- AboutThis should describe the systems research collaboration, and present the overall research goals of the new group.
- PeopleHere are the different labs in the SRC…
- PublicationsA page where you will find categorized publications!
- ProjectsA page where you will find our projects
- ResourcesVarious resources for prospective students, current students, alumni. Maybe put something here about life in NYC and at Columbia…
Publications from 2005
Proceedings of the 2nd USENIX/ACM Symposium on Networked Systems Design and Implementation (NSDI 2005), May 2005
An important trend in information technology is the use of increasingly large distributed systems to deploy increasingly complex and mission-critical applications. In order for these systems to achieve the ultimate goal of having similar ease- of-use properties as centralized systems they must allow fast, reliable, and lightweight management and synchronization of their configuration state. This goal poses numerous technical challenges in a truly Internet-scale system, including varying degrees of network connectivity, inevitable machine failures, and the need to distribute information globally in a fast and re- liable fashion. In this paper we discuss the design and implementation of a configuration management system for the Akamai Network. It allows reliable yet highly asynchronous delivery of configura- tion information, is significantly fault-tolerant, and can scale if necessary to hundreds of thousands of servers. The system is fully functional today providing configuration management to over 15,000 servers deployed in 1200+ differ- ent networks in 60+ countries.
Proceedings of the 14th International World Wide Web Conference (WWW 2005), May 2005
We present WebPod, a portable system that enables mobile users to use the same persistent, personalized web brows- ing session on any Internet-enabled device. No matter what computer is being used, WebPod provides a consistent brows- ing session, maintaining all of a userâ€™s plugins, bookmarks, browser web content, open browser windows, and browser configuration options and preferences. This is achieved by leveraging rapid improvements in capacity, cost, and size of portable storage devices. WebPod provides a virtualiza- tion and checkpoint/restart mechanism that decouples the browsing environment from the host, enabling web browsing sessions to be suspended to portable storage, carried around, and resumed from the storage device on another computer. WebPod virtualization also isolates web browsing sessions from the host, protecting the browsing privacy of the user and preventing malicious web content from damaging the host. We have implemented a Linux WebPod prototype and demonstrate its ability to quickly suspend and resume web browsing sessions, enabling a seamless web browsing expe- rience for mobile users as they move among computers.
Group Ratio Round-Robin: O(1) Proportional Share Scheduling for Uniprocessor and Multiprocessor Systems
Proceedings of the 2005 USENIX Annual Technical Conference, April 2005
We present Group Ratio Round-Robin (GR3 ), the first pro- portional share scheduler that combines accurate propor- tional fairness scheduling behavior with O(1) scheduling overhead on both uniprocessor and multiprocessor systems. GR3 uses a simple grouping strategy to organize clients into groups of similar processor allocations which can be more easily scheduled. Using this strategy, GR3 combines the benefits of low overhead round-robin execution with a novel ratio-based scheduling algorithm. GR3 introduces a novel frontlog mechanism and weight readjustment algo- rithm to operate effectively on multiprocessors. GR3 pro- vides fairness within a constant factor of the ideal general- ized processor sharing model for client weights with a fixed upper bound and preserves its fairness properties on multi- processor systems. We have implemented GR3 in Linux and measured its performance. Our experimental results show that GR3 provides much lower scheduling overhead and much better scheduling accuracy than other schedulers commonly used in research and practice.
Department of Computer Science, Columbia University Technical Report , CUCS-009-05, February 2005
The increasing popularity of distance learning and online courses has highlighted the lack of collaborative tools for student groups. In addition, the introduction of lecture videos into the online curriculum has drawn attention to the disparity in the network resources used by students. We present an e-Learning architecture and adaptation model called AI2 TV (Adaptive Internet Interactive Team Video), a system that allows bor- derless, virtual students, possibly some or all disadvantaged in network resources, to collaboratively view a video in synchrony. AI2 TV upholds the invariant that each student will view semantically equivalent content at all times. Video player actions, like play, pause and stop, can be ini- tiated by any of the students and the results of those actions are seen by all the other students. These features allow group members to review a lecture video in tandem to facilitate the learning process. We show in experimental trials that our system can successfully synchronize video for distributed students while, at the same time, optimizing the video quality given actual (fluctuating) bandwidth by adaptively adjusting the quality level for each student.
