log in  |  register  |  feedback?  |  help  |  web accessibility
PhD Defense: Analytics of Configuration Management for System Administration
Yehuda Katz
IRB-4105
Monday, November 4, 2024, 3:00-4:30 pm
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)
Abstract
System administrators are usually trusted to be experts on the systems they control, yet security breaches and performance problems can often be traced to improper configuration by these same administrators. These configuration mistakes aren’t made deliberately and certainly not maliciously, but are usually due to a lack of information about the consequences and interactions of these settings. This problem becomes more apparent as the complexity of the software being configured grows and as the role of system administrator is taken on by more people with less time to develop a complete understanding of the systems they control. We call this *Uninformed Configuration*. There is a blind spot in existing scientific research when it comes to understanding the effects of configuration changes on system performance and security, which if well understood would allow for informed configuration management.

We present a new way to analyze and understand the effects of configuration management. We define a clear division between the operations of a program that are controlled by configuration and the operations of a program that are affected by the data the program is processing. This allows us to make more accurate inferences about how changing a configuration *knob* will affect the overall security and performance of the system. We build on existing static analysis tools and control flow representations originally designed for compiler optimization to build a clear picture of the effects of configuration changes. We refine the concept of understanding program execution paths with a control plane and data plane by focusing on the effects of configuration changes as a part of the control plane.

We provide a method for communicating the importance of each configuration knob to a system administrator using a standardized ranking and scoring system. We also apply these methods to configuration knobs with known performance and security effects in two commonly used pieces of software.

Finally, we discuss several future avenues of scientific research and practical work which will carry these ideas further to improve the state of configuration management.
Bio

Yehuda Katz is a PhD student advised by Ashok Agrawala. He started working on computers when he was in elementary school, and participated in the first year of the Computer Science Department's "Passport" program for high school students. He became interested in research through the many interactions with the faculty of the Computer Science Department through his undergraduate courses. He has also worked on the CS department's IT staff as well as enterprise IT systems outside the university, giving him a unique insight into both the worlds of system administration and Computer Science research. His research focuses on how to improve system design so that system administrators fully understand the systems they manage, and he now works on cybersecurity and system administration improvements for the federal government.

This talk is organized by Migo Gui