怎么没有人知道吗????
我来一点吧,
The increasing availability of network-based services
and the growing popularity of mobile computing
has resulted in an increased demand for execution
“sandboxes”—environments that support differentiated
service and impose irrevocable restrictions on resource
usage. For instance, the execution environment can ensure
qualitative restrictions such as permitting an application
component to only access certain portions of
the file system (e.g., c:ntemp), and quantitative restrictions
such as limiting the component to 20% of
CPU share. These qualitative and quantitative restrictions
and are desirable for the wider deployment of distributed
component-based applications.
Existing approaches for enforcing qualitative and
quantitative restrictions on resource usage rely on
kernel support [JLDB95, MST94], binary modification
[WLAG93], or active interception of the application’s
interactions with the operating system
(OS) [BG99, ET99, GWTB96]. The kernel approaches
are general-purpose but require extensive modifications
to OS structure, limiting their applicability for expressing
flexible resource control policies. The remainder of
the approaches rely on deciding for each application interaction
with the underlying system whether or not to
permit this interaction to proceed; consequently, they
provide qualitative restrictions (such as whether or not a
file-reading operation should be allowed), but are unable
to handle most kinds of quantitative restrictions, particularly
since usage of some resources (e.g., the CPU) does
not require explicit application requests.
This paper presents a user-level sandboxing approach for
enforcing quantitative restrictions on application’s resource
usage. Our approach actively monitors the application’s
interactions with the underlying system, proactively
controlling them to enforce the desired behavior.
Our strategy recognizes that application access to system
resources can be modeled as a sequence of requests
spread out over time. These requests can be either implicit
such as for a physical memory page, or explicit
such as for disk access.1 This observation provides two
alternatives for constraining resource utilization over a
time window: either control the resources available to
the application at the point of the request or control the
time interval between resource requests. In both cases
and for all kinds of resources, the specific control is in-
fluenced by the extent to which the application has exceeded
or fallen behind a progress metric. The latter
represents an estimate of the resource consumption of
the application program.
老师给的资料,看的我头大;作者: 飛鳥 时间: 2005-3-9 22:54 标题: [讨论]大家来讨论 一下 sandbox 吧!
没能弄明白`~偶太菜了`~汗.....作者: x86 时间: 2005-3-10 13:09 标题: [讨论]大家来讨论 一下 sandbox 吧!