一种透明的可信云租户隔离机制研究

租户隔离是云计算能被作为第三方服务提供给租户的重要前提,因此云租户隔离机制的安全有效性能否被租户信任对云计算服务的推广非常关键.但是在云计算这种第三方服务模式中,由于租户不能参与云服务基础设施及其安全隔离机制的建设和管理过程,因此他们难以对云租户隔离机制的安全有效性建立信心.本文将透明性要求视为可信云租户隔离机制的一部分,将云租户隔离机制和租户透明要求都转化为云服务系统中不同安全域之间的信息流, 对云租户隔离机制进行定义,并制定云计算平台中的域间信息流策略控制方式,最后基于信息流无干扰理论证明了所定义的云租户隔离机制在安全方面的有效性.     

面向多租户Web应用的性能隔离方法

提出一种面向应用级共享的多租户Web应用性能隔离方法.首先建立基于事务处理链的应用级资源管理模型,基于信号量机制给出了模型的并发控制算法,支持事务级、分阶段的多租户Web应用资源管理,并在一次事务处理的各阶段实现线程复用,避免因修改交互协议而产生的再工程代价.基于上述工作,给出多租户性能隔离算法及策略,并利用TPC-W电子商务应用验证方法的系统开销及有效性.实验结果表明,该方法可以有效降低租户资源侵占行为的影响,并避免系统过载.     

IBM通用并行文件系统的性能

我们测试了ＩＢＭ通用并行文件系统（ＧＰＦＳ）在各种条件下的性能和可扩展性。该测试基于允许改变程序块大小和存取模式等,并允许测试总吞吐率的基准测试程序。我们用这些数据为应用开发提供性能建议,并作为改进并行文件系统的指导原则。     

一种面向多租户云存储平台的访问控制策略

云存储平台是多租户共享环境,能否实现其中不同租户数据之间的有效安全隔离成为了用户最为关心的问题.以RBAC(Role Based Access Control)策略为基础,结合组织标签和多种安全属性的逻辑组合,提出一种灵活的访问控制策略,它一方面保证云端不同企业之间数据的强隔离性,使某企业用户无法越权访问其他企业的用户数据;另一方面保证云存储企业内部数据的适度隔离,即可以根据公司自身的安全需求灵活定制企业内部策略.同时,引入虚拟组织的概念实现企业之间可能的数据共享;引入利益冲突的概念限制竞争企业之间的共享.给出了该策略在基于HDFS (Hadoop Distributed File System)的云存储架构中的原型实现.实验结果表明,该策略能够有效保障云存储平台多租户数据之间的恰当安全隔离.     

蓝鲸文件系统中元数据与数据隔离技术

针对文件系统中元数据访问对应用数据访问的干扰问题,基于资源分配分离及访问路由分发技术,在蓝鲸文件系统中实现元数据和数据存储及I/O时的隔离。测试结果表明,将元数据从数据中隔离并将其独立配置到高速存储后,应用I/O带宽提高了2.6倍~2.8倍,操作吞吐率提高了2倍~5倍。     

一种HTML5云文件系统

本文提出了一种HTML5云文件系统,使得HTML5应用能够像访问传统文件系统一样访问云存储。HTML5云文件系统充分利用了浏览器的HTML5特性,实现了云存储数据的本地缓存和离线操作,提高了云存储的访问效率。针对移动互联网的特点和多用户、多终端访问的需求,实现了身份认证、访问控制、数据同步等功能,为移动智能终端应用开发提供支撑。     

面向并行文件系统的性能评估及相对预测模型

基于Lustre文件系统,对并行文件系统的性能评估和性能建模进行了研究.通过对性能因子的调研,进行了一系列性能评估实验,并提出性能相关性模型(PRModel).在实验评估和PRModel分析中发现,在不同的性能因子之间存在着紧密的性能相关性.为了挖掘并利用这种相关性信息,提出了一种相对性能预测模型(RPPModel)来预测不同性能因子条件下的性能.为了验证RPPModel的有效性,设计了大量实验用例.结果表明,预测结果的平均相对误差能够控制在17%~28%的范围内,易于使用且具有较好的预测准确度.     

