Shaya Potter

DejaView: a personal virtual computer recorder

As users interact with the world and their peers through their computers, it is becoming important to archive and later search the information that they have viewed. We present DejaView, a personal virtual computer recorder that provides a complete record of a desktop computing experience that a user can playback, browse, search, and revive seamlessly. DejaView records visual output, checkpoints corresponding application and file system state, and captures displayed text with contextual information to index the record. A user can then browse and search the record for any visual information that has been displayed on the desktop, and revive and interact with the desktop computing state corresponding to any point in the record. DejaView combines display, operating system, and file system virtualization to provide its functionality transparently without any modifications to applications, window systems, or operating system kernels. We have implemented DejaView and evaluated its performance on real-world desktop applications. Our results demonstrate that DejaView can provide continuous low-overhead recording without any user noticeable performance degradation, and allows browsing, search and playback of records fast enough for interactive use.

Apiary: easy-to-use desktop application fault containment on commodity operating systems

Desktop computers are often compromised by the interaction of untrusted data and buggy software. To address this problem, we present Apiary, a system that transparently contains application faults while retaining the usage metaphors of a traditional desktop environment. Apiary accomplishes this with three key mechanisms. It isolates applications in containers that integrate in a controlled manner at the display and file system. It introduces ephemeral containers that are quickly instantiated for single application execution, to prevent any exploit that occurs from persisting and to protect user privacy. It introduces the Virtual Layered File System to make instantiating containers fast and space efficient, and to make managing many containers no more complex than a single traditional desktop. We have implemented Apiary on Linux without any application or operating system kernel changes. Our results with real applications, known exploits, and a 24-person user study show that Apiary has modest performance overhead, is effective in limiting the damage from real vulnerabilities, and is as easy for users to use as a traditional desktop.

Secure Isolation and Migration of Untrusted Legacy Applications

Existing applications often contain security holes that are not patched until after the system has already been compromised. Even when software updates are applied to address security issues, they often result in system services being unavailable for some time. To address these system security and availability issues, we have developed peas and pods. A pea provides a least privilege environment that can restrict processes to the minimal subset of system resources needed to run. This mechanism enables the creation of environments for privileged program execution that can help with intrusion prevention and containment. A pod provides a group of processes and associated users with a consistent, machine-independent virtualized environment. Pods are coupled with a novel checkpoint-restart mechanism which allows processes to be migrated across minor operating system kernel versions with different security patches. This mechanism allows system administrators the flexibility to patch their operating systems immediately without worrying over potential loss of data or needing to schedule system downtime. We have implemented peas and pods in Linux without requiring any application or operating system kernel changes. Our measurements on real world desktop and server applications demonstrate that peas and pods impose little overhead and enable secure isolation and migration of untrusted applications.

WebPod: persistent Web browsing sessions with pocketable storage devices

We present WebPod, a portable system that enables mobile users to use the same persistent, personalized web browsing session on any Internet-enabled device. No matter what computer is being used, WebPod provides a consistent browsing session, maintaining all of a users plugins, bookmarks, browser web content, open browser windows, and browser configuration options and preferences. This is achieved by leveraging rapid improvements in capacity, cost, and size of portable storage devices. WebPod provides a virtualization and checkpoint/restart mechanism that decouples the browsing environment from the host, enabling web browsing sessions to be suspended to portable storage, carried around, and resumed from the storage device on another computer. WebPod virtualization also isolates web browsing sessions from the host, protecting the browsing privacy of the user and preventing malicious web content from damaging the host. We have implemented a Linux WebPod prototype and demonstrate its ability to quickly suspend and resume web browsing sessions, enabling a seamless web browsing experience for mobile users as they move among computers.

SSARES: Secure Searchable Automated Remote Email Storage

The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefit of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confidentiality and integrity of the email stored therein. Although users could employ an end-to-end encryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common operations, such as server-side search. To address this problem, we present secure searchable automated remote email storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. Our solution encrypts email (the headers, body, and attachments) as it arrives on the server using public-key encryption. SSARES uses a combination of identity based encryption and bloom filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transparent to both the sender and recipient.

