To improve I/O speed and system performance of network storage devices, a special storage server that is an iSCSI-based network-attached storage server (iSCSI-based network-attached storage server, for short iNAS) is ...To improve I/O speed and system performance of network storage devices, a special storage server that is an iSCSI-based network-attached storage server (iSCSI-based network-attached storage server, for short iNAS) is designed. The iNAS can provide both the file I/O and the block I/O services by an iSCSI module, and it converges with the NAS and the SAN (storage area network). The iNAS improves the I/O speed by the direct data access (zero copy) between the RAID (redundant array of inexpensive disks) controller and the user-level memory. The iNAS integrates the multi-RAID for a single storage pool by a multi-stage stripping device driver, and it implements the storage virtualization. In the experiments, the iNAS has ultra-high-throughput for both the file I/O requests and the block I/O requests.展开更多
with the increasing popularity of cloud services,attacks on the cloud infrastructure also increase dramatically.Especially,how to monitor the integrity of cloud execution environments is still a difficult task.In this...with the increasing popularity of cloud services,attacks on the cloud infrastructure also increase dramatically.Especially,how to monitor the integrity of cloud execution environments is still a difficult task.In this paper,a real-time dynamic integrity validation(DIV) framework is proposed to monitor the integrity of virtual machine based execution environments in the cloud.DIV can detect the integrity of the whole architecture stack from the cloud servers up to the VM OS by extending the current trusted chain into virtual machine's architecture stack.DIV introduces a trusted third party(TTP) to collect the integrity information and detect remotely the integrity violations on VMs periodically to avoid the heavy involvement of cloud tenants and unnecessary information leakage of the cloud providers.To evaluate the effectiveness and efficiency of DIV framework,a prototype on KVM/QEMU is implemented,and extensive analysis and experimental evaluation are performed.Experimental results show that the DIV can efficiently validate the integrity of files and loaded programs in real-time,with minor performance overhead.展开更多
A hybrid distributed virtual environment (DVE) architecture is presented by importing a peer-to-peer (P2P) idea into the traditional client/server (C/S) architecture to improve the DVE system's scalability. The...A hybrid distributed virtual environment (DVE) architecture is presented by importing a peer-to-peer (P2P) idea into the traditional client/server (C/S) architecture to improve the DVE system's scalability. The mathematical model of the overload of the center server was built and a series of simulation experiments were performed to validate the conclusions. When the client number increases to a certain value, the hybrid architecture can reduce server overload with some special clients (temp servers) selected with a certain heuristic strategy. With this architecture, the DVE system can support more system clients with the same server hardware than the C/S architecture can. The server overload "pulse" phenomena causing by the exiting of the temp server can be resolved by adopting a more optimized temp server selecting strategy and by reducing the child client capability of the temp server. By combining the advantages of the C/S architecture and the P2P architecture, the hybrid DVE architecture can effectively improve the scalability of the DVE system. This is validated by theoretical analysis and simulation experiments.展开更多
Currently, the elastic interconnection has realized the high-rate data transmission among data centers(DCs). Thus, the elastic data center network(EDCN) emerged. In EDCNs, it is essential to achieve the virtual networ...Currently, the elastic interconnection has realized the high-rate data transmission among data centers(DCs). Thus, the elastic data center network(EDCN) emerged. In EDCNs, it is essential to achieve the virtual network(VN) embedding, which includes two main components: VM(virtual machine) mapping and VL(virtual link) mapping. In VM mapping, we allocate appropriate servers to hold VMs. While for VL mapping,an optimal substrate path is determined for each virtual lightpath. For the VN embedding in EDCNs, the power efficiency is a significant concern, and some solutions were proposed through sleeping light-duty servers.However, the increasing communication traffic between VMs leads to a serious energy dissipation problem, since it also consumes a great amount of energy on switches even utilizing the energy-efficient optical transmission technique. In this paper, considering load balancing and power-efficient VN embedding, we formulate the problem and design a novel heuristic for EDCNs, with the objective to achieve the power savings of servers and switches. In our solution, VMs are mapped into a single DC or multiple DCs with the short distance between each other, and the servers in the same cluster or adjacent clusters are preferred to hold VMs. Such that, a large amount of servers and switches will become vacant and can go into sleep mode. Simulation results demonstrate that our method performs well in terms of power savings and load balancing. Compared with benchmarks, the improvement ratio of power efficiency is 5%–13%.展开更多
文摘To improve I/O speed and system performance of network storage devices, a special storage server that is an iSCSI-based network-attached storage server (iSCSI-based network-attached storage server, for short iNAS) is designed. The iNAS can provide both the file I/O and the block I/O services by an iSCSI module, and it converges with the NAS and the SAN (storage area network). The iNAS improves the I/O speed by the direct data access (zero copy) between the RAID (redundant array of inexpensive disks) controller and the user-level memory. The iNAS integrates the multi-RAID for a single storage pool by a multi-stage stripping device driver, and it implements the storage virtualization. In the experiments, the iNAS has ultra-high-throughput for both the file I/O requests and the block I/O requests.
