technology | doi:10.1145/1467247 .1467253 kirk l. kroeker
TRANSCRIPT
8/14/2019 Technology | DOI:10.1145/1467247 .1467253 Kirk L. Kroeker
http://slidepdf.com/reader/full/technology-doi1011451467247-1467253-kirk-l-kroeker 1/3
8/14/2019 Technology | DOI:10.1145/1467247 .1467253 Kirk L. Kroeker
http://slidepdf.com/reader/full/technology-doi1011451467247-1467253-kirk-l-kroeker 2/3
news
march 2009 | vol. 52 | no. 3 | communications of the acm 19
Quantum Computing
AtomsTeleported a em scenss rm heUnversy Mrylnd ndhe Unversy Mchgnhve successully elerednrmn beween r ms, hused n serend enclsed cnners,crss dsnce ne meer,rers Science. accrdng he scenss, hs s he frs me h nrmn hsbeen elered beween wsere ms n uncnnecedcnners.
Wh her rcl,he scenss successully elered qunumnrmn beween w
yerbum ns, usng mehd elern n whch hens re smuled em hns nd he qunum sesre nerred rm he clr he emssns. the scenssrer h m--melered nrmn cn berecvered wh erec ccurcy rxmely 90% he me,nd hey beleve h fgure cnbe mrved.
“our sysem hs heenl rm he bss r lrge-scle ‘qunum reeer’h cn newrk qunum
memres ver vs dsnces,”sys Chrsher Mnre,he em leder nd hyscsressr he Unversy Mrylnd. “Mrever,ur mehds cn be used ncnjuncn wh qunumb erns cree key cmnen needed r qunum cmun.
“one rculrly rcvesec ur mehd sh cmbnes he unquedvnges bh hns ndms,” sys Mnre. “phnsre del r rnserrng
nrmn s ver lng dsnces, wheres mser vluble medum r lng-lved qunum memry.the cmbnn reresensn rcve rchecure r ‘qunum reeer,’ h wuldllw qunum nrmn be cmmunced ver muchlrger dsnces hn cn bedne wh jus hns. als,he elern qunumnrmn n hs wy culdrm he bss new ye qunum inerne h culduerrm ny cnvennl
ye clsscl newrk r cern sks.”
that has become increasingly popu-
lar. While it might be easy to think
o virtualization as adding a sotware
layer that requires additional controlsto maintain security, proponents o
virtualization argue that it serves the
opposite purpose, and instead rep-resents a core enhancement to secu-
rity. “The only way we know how toget strong isolation is to keep thingssimple,” says Mendel Rosenblum,
ounder o VMware and a proessor o
computer science at Stanord Univer-sity. “And the only way we know how to
do that is to have isolation enorced at
the lowest level.”
Modern operating systems have ahigh level o unctionality—and a cor-
responding level o complexity and
number o potential weaknesses. “I
look at virtualization as a step towardgetting out o the mess we have in
terms o these systems being so in-secure,” says Rosenblum, who main-
tains that better security is a natural
result o virtualization. Still, he says, itis incumbent on those working on vir-
tualization to build layers that don’t
make virtualized systems so ull o ea-
tures and complex that they becomedifcult to secure.
Ian Pratt, ounder o XenSource and
vice president o advanced products at
Citrix, has a similar view o virtualiza-tion’s relationship to security. “I you
look at hypervisors or laptops andphones, it’s not about consolidation,”
he says. “It’s about security and being
able to secure dierent partitions on
a device.”Citrix is developing sotware or
a model o mobile computing that
the company calls “bring your owncomputer,” with the idea being or
employees to use their own laptop
or securely connecting to the corpo-
rate network. In this model, the lap-top runs a corporate virtual machine
directly on top o a hypervisor ratherthan in a hosted virtual environment
contained by the employee’s personal
operating system.
“You need to provide very strict iso-lation between those environments
because you really don’t trust the per-
sonal environment,” says Pratt. “It isonly through using a hypervisor where
you can achieve that strong isolation
between those environments.”Like VMware’s Herrod, Pratt points
to smartphones as one maniestation
o this new way o thinking about vir-
tualization and security. In Pratt’sexample, a handset might have one
virtual machine that controls the ra-
dio, another that contains all the de-ault sotware and applications, and athird that operates everything the user
downloads and installs. “The whole
idea behind this,” says Pratt, “is thatbecause you have this strong isolation,
no matter what rubbish you download
and install on the phone, you are stillgoing to be able to make that 911 call
whenever you need it.”
Proponents o virtualization say
that, in addition to acilitating new ways o enorcing security, virtual-
ization technologies are leading tonew ways o distributing sotware.“Virtualization not only gives you the
ability to manage hardware more e-
ectively,” says Rosenblum, “but alsoallows you to treat the sotware you’re
running dierently.” One way o lever-
aging virtualization’s capabilities isto ship complete packages o running
virtual machines rather than having
users assemble operating systems
and applications themselves, he says.The idea represents a dierent take
on sotware as a service, a model thatobviates the need or users to assem-ble applications themselves. “It’s not
like you buy all the separate parts to
make a car, but that’s what we do withcomputers,” says Rosenblum, who
predicts that virtualization will lead to
users simply invoking complete, au-thenticated virtual machines tailored
to their particular needs.
cr cllg
While virtualization is continuing to
make inroads in several new areas and
W vrlz,ppl wll b bl b rwrk p d
p gl d.
