Search for: All records

In cloud-native environments, containers are often deployed within lightweight virtual machines (VMs) to ensure strong security isolation and privacy protection. With the growing demand for customized cloud services, third-party vendors are turning to infrastructure-as-a-service (IaaS) cloud providers to build their own cloud-native platforms, necessitating the need to run a VM or a guest that hosts containers inside another VM instance leased from an IaaS cloud. State-of-the-art nested virtualization in the x86 architecture relies heavily on the host hypervisor to expose hardware virtualization support to the guest hypervisor, not only complicating cloud management but also raising concerns about an increased attack surface at the host hypervisor. This paper presents the design and implementation of PVM, a high-performance guest hypervisor for KVM that is transparent to the host hypervisor and assumes no hardware virtualization support. PVM leverages two key designs: 1) a minimal shared memory region between the guest and guest hypervisor to facilitate state transition between different privilege levels and 2) an efficient shadow page table design to reduce the cost of memory virtualization. PVM has been adopted by a major IaaS cloud provider for hosting tens of thousands of secure containers on a daily basis. Our experiments demonstrate that PVM significantly outperforms current nested virtualization in KVM for memory virtualization, particularly for concurrent workloads, while maintaining comparable performance in CPU and I/O virtualization. 

Mobility data captures the locations of moving objects such as humans, animals, and cars. With the availability of Global Positioning System (GPS)–equipped mobile devices and other inexpensive location-tracking technologies, mobility data is collected ubiquitously. In recent years, the use of mobility data has demonstrated a significant impact in various domains, including traffic management, urban planning, and health sciences. In this article, we present the domain of mobility data science. Towards a unified approach to mobility data science, we present a pipeline having the following components: mobility data collection, cleaning, analysis, management, and privacy. For each of these components, we explain how mobility data science differs from general data science, we survey the current state-of-the-art, and describe open challenges for the research community in the coming years. 

Abstract The omicron variant of severe acute respiratory syndrome coronavirus 2 (SARS‐CoV‐2) characterized by 30 mutations in its spike protein, has rapidly spread worldwide since November 2021, significantly exacerbating the ongoing COVID‐19 pandemic. In order to investigate the relationship between these mutations and the variant's high transmissibility, we conducted a systematic analysis of the mutational effect on spike–angiotensin‐converting enzyme‐2 (ACE2) interactions and explored the structural/energy correlation of key mutations, utilizing a reliable coarse‐grained model. Our study extended beyond the receptor‐binding domain (RBD) of spike trimer through comprehensive modeling of the full‐length spike trimer rather than just the RBD. Our free‐energy calculation revealed that the enhanced binding affinity between the spike protein and the ACE2 receptor is correlated with the increased structural stability of the isolated spike protein, thus explaining the omicron variant's heightened transmissibility. The conclusion was supported by our experimental analyses involving the expression and purification of the full‐length spike trimer. Furthermore, the energy decomposition analysis established those electrostatic interactions make major contributions to this effect. We categorized the mutations into four groups and established an analytical framework that can be employed in studying future mutations. Additionally, our calculations rationalized the reduced affinity of the omicron variant towards most available therapeutic neutralizing antibodies, when compared with the wild type. By providing concrete experimental data and offering a solid explanation, this study contributes to a better understanding of the relationship between theories and observations and lays the foundation for future investigations.