SIVSHM: Secure Inter-VM Shared Memory
With wide spread acceptance of virtualization, virtual machines (VMs) find their presence in various applications such as Network Address Translation (NAT) servers, firewall servers and MapReduce applications. Typically, in these applications a data manager collects data from the external world and...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Sreenivasamurthy, Shesha Miller, Ethan |
| description | With wide spread acceptance of virtualization, virtual machines (VMs) find
their presence in various applications such as Network Address Translation
(NAT) servers, firewall servers and MapReduce applications. Typically, in these
applications a data manager collects data from the external world and
distributes it to multiple workers for further processing. Currently, data
managers distribute data with workers either using inter-VM shared memory
(IVSHMEM) or network communication. IVSHMEM provides better data distribution
throughput sacrificing security as all untrusted workers have full access to
the shared memory region and network communication provides better security at
the cost of throughput. Secondly, IVSHMEM uses a central distributor to
exchange eventfd - a file descriptor to an event queue of length one, which is
used for inter-VM signaling. This central distributor becomes a bottleneck and
increases boot time of VMs. Secure Inter-VM Shared Memory (SIVSHM) provided
both security and better throughout by segmenting inter-VM shared memory, so
that each worker has access to segment that belong only to it, thereby enabling
security without sacrificing throughput. SIVSHM boots VMs in 30% less time
compared to IVSHMEM by eliminating central distributor from its architecture
and enabling direct exchange of eventfds amongst VMs. |
| doi_str_mv | 10.48550/arxiv.1909.10377 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_1909_10377</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1909_10377</sourcerecordid><originalsourceid>FETCH-LOGICAL-a677-77e3642e91431af3b11890639c419cf172a23f5f0c4d5144d00802b9038ef0e13</originalsourceid><addsrcrecordid>eNotzrsOgkAQQNFtLIz6AVbSWIIzzMKydsb4IIFYYGzJCrORRNSsj-jfGx_V7W6OEEOEQCZRBBPjns0jQA06QCClumJcpLtinU-9gqu7Yy893dj5u9wrDsZx7eXcnt2rLzrWHK88-LcntsvFdr72s80qnc8y38RK-UoxxTJkjZLQWNojJhpi0pVEXVlUoQnJRhYqWUcoZQ2QQLjXQAlbYKSeGP22X2d5cU1r3Kv8eMuvl97I3zcn</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>SIVSHM: Secure Inter-VM Shared Memory</title><source>arXiv.org</source><creator>Sreenivasamurthy, Shesha ; Miller, Ethan</creator><creatorcontrib>Sreenivasamurthy, Shesha ; Miller, Ethan</creatorcontrib><description>With wide spread acceptance of virtualization, virtual machines (VMs) find
their presence in various applications such as Network Address Translation
(NAT) servers, firewall servers and MapReduce applications. Typically, in these
applications a data manager collects data from the external world and
distributes it to multiple workers for further processing. Currently, data
managers distribute data with workers either using inter-VM shared memory
(IVSHMEM) or network communication. IVSHMEM provides better data distribution
throughput sacrificing security as all untrusted workers have full access to
the shared memory region and network communication provides better security at
the cost of throughput. Secondly, IVSHMEM uses a central distributor to
exchange eventfd - a file descriptor to an event queue of length one, which is
used for inter-VM signaling. This central distributor becomes a bottleneck and
increases boot time of VMs. Secure Inter-VM Shared Memory (SIVSHM) provided
both security and better throughout by segmenting inter-VM shared memory, so
that each worker has access to segment that belong only to it, thereby enabling
security without sacrificing throughput. SIVSHM boots VMs in 30% less time
compared to IVSHMEM by eliminating central distributor from its architecture
and enabling direct exchange of eventfds amongst VMs.</description><identifier>DOI: 10.48550/arxiv.1909.10377</identifier><language>eng</language><subject>Computer Science - Operating Systems</subject><creationdate>2019-09</creationdate><rights>http://arxiv.org/licenses/nonexclusive-distrib/1.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,776,881</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/1909.10377$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.1909.10377$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Sreenivasamurthy, Shesha</creatorcontrib><creatorcontrib>Miller, Ethan</creatorcontrib><title>SIVSHM: Secure Inter-VM Shared Memory</title><description>With wide spread acceptance of virtualization, virtual machines (VMs) find
