Events & News
Computer Science Colloquium
| Category | Lecture |
| Date | Monday, April 14, 2008 |
| Time | 10:00 am |
| Location | GS 701 |
| Details | PhD Dissertation |
| Speaker | Justin Cappos |
| Affiliation | UA, Computer Science Dept |
Stork: Secure Package Management for VM Environments
Package managers are a common tool for installing, removing, and updating software on modern computer systems. Unfortunately existing package managers have two major problems. First, inadequate security leads to vulnerability to attack. There are nine feasible attacks against modern package managers, many of which are enabled by flaws in the underlying security architecture. Second, in Virtual Machine (VM) environments such as Xen, VMWare, and VServers, different VMs on the same physical machine are treated as separate systems by package managers leading to redundant package downloads and installations.
This dissertation focuses on the design, development, and evaluation of a package manager called Stork that does not have these problems. Stork provides a security architecture that prevents the attacks other package managers are vulnerable to. Stork also is efficient in VM environments and reduces redundant package management actions. Stork is a real system that has been in use for four years and has managed half a million VM instantiations.