Transcript janos-pim-990416

Janos
A Java-oriented Active Network
Operating System
Jay Lepreau, Patrick Tullmann, Kristin Wright
Wilson Hsieh, Godmar Back, many more...
University of Utah
Flux Research Group
www.cs.utah.edu/flux/
April 16, 1999
What is Janos?

Single-address space OS, with some but not much
hardware memory protection

Contains a JVM

Primary target application code is Java byte code

Can also run Posix-like apps
Our Primary Hard Problem
Availability:
Resource Management and Control
Other Hard Problems

Information security

Performance

Tech transfer
Approach

Custom JVM providing inter-AA (inter-applet, interservlet) isolation within the same JVM

Add a policy-free strong security architecture that NSA,
SCC, and we developed in another OS.


Underneath is a highly-modular “embedded” OS
Produce separately useful OS, security, and Java VM
components.
Claim: Broad Relevance
Our custom JVM, and probably the accompanying
security architecture implementation, can run wherever
JVM’s run today.
Resource Control

Leverage experience providing resource control in more
traditional OS’es.

Apply user/kernel mode boundary to a type-safe
environment (Java)

Obvious resources: Cycles / Bandwidth / Memory

Other resources: Caching store, persistent store,
specialized hardware, specialized data

Admission control, prevent denial of service, fair
sharing, perhaps latency constraints, early accounting
Janos Structure
Active Protocols
ANTS-5 EE
Custom Java VM
The OSKit++
Hardware
Janos Structure
Active Protocols
ANTS-5 EE
Custom Java VM
The OSKit++
Hardware
Janos Structure
Active Protocols
ANTS-5 EE
Custom Java VM
Sec. Policy
Engine
The OSKit++
Hardware
Janos Structure
Active Protocols
Other Java EE
ANETD
Non-Java EE
Sec. Policy
Engine
ANTS-5 EE
Custom Java VM
The OSKit++
Hardware
Active Protocols
Other Java EE
ANETD
Non-Java EE
Sec. Policy
Engine
ANTS-5 EE
Custom Java VM
The OSKit++
UNIX
Hardware
Possible Curves in the Road

Neither prototype JVM OS model is the right one

Hardware protection may be included

Flask security architecture may not map well to Java
and Janos

Challenges in GC and cpu interactions.

More surprises undoubtedly await…
Status
Done:
To Do:

Prototype of JVM with
strong OS process model

Eval and unify aspects of
prototypes

Prototype of JVM with
resource controls for
memory,cycles, GC

New OSKit modules

– Security components
– Modular and optimized network
access
Partially modified ANTS to
allow resource control
– Crypto, secure boot, …

Checks in enforcers

Performance, performance

9/99: Team3, support PANDA
and Ninja