes and outperforms iFolder when the synchronized file becomes very large.

Optimal subgraph covering for customisable VLIW processors

It is increasingly common to see the combination of single-issue general purpose processors (GPPs) with extensible VLIW processors in many embedded system designs. Compared with GPPs, extensible VLIW processors can exploit instruction-level parallelism, and they are more suitable for computation-intensive tasks. Moreover, they offer the ability of customising instruction-set extensions (ISEs) for an application domain. Many previous works reveal that automated extension generation can greatly improve both performance and design efficiency of instruction-set extensible processors. One of the key steps of automated extension generation is subgraph selection. Since this problem is at least NP-hard, most previous works rely on greedy approaches to address it, whereas an optimal subgraph mapping methodology that customises ISEs for multi-issue/VLIW extensible processors is presented here. Several effective pruning techniques are proposed to ensure that the proposed methodology is tractable, and the optimal method performs 41.02% better than greedy method on average. Besides the optimal subgraph covering methodology, several techniques are also proposed to reduce the area burden that ISEs impose on the processor.

Virtual Disk Image Reclamation for Software Updates in Virtual Machine Environments

Virtual disks (VD) are the main form of storage in todays virtual machine (VM) environments for they have many attractive features, such as encapsulation, mobility, isolation, etc. A typical virtual disk image usually has a large size of at least several gigabytes, a disadvantage that may limit its usage in many situations, such as fast software deployment in large-scale virtual machine environments, fast VM migration in local or distributed environments, etc. The COW (Copy-on-Write) virtual block device supported by many virtual machine monitors can split the traditional one-piece large-sized VD image into multiple smaller-sized VD images (COW disks). However, frequent or long-term software updates may result in large numbers of COW disks. Moreover, the accumulated large numbers of old-version COW disks (OCD) installed with old-version software may cause serious disk space wastage. In this paper, we propose two VD image reclamation approaches RPD and RMD to reclaim the OCDs so as to free the disk space taken by the old-version software and to maintain the number of COW disks in a specific range to ease the VD image management. Based on QEMU and Linux system, we have developed tools to implement the two approaches. Experiments show that the two VD image reclamation approaches can effectively reclaim the OCDs so as to be able to support frequent or long-term software updates in virtual machine environments.

Secure Disk with Authenticated Encryption and IV Verification

To protect hard disk data confidentiality and integrity, AEIVV associates one unique IV with each disk sector; then, it applies authenticated encryption of AES-CCM to the protected sector and constructs hash tree upon IV storage. Through assuring IV to be trusted or un-tampered, data can be protected firmly. To make it an available way for disk protection, various optimizing measures are applied to quicken the running speed. With the emphasis of reducing extra latencies caused by protection, IV/MAC storage is allocated using interlaced layout to decrease seek time of disk I/O, IV checking penalty is reduced by buffering the frequently used hash tree nodes and IV/MAC values. Related approaches are elaborated, as well as experimental results. It shows that AEIVV is a practical and available way to build secure disk.

CR: Capability Information for Routing of Wireless Ad Hoc Networks in the Real Environment

In greedy routing, each relay node forwards the message to a neighbor (also called successor) that is closer to the destination. However, the successor candidate set (SCS) is different every time when the relative location of relay node to the destination changes. The configuration in the entire network when all the succeeding paths from a relay node are blocked by local minima is irregular and its concern region cannot be determined unless the routing actually initiates. In this paper, we introduce a new information model to determine the pattern of SCS under the impact of local minima by sacrificing little routing flexibility. As a result, each 1-hop advance can avoid those unsafe situations in order to stay along a non-detour path. In our model, each node prepares the information in a proactive model, but can use it for all different paths passing through, saving the cost and delay in the reactive model. We focus on an ``everyone model, in which each node will apply the same generic process in a fully distributed manner, in order to achieve a reliable solution in real applications where the communication link is constituted irregularly and its quality changes dynamically. In details, we discuss how in a sample realistic environment the pattern of SCS can be interpreted in a single safety descriptor in [0,1] at each node. It indicates the maximum probability of a successful non-detour path from this node to the edge of networks. The larger value the more likely the non-detour routing will be successful and the more reliable the path will be. We illustrate the effectiveness of this indirect reference information in the corresponding routing, in terms of the cost of information construction and update propagation, and the success of non-detour path constitution, compared with the best results known to date.

Incremental hash tree for disk authentication

Hash tree is a secure way to authenticate stored data. However, it is difficult to maintain a consistent state between the authentication result and data, which is necessary for permanent data storage of disk. Incremental node updating is proposed to solve such problem, it synchronizes data modification and authentication result with low cost. The reason is that the path from leaf node to root node of the tree can be very short, and each step on the path can be finished quickly as no sibling nodes are required. Thus, it greatly reduce additional disk I/O for authentication synchronization. Together with a low cost logging mechanism implemented by NVRAM, system can make fast recovery to still keep the required consistency after any failures. Related approach is elaborated, as well as testing results. Theoretical analysis and experimental simulations show that it is a practical and available way for mass data storage authentication.

Performance and Consistency Improvements of Hash Tree Based Disk Storage Protection

Hash tree based disk storage integrity protection suffers from performance penalty and possible losing of consistency. FI-Tree deploys a fixed-structure tree and applies incremental-hash to tree node updating to solve the difficulties of performance and consistency. The biggest advantage of FI-Tree comes from that: to allow tree nodes to be cached to optimize performance, it can maintain consistency between the tree and the protected data with low cost at the same time. Basing on FI-Tree, TNSD constructs an instance of secure disk. TNSD associates one nonce with each data block to be protected, and applies FI-Tree to ensure the nonce to be un-tampered. In such way, data protection can be fulfilled with resistance against any attacks. Related approaches are elaborated, as well as testing results. Theoretical analysis and experimental simulation show that it is a practical and available way to build secure disk.

A Hardware Approach for Reducing Interpretation Overhead

Abstract—An interpreter reads instructions of the source executable and perform each corresponding operation in turn on a software-maintained version of the old ISA’s state. Interpretation has emerged as an important tool with real world applications. Interpretation is always adopted to support instruction set emulation and handle the non-hotspot code in a two-stage dynamic binary translation strategy. An important consideration of an interpreter is the runtime overhead. We investigate that repeated re-decode operations are the bottleneck of interpretation overhead. We propose interpreted code cache (Pcache), a hardware assist, to save the information of the decoded instruction for reuse. We analyze and model Pcache performance via a real interpretation system. Results from SPEC2000 integer benchmarks show that Pcache could significantly reduce re-decode operations and the overhead of interpretation. We demonstrate that the hardware Pcache is a highly effective approach, and the extra overhead is neglectable compared to the performance gains.

Data privacy and integrity appropriate for disk protection

To protect data privacy and integrity, it encrypts each protected disk sector and creates hash tree upon all the protected sectors to resist against any possible attacks. To make it an appropriate way for disk protection, it designs the required solutions of disk layout, performance optimizing and consistency maintaining. Disk layout uses a fixed disk region to preserve hash tree nodes; performance optimizing utilizes system memory to buffer those frequently used hash tree nodes to offload the big working cost; and consistency maintaining logs disk modifications to recovery the valid result after unexpected failures. The implementation cost is low and running performance is satisfiable. Analysis and experimental simulations show that it is a practical and available way to build secure disk.