their presence in various applications such as Network Address Translation
(NAT) servers, firewall servers and MapReduce applications. Typically, in these
applications a data manager collects data from the external world and
distributes it to multiple workers for further processing. Currently, data
managers distribute data with workers either using inter-VM shared memory
(IVSHMEM) or network communication. IVSHMEM provides better data distribution
throughput sacrificing security as all untrusted workers have full access to
the shared memory region and network communication provides better security at
the cost of throughput. Secondly, IVSHMEM uses a central distributor to
exchange eventfd - a file descriptor to an event queue of length one, which is
used for inter-VM signaling. This central distributor becomes a bottleneck and
increases boot time of VMs. Secure Inter-VM Shared Memory (SIVSHM) provided
both security and better throughout by segmenting inter-VM shared memory, so
that each worker has access to segment that belong only to it, thereby enabling
security without sacrificing throughput. SIVSHM boots VMs in 30% less time
compared to IVSHMEM by eliminating central distributor from its architecture
and enabling direct exchange of eventfds amongst VMs.</description><subject>Computer Science - Operating Systems</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotzrsOgkAQQNFtLIz6AVbSWIIzzMKydsb4IIFYYGzJCrORRNSsj-jfGx_V7W6OEEOEQCZRBBPjns0jQA06QCClumJcpLtinU-9gqu7Yy893dj5u9wrDsZx7eXcnt2rLzrWHK88-LcntsvFdr72s80qnc8y38RK-UoxxTJkjZLQWNojJhpi0pVEXVlUoQnJRhYqWUcoZQ2QQLjXQAlbYKSeGP22X2d5cU1r3Kv8eMuvl97I3zcn</recordid><startdate>20190923</startdate><enddate>20190923</enddate><creator>Sreenivasamurthy, Shesha</creator><creator>Miller, Ethan</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20190923</creationdate><title>SIVSHM: Secure Inter-VM Shared Memory</title><author>Sreenivasamurthy, Shesha ; Miller, Ethan</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a677-77e3642e91431af3b11890639c419cf172a23f5f0c4d5144d00802b9038ef0e13</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Computer Science - Operating Systems</topic><toplevel>online_resources</toplevel><creatorcontrib>Sreenivasamurthy, Shesha</creatorcontrib><creatorcontrib>Miller, Ethan</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Sreenivasamurthy, Shesha</au><au>Miller, Ethan</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>SIVSHM: Secure Inter-VM Shared Memory</atitle><date>2019-09-23</date><risdate>2019</risdate><abstract>With wide spread acceptance of virtualization, virtual machines (VMs) find
their presence in various applications such as Network Address Translation
(NAT) servers, firewall servers and MapReduce applications. Typically, in these
applications a data manager collects data from the external world and
distributes it to multiple workers for further processing. Currently, data
managers distribute data with workers either using inter-VM shared memory
(IVSHMEM) or network communication. IVSHMEM provides better data distribution
throughput sacrificing security as all untrusted workers have full access to
the shared memory region and network communication provides better security at
the cost of throughput. Secondly, IVSHMEM uses a central distributor to
exchange eventfd - a file descriptor to an event queue of length one, which is
used for inter-VM signaling. This central distributor becomes a bottleneck and
increases boot time of VMs. Secure Inter-VM Shared Memory (SIVSHM) provided
both security and better throughout by segmenting inter-VM shared memory, so
that each worker has access to segment that belong only to it, thereby enabling
security without sacrificing throughput. SIVSHM boots VMs in 30% less time
compared to IVSHMEM by eliminating central distributor from its architecture
and enabling direct exchange of eventfds amongst VMs.</abstract><doi>10.48550/arxiv.1909.10377</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.1909.10377 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_1909_10377 |
| source | arXiv.org |
| subjects | Computer Science - Operating Systems |
| title | SIVSHM: Secure Inter-VM Shared Memory |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-05T08%3A58%3A59IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=SIVSHM:%20Secure%20Inter-VM%20Shared%20Memory&rft.au=Sreenivasamurthy,%20Shesha&rft.date=2019-09-23&rft_id=info:doi/10.48550/arxiv.1909.10377&rft_dat=%3Carxiv_GOX%3E1909_10377%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |