Abstract

In new ways of computing, such as Grid and Cloud computing, the computing environment is in a multi-tenancy and virtual organization setting for which conformed guest process isolation is an important quality of service. Some known approaches suggested to make use of natural isolation existed between virtual machines (VMs) by deploying processes of different guests into separate VMs. We argue that, under a reasonable assumption of using commodity OSes, process isolation using inter-VM isolation is not only inadequate in security, but also impractical in performance and several other considerations. In Project Daoli, we work on process isolation within a VM. Our method modifies the open source hypervisor Xen by adding process isolation components to Xen with conformed behavior.

Daoli is a project on trusted grid infrastructure led by EMC Research China working with Fudan University, Wuhan University and Huazhong University of Science and Technology in China