云存储日志文件系统中快照的设计与实现

在逐步分析云存储日志文件系统中快照机制的基础上,设计并实现了基于HLFS(Hadoop DFS log-structured File-system)云存储日志文件系统的快照系统。通过在HLFS中添加新的快照,从快照系统中就可以随时获取该快照的信息,并恢复该快照时的所有数据,使云存储系统能够及时地进行数据恢复,从而避免云存储中核心数据的丢失,保证云存储中数据的安全性。为尽可能提高云存储日志文件系统中快照系统的可扩展性与实用性,详细分析快照在云存储日志文件系统中的设计与实现,并结合其他快照,分析了HLFS快照的实现性能。     

面向内存文件系统的数据一致性更新机制研究

近年来,研究界提出了多种管理新型存储级内存的内存文件系统,例如BPFS,PMFS和SIMFS。由于内存文件系统的设备访问方式和I/O路径不同于传统面向块设备的文件系统,适用于内存文件系统的数据一致性更新机制尚未得到很好的研究。为此,提出一种适用于内存文件系统的直接拷贝的数据一致性更新机制,讨论多种数据一致性更新机制在内存文件系统中的优缺点,并以内存文件系统SIMFS为基础,实现多种支持不同数据一致性更新机制的SIMFS版本。通过测试基准测试了各个SIMFS版本的性能,并分析了不同数据一致性更新机制对内存文件系统的整体性能的影响。实验结果表明,提出的直接拷贝机制在内存文件系统中取得了最好的性能。     

面向云应用的存储缓存子系统

性能是云应用的重要指标,云应用与现有应用在数据存储与管理方式和访问模式等方面存在较大差异,这使得传统的缓存管理算法难以适应云应用的要求。针对云应用的特性,设计了基于影响因子的缓存策略,亦即将元数据和数据缓存分开管理,使用影响因子综合管理影响缓存被再次访问的几率的多种因素,区别创建、打开、读取和修改等操作对缓存再次访问的几率的影响;设计了缓存关联管理策略,即利用元数据和数据之间的关联提高缓存管理的性能;设计了缓存主动调度策略,即通过主动淘汰较低影响因子的缓存项和动态调整元数据与数据缓存的大小来提高缓存子系统的适应能力和性能。最后实现了原型系统,并使用Filebench和Postmark进行了测试和分析,验证了面向云应用缓存子系统原型能提高1%~120%的I/O性能以及2%~87%的操作处理速度。     

SDFS: A software-defined file system for multitenant cloud storage

Performance isolation is highly desirable in cloud platforms where the virtual disks of virtual machines are simply large files on the shared and networked storage servers. However, existing isolation techniques cannot deal with the implications of the file system used by the networked storage servers, such that underlying resource usage is unpredictable (eg, the delayed write-back mechanism could postpone writes, and the journaling mechanism could amplify writes). The lack of visibility on underlying resource usage leads to the predicament of being unable to meet isolation goals. In this paper, we present a software-defined file system (SDFS) that exploits the underlying file system to allocate resources at per-image-file granularity and provide tenants with guaranteed throughput. The SDFS comprises two components: control plane and data plane. At the control plane, we provide a set of system calls to document tenant performance requirements into the metadata of image files. At the data plane, we construct a file-based scheduler to manage memory and disk resources according to the tenant performance requirements. The SDFS design does not require a modification to guest operating systems, hypervisors, or file server protocols. Through a prototype implementation, we demonstrate that the SDFS can meet isolation goals and increase resource utilization with negligible overhead.     

云环境下一种隐私文件分类存储与保护方案*

针对云计算环境下存储的隐私文件会造成隐私泄漏、信息量过载,使用传统加密算法对隐私文件进行加密后再外包给云的方法严重影响了隐私文件的可检索性问题进行研究,提出了一种既能够有效减少云环境中信息存储量过载,同时又能够满足隐私文件的加密保护和检索的方案。该方案首先对隐私文件进行分类,将直接隐私文件存储在数据拥有者本地存储器,非直接隐私文件则加密后上传云环境中存储,实现了隐私文件的分类存储和安全保护。然后基于改进的哈希列表建立了一个包含文件属性描述的文件检索索引、生成了文件检索陷门,实现了使用关键词在密文状态下完成文件检索。最后,通过详细的理论分析和实验对比分析证明了方案的可行性和实用性。     

