Ribbons

 

Rationale

Multi-processing undoubtedly represents one of the major challenges for computer sciencists. Through the advent of multi-core computers, but also by the need for programs to execute subcomponents in isolation from each other or with lower privileges, we are all facing challenges due to multi-processing. Isolation between unrelated componenets is relevant in such settings to ensure both efficiency as well as security.

 

Approach

Ribbons is a shared memory programming model that allows for more implicit sharing of memory than processes but is more restrictive than threads. Ribbons structure the heap into protection domains. Privileges between these protection domains are carefully controlled in order to confine certain portions of computation.

RibbonJava is a programming language implementing this ribbons model, to easily create or port programs to use the model. RibbonJava relies on the following three thrusts:

  1. The RibbonJava programming language is a backwards-compatible extension of Java. This language allows us to capture and study the progress and isolation properties of applications through a formal subset of the language.
  2. Building on JikesRVM we implement RibbonJava by leveraging existing memory protection mechanisms in modern hardware and operating systems.
  3. In particular, ribbons exploit a custom memory allocator currently implemented in Linux in user space. We plan on porting this allocator to the kernel level.
In a recent report to be presented at SPLASH 2011 we describe the refactoring of Apache Tomcat to use ribbons for application isolation, discuss the refactoring's design and complexity, and evaluate performance using the SPECweb2009 benchmark. Since our support avoids the overhead of inline security checks and read or write barriers, we observe minor overhead in microbenchmarks and the DaCapo benchmark suite.

 

Support

This project is currently financially supported by the National Science Foundations through grants 0834619 and 1117065.

 

Members

K. Hoffman, P. Eugster.

 

Former Members

H. Metzger.