Disaggregated heterogeneous data centers promise higher efficiency, lower total cost of ownership, and more flexibility for data center operators. However, current software stacks can levy a high tax on application performance. Applications and OSes are designed for systems where local PCIe-connected devices are centrally managed by CPUs, but this centralization introduces unnecessary messages through the shared data center network in a disaggregated system.

Programming and deployment models for cloud native applications have shifted from virtual machines (VMs), to container-based microservices, and now serverless function-as-service (FaaS) applications, yet security concerns for cloud native applications remain. Tenants must trust bespoke and opaque software security mechanisms in large cloud stacks; cloud providers must protect themselves from untrusted tenant code with heavy-weight mechanisms.

The rise in popularity of machine learning, streaming, and latency-sensitive online applications in shared production clusters has raised new challenges for cluster schedulers. To optimize their performance and resilience, these applications require precise control of their placements, by means of complex constraints, e.g., to collocate or separate their long-running containers across groups of nodes.

Real-time stream data has begun to play an increasingly important role on the Internet. One of the causes for this is the proliferation of geographically-distributed stream data sources such as sensor networks, scientific instruments, pervasive computing environments and web feeds connected to the Internet. Potentially millions of users world-wide want to take advantage of the availability of this data. Therefore they require a convenient way to process real-time stream data at a global scale through applications that perform Internet-scale stream processing (ISSP).

Ukairo (うかいろ) 1. (noun) detour; diversion; alternative route, in Japanese

In contrast to traditional group communication systems, publish/subscribe systems focus on scalability and to that end sacrifice strong semantics. Membership is typically one aspect of publish/subscribe systems that is associated with weak semantics because view control mechanisms can easily become a bottleneck with increasing numbers of participants, especially as these join and leave frequently. Anonymity among participants in publish/subscribe communication is viewed as one of the main contributors to scalability next to asynchrony.

Mobile devices are becoming pervasive, yet a persistent gap in hardware capabilities still separates them from desktop machines. To bridge this gap, recent research has turned to cloud-assisted execution as a way of leveraging remote resources to enhance application performance. Code-offloading systems automatically partition applications across resource-constrained devices and more powerful remote nodes to improve execution. Existing approaches, however, only focus on compute resources, ignoring memory and network limitations in mobile environments.

Cloud computing aims to revolutionise traditional ways of service delivery. Security considerations, however, are a practical obstacle for its adoption. Cloud providers consolidate data from multiple services, which may result in wide-spread data disclosure when their security is compromised. While cloud tenants can be isolated through virtualisation, virtual networks and compartmentalised storage, the implementations of these features may contain vulnerabilities themselves, breaching data confinement.

In cloud environments, security is a major concern to organisations that
must comply with strict confidentiality and integrity policies. Security has
emerged as a commercial imperative for cloud computing across a wide range of
applications domains. The lack of principled security guarantees therefore
becomes the primary barrier to the broad adoption of cloud computing.

This project is focused on networking in the datacentre.  It aims to optimse network traffic based upon knowledge about the applications creating that traffic. This allows sophisticated mechanisms to be implemented in the network, for example custom routing protocols, traffic filtering, streaming processing of data and key-value stores. We term this approach as “Network-as-a-Service”. By modifying the content of packets on-path, they can efficiently implement advanced, application-specific network services, such as in-network data aggregation and smart caching.