Proceedings of the 36th ACM Technical Symposium on Computer Science Education (SIGCSE 2005), February 2005
Operating system courses teach students much more when they provide hands-on kernel-level project experience with a real operating system. However, enabling a large class of students to do kernel development can be difficult. To ad- dress this problem, we created a virtual kernel development environment in which operating systems can be developed, debugged, and rebooted in a shared computer facility with- out affecting other users. Using virtual machines and remote display technology, our virtual kernel development labora- tory enables even distance learning students at remote loca- tions to participate in kernel development projects with on- campus students. We have successfully deployed and used our virtual kernel development environment together with the open-source Linux kernel to provide kernel-level project experiences for over nine hundred students in the introduc- tory operating system course at Columbia University.
Proceedings of the 12th Annual Network and Distributed System Security Symposium (NDSS 2005), February 2005
We present a solution to the denial of service (DoS) problem that does not rely on network infrastructure support, conforming to the end-to-end (e2e) design prin- ciple. Our approach is to combine an overlay network, which allows us to treat authorized traffic preferentially, with a lightweight process-migration environment that allows us to move services easily between different parts of a distributed system. Functionality residing on a part of the system that is subjected to a DoS attack migrates to an unaffected location. The overlay network ensures that traffic from legitimate users, who are authenticated before they are allowed to access the service, is routed to the new location. We demonstrate the feasibility and effectiveness of our approach by measuring the perfor- mance of an experimental prototype against a series of attacks using PlanetLab, a distributed experimental testbed. Our preliminary results show that the end-to- end latency remains at acceptable levels during regular operation, increasing only by a factor of 2 to 3, even for large overlays. When a process migrates due to a DoS attack, the disruption of service for the end user is in the order of a few seconds, depending on the network proximity of the servers involved in the migration.
Ph.D. Thesis, Department of Computer Science, Columbia University, February 2005
Introduced are two novel schemes for inter-networking, and an opportunity they present to diagonalize the Internet architecture, i.e. orthogonalize its components at multiple levels, so as to make it simpler as well as inherently more general, dynamic and scalable. The first is client-side virtualization of Internet Protocol (IP) addresses, representing a functional inverse of network address translation (NAT) that instantly enables unlimited effective extension of Layer 3 address space as independent realms, analogous to per-process virtual addressing in Unix, thus also eliminating the current need for global coordination of the Layer 3 space. The second is a namespace providing IP-like routing semantics instead of mere translation to lower layer addresses, sufficing for inter-realm addressing and routing independently of Layer 3. It is further shown to be a natural coordinate system by construction, thus obviating the express numbering of nodes as in IP, and canonical with respect to networking, in the sense of requiring the least configurational information of any networking, i.e. addressing and routing, scheme. These properties make it ideal as an inter-domain network and protocol, and for confining IP to individual domains or realms using VAS. Simplicity results for network operators by the elimination of all need to coordinate IP addresses, including for application servers, requiring only locally unique labelling of nodes and link-local configuration. Generality includes full multi-realm access to unmodified IP hosts and applications â€“ via local VAS mapping of foreign destinations addressed by name. Flexibility lies in the capability for multiple application-specific secondary namespaces and for bottom-up evolution of newer inter-networks even over existing infrastructure by linking separate deployments, as coordinated numbering is eliminated. The dynamic nature includes the instant effectiveness of name bindings and deletions. Scalability is assured by the elimination of hard limits and generally by the localization of both configuration and traffic. Route discovery and automatic subscriptions to namespace changes are envisaged for performance and efficiency, and filesystem-like ownership and access control as a simpler security model. The basic ideas are implemented in a prototype.