【作者】 刘云新；

【导师】 张申生； 张永光；

【作者基本信息】 上海交通大学 ， 计算机应用技术， 2011， 博士

【摘要】 随着PC市场的逐渐饱和,“后PC”时代正在到来。上网本,智能手机,平板电脑,音乐播放器,掌上游戏机等各种新型便携式移动设备不断涌现,成为新一代移动计算平台。其中智能手机和平板电脑的发展更是十分迅速,不仅用户数量巨大,而且硬件功能日益强大,软件应用层出不穷,已经成为人们日常生活中不可或缺的一部分。然而,随着各种移动设备的快速发展,它们也面临着诸多的问题和挑战。例如,软硬件功能的不断增加导致了整个系统越来越复杂,也越来越不稳定。各种针对手机等设备的病毒,木马,恶意软件和间谍软件日益增多,威胁人们的隐私和信息安全。强大的功能伴随着对功耗的高需求,而电池技术发展缓慢,制约了更多应用的发展。用户的数据分布在不同的设备上,管理这些设备和数据变得越来越不方便,等等。本文研究了如何通过系统虚拟化技术来解决新一代移动计算平台上的关键问题,主要包括以下三个方面的内容。一、对系统可靠性和安全性的研究。本文研究了如何利用虚拟机技术来提高移动设备的可靠性和安全性。由于ARM是移动设备上最主要的硬件平台,本文研究了如何对ARM处理器和内存进行虚拟化,特别针对ARM平台设计和实现了一个虚拟机监控器,MobiVMM,能够在同一台物理设备上同时运行多个虚拟机。不同的虚拟机之间完全相互隔离,可以运行不同的操作系统。通过把不同的应用程序运行在不同的虚拟机中,可以大大提高整个系统的可靠性和安全性:即使某个虚拟机的运行出了严重的问题或者受到了攻击,其它的虚拟机仍然可以正常运行。除了研究对ARM体系结构进行虚拟化的基本问题以外,MobiVMM还考虑了移动设备的特点,强调了对系统资源的高效利用,并对实时性提供了一定的支持。MobiVMM是第一个专门为ARM平台从零设计的全新虚拟机监控器,具有代码简洁,使用系统资源少,功耗低,系统响应快等特点。二、对设备共享和用户隐私保护的研究。个人移动设备,特别是手机,是非常私人化的设备,往往存储了大量的私人数据,比如通话记录,短信,联系人,照片和视频等。当和其他人共享个人设备时,这些隐私数据必须得到有效的保护。而现有的设备不能对隐私保护提供足够的支持。本文对设备共享问题进行了深入的研究并第一个设计实现了xShare系统来保护设备共享中的用户隐私。xShare通过操作系统层面的虚拟化技术来在设备共享时对用户的隐私数据进行有效的保护。xShare可以在操作系统中动态创建一个虚拟运行环境来用于设备共享。在该虚拟环境下,只有那些被设备主人共享了的数据和应用程序才是可见的,从而保护了那些没有共享的隐私数据。xShare系统实现具有很好的系统性能和易用性,能够满足用户在共享设备时保护用户隐私的实际需要。xShare的研究成果发表在了国际会议MobiSys上,并作为该年5篇最佳论文之一被邀请到IEEE的Transactions on Mobile Computing (TMC)杂志上发表。其扩展版本进一步被选为IEEE TMC杂志当期的焦点文章。三、对跨设备用户计算环境的研究。很多用户都在日常生活中使用不同的计算设备。这些设备位于不同的地方,具有不同的操作环境,运行不同的应用程序并且存储不同的数据。用户需要花费大量的时间和精力来管理这些设备和它们上面的数据。为了解决这一问题,本文研究了如何通过应用程序虚拟化技术来创建一个跨设备的用户计算环境,从而用户可以在不同的设备上使用同样的应用程序和访问同样的数据。本文进而设计并实现了DevicePort系统,能够把用户已经安装使用的应用程序和底层的操作系统系统分离开来,可以在不同的设备之间对这些应用程序进行迁移。DevicePort能够迁移包括微软办公套件在内的大多数日常使用的应用程序并以它们原有的性能运行这些应用程序。和基于虚拟机的方法相比,DevicePort具有更小的应用程序启动延迟和更少的处理器开销,而且更容易部署使用。这三个方面的研究分别涵盖了三个不同层面的系统虚拟化技术:硬件级别的虚拟化,操作系统级别的虚拟化,以及应用程序级别的虚拟化。围绕着新一代移动计算平台中的实际问题,本文都设计实现了实际可用的系统,并进行了全面详尽的评测。通过这些研究和创新,本文为解决新一代移动计算平台中的更多问题提供了新的思路和参考。更多还原