8/14/2019 Technology | DOI:10.1145/1467247 .1467253 Kirk L. Kroeker
http://slidepdf.com/reader/full/technology-doi1011451467247-1467253-kirk-l-kroeker 3/3
20 communications o the acm | march 2009 | vol. 52 | no. 3
news
l e f t : P h o t o g r a P h
c o u r t e s y o f c a r o l i n e s e l f r i d g e ,
r i g h t P h o t o
g r a P h
c o u r t e s y o f i n f o r m a t i o n s d i e n s t W i s s e n s c h a f t
is leading to speculation about new
models o computing, the technology’s
overhead remains a core challenge.
Recent advances in hardware andsotware have been removing some o
the perormance concerns associated
with virtualization, but the goal is toeliminate the perormance gap alto-
gether. “We are not there yet, but what you’re going to see is enhancementsin processors and other technolo-
gies to make the perormance gap go
away,” says Leendert van Doorn, whois a senior ellow at AMD and respon-
sible or AMD’s virtualization technol-
ogy, including the AMD virtualization
extensions in the company’s latestquad-core Opteron processor, which
are designed to reduce the peror-
mance overhead o sotware-based vir-
tualization. “The big problem with vir-tualization right now is perormance
guarantees,” he says. “I you have adatabase transaction requirement o a
ew milliseconds, it is very difcult to
provide that guarantee in a virtualizedenvironment.”
Still, van Doorn says he is confdent
that this overhead will be reduced in
the coming years with better hardwareand sotware support or virtualiza-
tion. Currently, overhead in virtual-
ized environments varies rom a ew percent to upward o 20%, a fgure that
van Doorn says depends on several
actors, including how the hypervisor
is implemented and whether the oper-ating system running atop the hypervi-
sor is aware that it is being virtualized.“The Holy Grail is to get near-nativeperormance,” he says. “We are get-
ting closer to that goal.”
In addition to the perormance is-sue, there remains the issue o man-
ageability in the data center and else-
where. “For the next generation, every big sotware company is working on
comprehensive management tools,”
says van Doorn. The goal is to deal with
a massive number o virtual machines
i r, llw gv vrlzpbl bddd
r frwr.
and eectively make global optimiza-
tion decisions or thousands o virtual
systems running in data centers or in
the hands o a large work orce. So-phisticated management tools will be
essential in the uture imagined by vir-
tualization’s proponents, who predictthat industry is moving toward a world
in which the technology is ubiquitous,and where all new machines will have
virtualization capabilities embedded
in frmware.
Certainly, says Citrix’s Pratt, allservers, desktops, laptops, smart-
phones, routers, storage arrays, and
anything else running sotware that
must be isolated rom other applica-tions will be virtualized. The result?
“The main noticeable thing will be
more trustworthy computing,” says
Pratt. Echoing this sentiment, Herrodpredicts that users won’t think about
virtualization as a dierent orm o computing. “It will seamlessly ft into
our notion o computing,” he says,
“enabling a much simpler and moreproductive experience or all o us.”
Bed in lo angee, Kirk L. Kroeker i freeneeditor nd writer peiizing in iene nd tenoogy.steven hnd, citrix, nd cr Wdpurger, Vmwre,ited in te deveopent of ti rtie.
Obituaries
In Memoriam
t wrd cmur sccrcy s w smdmmbrs: ovr G. Srdg, w dd 82, d ig Wgr, 57.
Srdg, ws crr cudd ss Mit,
BBn, d Gte
lbrrs, s wdy rgrdd s dg r fd rfcgc d
r mc rc.“i rsc rsrc 1950s,” sys erc hrvz,rsd amrc assc arfcigc, “ rducd dckd ky rbms rw w kw mcrg rsrcrs, cudg cgs src d
mz vr rgrmr scs, ur
df d sc,ddcs mg vrbs,d usurvsd rg—rg wu xc ccss sgs bu succss vrsusur.”
i 1956, Srdg, wur cgus, rgzd
crc Drmu Cg d cr fd rfc gc. ads 1958 r, “pdmum: a prdgm r lrg,” s cssc ai rs ssy rvds bur r mcrg rsrc.
“t pdmum wrk rducd dsrbud mdr r rcg, wr cmmuy rcg ‘dms’ r gs w dr cmcs d ucsrrm dr subsks r cmbd
f swrs r bvrs,”hrvz s. “Rr
bg dcrd d md fxd, gs d r wrks cmmuccud vv w xrc.
“Fr dcds, ovr cmmucd xcg vs wr cmurs wud dy r r um s
d c sss wu d r dd xrss rbms,” sys hrvz. “Suc vs s vvd b cr rsrc um-cmur rc.”
ig Wgr, rssr cmur scc tcc Uvrsy Drmud, s w kw r sgrudbrkg wrk cmxy ry. h wr r mr mgrs,The Complexity of Boolean Functions (1987) d Branching Programsand Binary Decision Diagrams
(2000). i ry 1990s, wrkd rm yss
murscs, d scvc mzgrms bsd murscs, k vury grms d smudg, sud b sudd w mds rm
ry
fc grms dcmxy ry. Wgr’s w,rcrc
rducd rududrsdg ms suc murscs.
Wgr ws d mmbr Grm Cuc Scc d hums, dg scfc dvsry cmm Grmgvrm, 2004, d w Krd-Zus-Md,
Grmy’s ms rsguscmur scc wrd, 2006.