Research On Software Availability Mechanisms In The Cloud Computing Platform

After grid computing and peer-to-peer computing, a new computing model appears, i.e., Cloud Computing. Its idea is the resource rent, application hosting and service outsourcing. With cloud computing, the utilization of IT resources is greatly improved. However, as users deploy their services or softwares in the cloud computing platform, the reliability of services becomes more and more important. When the software fails to work normally, the economic losses are immeasurable if service providers do not quickly take corresponding measures.The research on software fault tolerance is emerging in recent years. However, it has quickly attracted a lot of interests in research comites of software reliability. Up to now, there are still many issues that need to be further studied in cloud computing. First, there is a problem on the effectiveness of software fault tolerance mechanisms brought with software diversity in the cloud environment. Traditional software fault tolerance mechanisms take little efforts on sharing fault related information in multiple nodes in the cloud environment, and this becomes a new challenge. Moreover, they may cause software not properly work, even not tolerante faults. Second, there is a problem on accurateness of software fault tolerance mechanisms. Existing software fault tolerance technologies have some deficiencies on software memory faults, such as abanding security or only solving heap related faults, and ignoring users’ demand for toleranting faults. Third, there is a problem on online fixing software vulnerabilities in the cloud environment. Recent studies show that users should wait for a long time from vulnerabilites founded to official patches released. Although in the long vulnerable window, users can temporarily tolerate service interruption caused by software vulnerabilities with the help of software fault tolerance mechanisms, there are potential safety problems without fixing vulnerabilities, and software instances in the cloud environment are also unable to collaboratively defense attacks. Stack overflow bugs serverly affect the system security. Existing fault tolerance technologies focus on tolerating faults while ignoring fixing them. The final solution on software vulnerabilities is to adopt a dynamic software updating (DSU) mechanism after releasing patches. DSU mechanisms can dynamically apply patches to fix vulnerabilities and also expand functions. However, there are some disadvantages in existing DSU mechanisms, such as requiring the compiler’s help to make the software updateable or probably infinitely delay updating the running software. Moreover, existing DSU mechanisms treat users as software developers to do human assistance. They require users with specific knowledge of the software, which greatly restricts the usage of DSU. To solve above problems, we research the software reliability in the cloud environment.First, for the problem on the effectiveness of software fault tolerance mechanisms brought with software diversity in the cloud environment, we present a software fault tolerance mechanism for the cloud platform. It shares fault tolerance information among multiple software instances, so that they can quickly recover from faults and collaboratively defense attacks in the cloud platform. Moreover, we improve the effectiveness of traditional software fault tolerance mechanisms by combining the weighted rescue point technology and the error virtualization technology. We evaluate the effectiveness with Web server applications which contain several kinds of vulnerabilities. The experimental results show that this mechanism can help Web server applications to recover from faults within a few seconds, and it only cause a modest performance overhead.Second, for the problem on accurateness of software fault tolerance mechanisms, we propose a concept of memory access virtualization (MAV) which reallocates a stack object into a protected memory area and redirects all the subsequent access from the original address to a new corresponding address. Therefore, MAV mechanism can convert a static stack object to a dynamic object. Based on MAV mechanism, to safely tolerate software faults without losing software functions, we present an on-demand proactive fault tolerance mechanism to protect software against memory vulnerabilities. It can provide software memory safety in a period of time with users’demand. During this period, this mechanism can uniformly manage stack and heap objects to safely protect memory objects. We evaluate the effectiveness with serveral applications which contain different types of memory vulnerabilities. The experimental results show that this mechanism not only can easily create and destroy a hot-portable secure domain, but also can protect the software against memory vulnerabilities in the secure domain.Third, for the problem on fixing stack overflow vulnerability in the vulnerable window, we present a passive stack buffer overflow fixing mechanism which can temporarily fix stack overflow vulnerabilities. This mechanism can diagnose vulnerable bug-triggering stack buffers, and automatically generate patches to fix bugs by dynamically reallocating vulnerable stack buffers into a protected heap area based on the MAV mechanism. We evaluate the effectiveness with different kinds of applications. The experimental results show that this mechanism can quickly generate patches and successfully tolerate the same subsequent attacks. Moreover, the generated patch has a little influence on the normal running of applications.Fourth, for the problem on dynamically applying official patches, we propose a DSU mechanism for cloud computing to thoroughly fix software vulnerabilities. Without specific compliers, it adopts an immediate updating method for multi-threaded software and a fine-grained code updating method for specific security patches. This mechanism supports released binaries and the running software, and adopts a new DSU architecture for cloud computing. The architecture can be easily deployed in the cloud environment, and it expands the application scope of DSU by separating duties of software developers and customers in the updating process. We evaluate the effectiveness with different kinds of applications. The experimental results show that the system can update all applications in test suites, and the effects on the application performance can almost be ignored.In summary, we can tolerate a variety of software faults by adopting the software fault tolerance mechanism for the cloud platform, or we can adopt the on-demand proactive fault tolerance mechanism for memory faults to achieve safety and reserve software functions, or we can adopt the passive stack buffer overflow fixing mechanism to fix stack overflow bugs. When official patches are available, we can adopt the DSU mechanism for cloud computing to fix bugs and expand software functions.