highlighted projects (see more)
Many of the ideas that drive modern cloud computing, such as server virtualization, network slicing, and robust distributed storage, arose from the research community. Despite this success, today’s clouds have become environments that are unsuitable for moving this research agenda forward—they have particular, unmalleable implementations of these ideas “baked in.” CloudLab will not be a cloud; it will be large-scale, distributed scientific infrastructure on top of which many different clouds can be built.
The A3 project applies virtualization, record-and-replay, introspection, repair, and other techniques to develop a customizable container for “advanced adaptive applications.” The A3 container provides its protected application with both innate and adaptive defenses against security threats.
In the TCloud project we are developing a self-defending, self-evolving, and self-accounting trustworthy cloud platform. Our approach in realizing TCloud holds to the following five tenets: defense in depth, least authority, explicit orchestration of security function, moving-target defense, and verifiable accountability.
We are creating XCap, a secure environment for least-authority execution of applications and system services. Unmodified, untrusted, off-the-shelf applications, running on untrusted operating systems, are isolated by a virtual machine manager. XCap brings the power of a capability-based security system to Xen, building on two principles: strong isolation and secure collaboration.
Emulab is a network testbed, giving researchers a wide range of environments in which to develop, debug, and evaluate their systems. The Emulab facility at the University of Utah has over 600 PCs, a hundred wireless devices, and dozens of switches. It is used by thousands of researchers at hundreds of institutions worldwide. The software that we built to run Emulab is open source, and is used as part of dozens of network testbeds across the globe.
CSL Seminar - Fridays at 2 PM in 3485 MEB
recent publications (see more)
Orchestrating the Data-plane of Virtual LTE Core Networks
In IEEE SECON 2017
The Part-Time Cloud: Enabling Balanced Elasticity Between Diverse Computing Environments
In ScienceCloud 2017
PopperCI: Automated Reproducibility Validation
In CNERT 2017
Path Boxplots: A Method for Characterizing Uncertainty in Path Ensembles on a Graph
In JCGS 26(2), 2017
HyPer4: Using P4 to Virtualize the Programmable Data Plane
In CoNEXT 2016
ACACIA - Context-aware Edge Computing for Continuous Interactive Applications over Mobile Networks
In CoNEXT 2016