ECE Theses and Dissertations

Permanent URI for this collection

https://hdl.handle.net/1911/8316

Browse

Browsing ECE Theses and Dissertations by Author "Amiri Sani, Ardalan"

Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    Design and Implementation of I/O Servers Using the Device File Boundary
    (2015-07-31) Amiri Sani, Ardalan; Zhong, Lin; Varman, Peter; Wallach, Dan; Vasudevan, Venu
    Due to historical reasons, today's computer systems treat I/O devices as second-class citizens, supporting them with ad hoc and poorly-developed system software. As I/O devices are getting more diverse and are taking a central role in modern systems from mobile systems to servers, such second-class system support hinders novel system services such as I/O virtualization and sharing. The goal of this thesis is to tackle these challenges by rethinking the system support for I/O devices. For years, research for I/O devices is limited largely to network and storage devices. However, a diverse set of I/O devices are increasingly important for emerging computing paradigms. For modern mobile systems such as smartphones and tablets, I/O devices such as sensors and actuators are essential to the user experience. At the same time, high-performance computers in datacenters are embracing hardware specialization, or accelerators, such as GPU, DSP, crypto accelerator, etc., to improve the system performance and efficiency as the Dennard scaling has ended. Modern systems also treat such specialized hardware as I/O devices. Since I/O devices are becoming the fundamental service provided by many computer systems, we suggest that they should be treated as I/O servers that are securely accessible to other computers, i.e., clients, as well. I/O servers will be the fundamental building blocks of future systems, enabling the novel system services mentioned above. For example, they enable a video chat application running on a tablet to use the camera on the user's smart glasses and, for better consolidation, enable all applications running in a datacenter to share an accelerator cluster over the network. We address two fundamental challenges of I/O servers: remote access and secure sharing. Remote access enables an application in one machine, either virtual or physical, to use an I/O device in a different machine. We use a novel boundary for remote access: Unix device files, which are used in Unix-like operating systems to abstract various I/O devices. Using the device file boundary for remote access requires low engineering effort as it is common to many classes of I/O devices. In addition, we show that this boundary achieves high performance, supports legacy applications and I/O devices, supports multiple clients, and makes all features of I/O devices available to unmodified applications. An I/O server must provide security guarantees for untrusting clients. Using the device file boundary, a malicious client can exploit the -- very common -- security bugs in device drivers to compromise the I/O server and hence other clients. We propose two solutions for this problem. First, if available in the I/O server, we use a trusted hypervisor to enforce fault and device data isolation between clients. This solution assumes the driver is compromised and hence cannot guarantee functional correctness. Therefore, as a second solution, we present a novel device driver design, called library drivers, that minimizes the device driver Trusted Computing Base (TCB) size and attack surface and hence reduces the possibility of the driver-based exploits. Using our solutions for remote access and secure sharing, we demonstrate that I/O servers enable novel system services: (i) I/O sharing between virtual machines, i.e., I/O virtualization, where virtual machines (VMs) share the I/O devices in the underlying physical machine, (ii) I/O sharing between mobile systems, where one mobile system uses the I/O devices of another system over a wireless connection, and (iii) I/O sharing between servers in a datacenter, where the VMs in one server use the I/O devices of other servers over the network.
  • Thumbnail Image
    Item
    Directional Antenna Diversity for Mobile Devices: Characterizations and Solutions
    (2011) Amiri Sani, Ardalan; Zhong, Lin
    We report a first-of-its-kind realization of directional transmission for smartphone-like mobile devices using multiple passive directional antennas, supported by only one RF chain. The key is a multi-antenna system (MiDAS) and its antenna selection methods that judiciously select the right antenna for transmission. It is grounded by two measurementdriven studies regarding 1) how smartphones rotate during wireless usage in the field and 2) how orientation and rotation impact the performance of directional antennas under various propagation environments. We implement MiDAS using the WARP platform, and evaluate it usmg a computerized motor to rotate the prototype according to traces collected from smartphone users in the field. Our evaluation shows MiDAS achieves median of 3dB increase in link gain. Combined with rate adaptation and power control, MiDAS also improves goodput and power saving. MiDAS does not require any changes to the network infrastructure, and is therefore suitable for immediate deployment.