【Abstract】 With the saturation of the PC market, the era of“Post PC”is coming. Various mobile devices, such as netbooks, smartphones, tablet PCs, music players and portable game consoles, are increasingly popular and have become the new generation platform for mobile computing. In particular, the advances of smartphone and tablet PC are phenomenal: they have a huge number of users, very powerful hardware and rich applications, and play a significant role in people’s daily life.However, these new mobile devices are also facing many problems and challenges. For example, with more hardware components and applications are integrated together, the whole system becomes increasingly complicated and unrealiable. More and more viruses, Trojans horses, malware and spyware are targeting at smartphones and tablet PCs, imposing threats on user privacy and information security. Powerful funcationalities require high power consumption but battery technologies advance slowly, which limits many applications. User data are distributed on different devices, making it hard for users to manage their devices and data, etc.This paper studies how to leverage system virtualization technologies to solve the key problems on the new generation mobile computing platform, including the following three main parts.1. System reliabity and security. This paper studied how to leverage virtual machine techniques to improve the reliability and security of mobile devices. As ARM is the most popular architecture for mobile devices, this paper studied how to do virtualization for ARM CPU and memory, and designed and implemented a virtual machine monitor for ARM platform, called MobiVMM, to simultanesouly run multiple virtual machines on a single physical ARM device. Different virtual machines are strongly isolated and can run different operating systems. By running different applications in different virtual machines, the realiabilty and security of the whole system can be significantly improved: even if a virtual machine crashes or is attacked, other virtual machines can still run smoothly. Besides studying how to virtualize ARM architecture, MobiVMM is specially designed for mobile devices. It emphases efficient utilization on various system resources and provides support for real-time. MobiVMM is the first VMM designed for ARM architecture from scratch. It has small code base, high power efficiency and fast system response time.2. User privacy protection in device sharing. Mobile devices, particularly mobile phones, are truely personal devices and often store various personal data, such as call history, text messages, contacts, photos and videos. When sharing a mobile device with other people, these private data must be protected. Yet existing mobile devices cannot provide sufficient support in privacy protection. This paper deeply studied the user behaviors in device sharing and designed and implemented the first solution, called xShare, to protect user privacy in device sharing. xShare leverages operating system level virtualization to protect user privacy in device sharing. It can dynamically create a virtual running environment inside the operating system for device sharing. In the virtual running environment, only those data and applications which are explicitly shared by the device owner are visible. Consequently, the unshared private data are effectively protected. The system implementation of xShare has good performance, is easy to use, and can meet the real needs for users to protect their privacy in device sharing. xShare was published in Mobisys and invited to IEEE Transactions on Mobile Computing (TMC) as one of the five best papers. The extended version was further selected as the spotlight paper of the issue of IEEE TMC.3. Portable user computing environment. Many users use multiple computing devices in their daily life. Those devices locate in different places, have different system settings, run different applications, and store different user data. As a result, users have to spend significant time and effort to manage those devices and their data. To solve this problem, this paper studied how to leverage application virtualization to create a portable user computing environment, so that users can use the same applications and access the same data on different devices. This paper further designed and implemented DevicePort system, which is able to decouple the already-in-use applications from the underlying operating system and make them portable across different devices. The system implementation of DevicePort can support a large number of everyday applications and run them in their native speed, and is easy to deploy. Compared with the VM-based solutions, DevicePort has significant performance improvements in terms of both application launch latency and CPU usage, and is much easier to use.The above three parts cover system virtualization technologies in there different layers: the hardware level virtualization, the operating system level virtualization, and the application level virtualization. To solve the practical problems on the new generation platform of mobile computing, real systems are designed and implemented and complehensive evaluations are performed. With the above research and innovations, this paper provides new insights and directions for solving more problems on the new generation mobile computing platform.更多还原