Thorsten von Eicken
PhD UC Berkeley, 1993
My research has focused on high-performance communication in
clusters of workstations. My group developed the U-Net user-level networking architecture
to close the dramatic gap between the bit-rate of high-speed networks and the
communication performance seen by applications. The key idea in U-Net is to virtualize the
network interface, which allows each application on a multitasking computer to access the
network directly without invoking the operating system. This effectively moves the
protocol stack to the user-level, where it can be
|coupled more tightly to the application,
resulting in an order-of-magnitude reduction in communication overhead. In addition, the
user-level protocols can be customized to the application, thereby enabling
experimentation with new protocols that are, for example, tailored toward real-time
multimedia stream transmission.
The main ideas of U-Net have been incorporated into
the VIA (Virtual Interface Architecture) industry standard led by Compaq, Intel and
Microsoft. At this point, commercial network interfaces designed for VIA are becoming
My group is working on language-based protection,
i.e. techniques to enforce protection mechanisms entirely in software using properties of
programming languages, compilers, and runtime systems. We are concentrating our efforts on
a Java-based system called the J-Kernel. The J-Kernel, written entirely in Java, provides
an operating system infrastructure for customizable Internet servers and
application-specific gateways. The primary goal of the J-Kernel is to allow users to
upload custom services into servers in the network in a secure yet flexible manner. Just
as Java enables Web browsers in which users "safely" download applets, the
J-Kernel enables "safe" Internet servers onto which users can upload servlets.
The J-Kernel relies on type safety properties of the language system in order to enforce
protection boundaries between applications and the OS itself, which means that all code
can run in a single address space and at a single hardware privilege level. The expected
benefits of this approach are higher resource efficiency, seamless system extensibility,
and flexibility in the form of fine grain sharing across protection domains.
Implementing multiple protection domains in Java. Proc.
1998 USENIX Ann. Tech. Conf., New Orleans, LA (June 1998) (with C. Hawblitzel, C.
Chang, G. Czajkowski and D. Hu).
Secure and portable database extensibility. Proc.
ACM SIGMOD '98 Conf., Seattle, WA (June 1998) (with M. Godfrey, S. Mayr, and P.
Evaluating the performance limitations of MPMD
communication. Proc. SC '97, San Jose, CA (Nov. 15-19, 1997) (with C.-C Chang, G.
Czajkowski, and C. Kesselman).