基金Supported by the National Natural Science Foundation of China under Grant No. 61370068
文摘with the increasing popularity of cloud services,attacks on the cloud infrastructure also increase dramatically.Especially,how to monitor the integrity of cloud execution environments is still a difficult task.In this paper,a real-time dynamic integrity validation(DIV) framework is proposed to monitor the integrity of virtual machine based execution environments in the cloud.DIV can detect the integrity of the whole architecture stack from the cloud servers up to the VM OS by extending the current trusted chain into virtual machine's architecture stack.DIV introduces a trusted third party(TTP) to collect the integrity information and detect remotely the integrity violations on VMs periodically to avoid the heavy involvement of cloud tenants and unnecessary information leakage of the cloud providers.To evaluate the effectiveness and efficiency of DIV framework,a prototype on KVM/QEMU is implemented,and extensive analysis and experimental evaluation are performed.Experimental results show that the DIV can efficiently validate the integrity of files and loaded programs in real-time,with minor performance overhead.
文摘A hybrid distributed virtual environment (DVE) architecture is presented by importing a peer-to-peer (P2P) idea into the traditional client/server (C/S) architecture to improve the DVE system's scalability. The mathematical model of the overload of the center server was built and a series of simulation experiments were performed to validate the conclusions. When the client number increases to a certain value, the hybrid architecture can reduce server overload with some special clients (temp servers) selected with a certain heuristic strategy. With this architecture, the DVE system can support more system clients with the same server hardware than the C/S architecture can. The server overload "pulse" phenomena causing by the exiting of the temp server can be resolved by adopting a more optimized temp server selecting strategy and by reducing the child client capability of the temp server. By combining the advantages of the C/S architecture and the P2P architecture, the hybrid DVE architecture can effectively improve the scalability of the DVE system. This is validated by theoretical analysis and simulation experiments.
基金supported in part by Open Foundation of State Key Laboratory of Information Photonics and Optical Communications (Grant No. IPOC2014B009)Fundamental Research Funds for the Central Universities (Grant Nos. N130817002, N140405005, N150401002)+3 种基金Foundation of the Education Department of Liaoning Province (Grant No. L2014089)National Natural Science Foundation of China (Grant Nos. 61302070, 61401082, 61471109, 61502075)Liaoning Bai Qian Wan Talents ProgramNational High-Level Personnel Special Support Program for Youth Top-Notch Talent
文摘Currently, the elastic interconnection has realized the high-rate data transmission among data centers(DCs). Thus, the elastic data center network(EDCN) emerged. In EDCNs, it is essential to achieve the virtual network(VN) embedding, which includes two main components: VM(virtual machine) mapping and VL(virtual link) mapping. In VM mapping, we allocate appropriate servers to hold VMs. While for VL mapping,an optimal substrate path is determined for each virtual lightpath. For the VN embedding in EDCNs, the power efficiency is a significant concern, and some solutions were proposed through sleeping light-duty servers.However, the increasing communication traffic between VMs leads to a serious energy dissipation problem, since it also consumes a great amount of energy on switches even utilizing the energy-efficient optical transmission technique. In this paper, considering load balancing and power-efficient VN embedding, we formulate the problem and design a novel heuristic for EDCNs, with the objective to achieve the power savings of servers and switches. In our solution, VMs are mapped into a single DC or multiple DCs with the short distance between each other, and the servers in the same cluster or adjacent clusters are preferred to hold VMs. Such that, a large amount of servers and switches will become vacant and can go into sleep mode. Simulation results demonstrate that our method performs well in terms of power savings and load balancing. Compared with benchmarks, the improvement ratio of power efficiency is 5%–13%.
