Princeton S* Network Systems

Projects

Active projects of the SNS group include the following. We would like to acknowledge the generous support of the National Science Foundation, the Office of Naval Research, the GENI Product Office, Cisco Systems, and Princeton University.

CRAQ (Chain Replication with Apportioned Queries) is a data-center focused storage system capable of good availability, high throughput, and low latency, while providing a sliding scale of read consistency operations (from eventual to strong consistency guarantees). Special consideration is given to high-performance support for cross-data-center replication, using geo-diversity for performance and fault-tolerance reasons.

Prophecy explores the design space between high-throughput low-fault-tolerance EC systems and low-throughput high-fault-tolerance linearizable systems. Prophecy interfaces with high-fault-tolerance systems and slightly weakens consistency in exchange for a significant increase in throughput.

SCAFFOLD (Service-Centric Architecture For Flexible Object Localization and Distribution) is a new network architecture that argues for directly addressing (potentially distributed or replicated) objects or services, rather than hosts, and more tightly coupling naming and routing. Rather than employing ad-hoc techniques at various network layers, Scaffold directly focuses on handling the many kinds of churn — from failures, planned maintenance, load balancing, workload migration, and physical mobility — that arise in networked services.

CoralCDN is a self-organizing web content distribution network (CDN). Its goal was to enable content publishers to serve high demand, without requiring the need for dedicated hosting services. Publishing through CoralCDN is as simple as making a small change to a URL’s hostname; a decentralized DNS layer transparently directs browsers to nearby participating cache nodes, which in turn cooperate to minimize load on the origin webserver. CoralCDN has been publicly available on PlanetLab since March 2004, accounting for the majority of its bandwidth and serving requests from more than one million users (client IPs) per day.

Firecoral is a browser-based peer-to-peer content distribution network that enables mutually distrustful users to share their browser caches, yet ensures the authenticity of content and enables users to preserve privacy by expressing flexible content sharing policies.

Resource allocation in peer-assisted CDNs is being studied to characterize the efficiency and robustness gains that are enabled by price-based multilateral exchange, as opposed to bilateral exchanges such as BitTorrent. We are employing price theory to study how peer demand can be efficiently matched to available supply.

DONAR (DOmain Name Anycast Resolution) is an innovative DNS service that provides authoritative DNS hosting, using self-certifying update to avoid the need for prior registration. DONAR allows services to express their desired load splitting between deployment servers/sites, and it optimally resolves name requests to maintain these traffic engineering preferences while maintaining strong locality preferences. DONAR provides the DNS resolution services for the Measurement Lab.

Oasis (Overlay Anycast Service InfraStructure) is a shared locality-aware server selection infrastructure. OASIS is organized as an infrastructure overlay, providing high availability and scalability. At a high level, OASIS allows a service to register a list of servers, then answers the query, “Which server should the client contact?” Selection is primarily optimized for network locality, but also incorporates liveness and load. OASIS can, for instance, be used by CGI scripts to redirect clients to an appropriate web mirror. It can locate servers for IP anycast proxies, or it can select distributed SMTP servers in large email services.

Meru is designing and implementing an architecture for the virtual worlds of the future. It focuses on problems related to scalability, extensibility, federation, and security.

PDA (Privacy-preserving Data Aggregation) allows one to combine and analyze data collected by multiple parties in a privacy-preserving manner. Our system protocols leverage a novel cryptographic mechanism that provably protects the privacy of both participants and the keywords they upload. Scalability and performance is achieved through a “semi-centralized” architecture that divides responsibility between a proxy that obliviously blinds participant inputs and a database that identifies the (blinded) keywords that have values satisfying some evaluation function.