Freeze'nSense: estimation of performance isolation in cloud environments

Modern computing hardware has a very good task parallelism, but resource contention between tasks remains high. This renders large fractions of CPU time wasted and leads to application interference. Even tasks running on dedicated CPU cores can still incur interference from other tasks, most notably because of the caches and other hardware components shared by more than one core. The level of interference depends on the nature of executed tasks and is difficult to predict. A customer who has been granted that his task will run as if it were alone (e.g., a CPU core dedicated to a virtual machine), indeed suffers from significant performance degradation due to the time spent waiting for resources occupied by other tasks. Measuring actual performance of a task or a virtual machine can be difficult. However, even more challenging is estimating what the performance of the task should be if it were running completely in isolation. In this paper, we present a measurement technique Freeze'nSense. It is based on the hardware performance counters and allows measuring actual performance of a task and estimating performance as if the task were in isolation, all during runtime. To estimate performance in isolation, the proposed technique performs a short‐time freezing of the potentially interfering tasks. Freeze'nSense introduces lower than 1% overhead and is confirmed to provide accurate and reliable measurements. In practice, Freeze'nSense becomes a valuable tool helping to automatically identify tasks that suffer the most in a shared environment and move them to a distant core. The observed performance improvement can be as large as 80–100% for individual tasks, and scale up to 15–20% for the computing node. Copyright © 2016 John Wiley & Sons, Ltd.     

基于Google云计算平台的文件共享系统设计与实现

文件的存储、管理以及随时读取是众多现代企业的基本要求。分析了Google App Engine开发技术;提出了基于Google云计算平台的文件共享系统的设计方案;通过对Google App Engine开发环境的部署,实现了文件共享系统。     

智能手机中基于云实例的高效文件管理系统

针对现有云存储技术应用到智能手机上导致其能量和带宽消耗较大这一不足,以Dropbox平台作为云服务提供商,设计了一种基于云实例的高效安全的文件管理系统（FM-CI）。FM-CI支持下载、压缩、加密和转换操作,同时支持在两个智能手机用户的云存储空间之间进行文件传输。此外,考虑到频繁开启云实例仍然可能增加用户的成本,还给出了用户空闲实例共享协议和基于共享实例的文件传输方案。仿真实验结果表明,FM-CI能在消耗较少时间和带宽的前提下,高效地完成文件操作,且性能要优于目前最新的云存储方案。     

基于OpenStack的云存储系统的大文件存储方案

为解决开源云平台OpenStack的对象存储服务Swift在存储GB级大文件方面的不足,提出基于文件分割、片段合并、并行处理的GB级大文件的存储方案。分析Swift体系结构及其特点,在此基础上构建云存储系统的层次架构;制定GB级大文件的存储策略,设计关键数据结构和上传下载的核心流程,使用Java多线程实现该方案。部署云存储实验环境,通过实验验证了该方案的可行性,该方案突破了Swift对文件大小的限制,提高了文件的上传和下载速度。     

Short communication dmert crash resistant file systems

DMERT (Duplex, Multi-Environment, Real Time) is a real-time operating system that supports reliable telecommunications applications. Although DMERT file systems are based on UNIX^TM file systems, which suffer robustness drawbacks, DMERT file systems do not suffer these drawbacks. The DMERT file manager uses synchronous writes and file system audits to manage crash resistant file systems. The performance penalty for this crash resistance is minimal. This note describes DMERT's crash resistance policy and shows how UNIX and UNIX-like file systems can be made crash resistant without sacrificing performance.     

Architectural considerations for next-generation file systems

Integration – supporting multiple application classes with heterogeneous performance requirements – is an emerging trend in networks, file systems, and operating systems. We evaluate two architectural alternatives – partitioned and integrated – for designing next-generation file systems. Whereas a partitioned server employs a separate file system for each application class, an integrated file server multiplexes its resources among all application classes; we evaluate the performance of the two architectures with respect to sharing of disk bandwidth among the application classes. We show that although the problem of sharing disk bandwidth in integrated file systems is conceptually similar to that of sharing network link bandwidth in integrated services networks, the arguments that demonstrate the superiority of integrated services networks over separate networks are not applicable to file systems. Furthermore, we show that: an integrated server outperforms the partitioned server in a large operating region and has slightly worse performance in the remaining region; the capacity of an integrated server is larger than that of the partitioned server; and an integrated server outperforms the partitioned server by a factor of up to 6 in the presence of bursty workloads.     

Practical prefetching techniques for multiprocessor file systems

Improvements in the processing speed of multiprocessors are outpacing improvements in the speed of disk hardware. Parallel disk I/O subsystems have been proposed as one way to close the gap between processor and disk speeds. In a previous paper we showed that prefetching and caching have thepotential to deliver the performance benefits of parallel file systems to parallel applications. In this paper we describe experiments withpractical prefetching policies that base decisions only on on-line reference history, and that can be implemented efficiently. We also test the ability of those policies across a range of architectural parameters.