AutoPod: Unscheduled System Updates with Zero Data Loss

Patching, upgrading, and maintaining operating system software is a growing management complexity problem that can result in unacceptable system downtime. We introduce AutoPod, a system that enables unscheduled operating system updates while preserving application service availability. AutoPod provides a group of processes and associated users with an isolated machine-independent virtualized environment that is decoupled from the underlying operating system instance. This virtualized environment is integrated with a novel checkpoint-restart mechanism which allows processes to be suspended, resumed, and migrated across operating system kernel versions with different security and maintenance patches. AutoPod incorporates a system status service to determine when operating system patches need to be applied to the current host, then automatically migrates application services to another host to preserve their availability while the current host is updated and rebooted

Highly Reliable Mobile Desktop Computing in Your Pocket

We present DeskPod, a portable system that provides a highly reliable desktop computing environment for mobile users by leveraging rapid improvements in capacity, cost, and size of portable storage devices. DeskPod enables a users live computing environment to be suspended to portable storage, carried around, easily copied for fault-resilience, and resumed from the storage device to provide the user with the same persistent, personalized computing environment on another computer DeskPod achieves this by providing a virtualization and checkpoint/restart mechanism that decouples a desktop computing environment from any single hardware device so that it can be stored and executed anywhere, improving desktop computing reliability by eliminating a potential single point of failure. We have implemented a Linux DeskPod prototype and demonstrate its ability to quickly suspend and resume desktop sessions, enabling a seamless mobile experience

GamePod: Persistent Gaming Sessions on Pocketable Storage Devices

We present GamePod, a portable system that enables mobile users to use the same persistent, gaming environment on any available computer. No matter what computer is being used, GamePod provides a consistent gaming environment, maintaining all of a users games, including active game state. This is achieved by leveraging rapid improvements in capacity, cost, and size of portable storage devices. GamePod provides a middleware layer that enables virtualization and checkpoint/restart functionality that decouples the gaming environment from a host machine. This enables gaming sessions to be suspended to portable storage, carried around, and resumed from the storage device on another computer. GamePods middleware layer also isolates gaming sessions from the host, protecting the host by preventing malicious executable content from damaging the host. We have implemented a Linux GamePod prototype and demonstrate its ability to quickly suspend and resume gaming sessions, enabling a seamless gaming experience for mobile users as they move among computers.

MediaPod: A Personalized Multimedia Desktop in Your Pocket

We present MediaPod, a portable system that allows mobile users to maintain the same persistent, personalized multimedia desktop environment on any available computer. Regardless of which computer is being used, MediaPod provides a consistent multimedia desktop session, maintaining all of a users applications, documents and configuration settings. This is achieved by leveraging rapid improvements in capacity, cost, and size of portable storage devices. MediaPod provides a virtualization and checkpoint-restart mechanism that decouples a desktop environment and its applications from the host, enabling multimedia desktop sessions to be suspended to portable storage, carried around, and resumed from the storage device on another computer. MediaPod virtualization also isolates desktop sessions from the host, protecting the privacy of the user and preventing malicious applications from damaging the host. We have implemented a Linux MediaPod prototype and demonstrate its ability to quickly suspend and resume multimedia desktop sessions, enabling a seamless computing experience for mobile users as they move among computers.

MEDIAPOD: A POCKET-SIZED AND PERSONALIZED MULTIMEDIA DESKTOP

We present MediaPod, a portable system that allows mobile users to maintain the same persistent, personalized multimedia desktop environment on any available computer. Regardless of which computer is being used, MediaPod provides a consistent multimedia desktop session, maintaining all of a users applications, documents and configuration settings. This is achieved by leveraging rapid improvements in capacity, cost, and size of portable storage devices. MediaPod provides a virtualization and checkpoint-restart mechanism that decouples a desktop environment and its applications from the host, enabling multimedia desktop sessions to be suspended to portable storage, carried around, and resumed from the storage device on another computer. MediaPod virtualization also isolates desktop sessions from the host, protecting the privacy of the user and preventing malicious applications from damaging the host. We have implemented a Linux MediaPod prototype and demonstrate its ability to quickly suspend and resume multimedia desktop sessions, enabling a seamless computing experience for mobile users as they move among computers.