Giorgos Kappes

Postdoctoral Researcher at Computer Systems Lab, UOI

Profile

I am a Postdoctoral Researcher at the Department of Computer Science and Engineering at the University of Ioannina in Greece.

I am Giorgos E. Kappes from Ioannina, Greece and, currently, I am a Postdoctoral Researcher at the Computer Systems Lab (CSL) of the University of Ioannina. I am also a co-founder of Polytropo Systems.
I have extensive experience in conducting research in Computer Systems. My research includes the design, development, and evaluation of system software for multi-tenant cloud environments. My research interests include operating systems, computer architecture, data storage, and systems security. I am also an expert in deployment and administration of enterprise-level IT infrastructure with over ten years of hands-on experience.

I hold a PhD in Computer Science, an MSc in Computer Systems, and a BSc degree from the Department of Computer Science and Engineering, I completed my PhD and MSc under the supervision of Prof. Stergios Anastasiadis. In our research we studied approaches for efficient, effective, and secure support of multitenancy in the datacenters of modern cloud environments.
For more information about me, you can find my short resume in English, or my extensive corriculum vitae in Greek, and English.
You can also check my github, and gitlab profiles for a list of open source projects that I've contributed on.

Entrepreneurship

Polytropo Systems is a deep-tech startup spun out of the University of Ioannina, developing cutting-edge systems software that boosts the serving capacity of cloud infrastructures for data-intensive applications.

From Research to Real-World. Our technology originated in academic research and was officially approved as a university spin-off by the Governing Council of the University of Ioannina. Our innovation has been published in top-tier peer-reviewed venues and patented in the United States, with the University holding 30% of ownership.

Isolation and Performance: The Holy Grail of Cloud Computing. Commercial applications typically run on computing facilities consisting of numerous machines privately owned by a company or offered as public service by a cloud provider. The computing cost is lowered with an infrastructure that is shared across multiple applications to improve the hardware utilization and reduce the capital and operation expenditure. The existing resource virtualization techniques either introduce overheads that reduce the system capacity or limit the performance and security isolation among competing tenants. Also, the operating system causes excessive delays in data-intensive applications, which reduces the user-perceived performance.

Solution and Product. Our core product is Diciclo, a systems framework that redefines how tenants interact with I/O services in shared computing inrastructures. Unlike traditional architectures, Diciclo relocates critical system services outside the operating system, offering stronger performance and security isolation between tenants, reduced overheads from virtualization, improved throughput and latency under high utilization. The Diciclo framework intercepts the requests of application to I/O services (e.g., the filesystem) and transfers them to system services running outside the operating system. Our solution permits both the efficient transfer of the control and data traffic from the application to the services at user level and the execution of the services at user level. Our framework permits each tenant of a shared infrastructure to run its own services on each machine and be isolated from the other tenants. Additionally, the framework enables each tenant to rely less on the operating system and as a result to be less vulnerable to potential attacks or software bugs of the shared system software. We have experimentally shown that our technology improves substantially the utilization of the hardware resources that run data-intensive applications in cloud infrastructures. Thus, a business can reduce the capital investment and operation costs to serve a number of users. As a result, a business can become more competitive and offer better prices for its products to a broad user base consisting of business customers or individuals. Our technique affects a wide range of applications across several industries that critically rely on computing to serve their users. Our product consists of systems software and configuration that our customers run between the unmodified applications and the existing data storage infrastructure.

Innovation and Scalability. We develop innovative systems software that improves the efficiency of the IT infrastructures with direct benefit to the capital and operation expenditure of our customers. It also allows cloud providers and system vendors to offer products that require fewer hardware resources for a particular capacity of users or applications. Thus, they improve their competitiveness and offer products or services at lower costs. Our unique value proposition is the offering of systems software that our customers run between the applications and the storage infrastructure to achieve efficiency, performance and security. Our product is compatible with existing standard system interfaces and complements the products of data storage vendors. We do not replace the existing storage systems but enhance them with efficient client software at the application side. We foresee the industry to remain cost-sensitive for the upcoming years due to the potential geopolitical risks and inflation surge. Our product can address the rising cost of the IT infrastructure by improving the operation efficiency and reducing the overheads from the virtualization software or the operating system. Additionally, it improves the performance and security stability by serving the tenants through private system services.

Elevate Greece. We are happy to announce that Polytropo Systems is part of Elevate Greece. Elevate Greece is an initiative launched by the Greek Government, intended to identify promising startups and support their growth nurturing a robust innovation ecosystem along the way. You may find our profile in the Startup registry of Elevate Greece here.

Research

My main research interests lie in the fields of operating systems, computer architecture, data storage, and systems security. However, I am interested in pretty much everything to do with computer systems. Following are some of the projects that I have worked on:

User-level Services for Multitenant Isolation. The focus of this project is to enable multiple tenants to efficiently and securely share the computing, storage, and network infrastructure of the datacenter and reduce the conention for shared resources. To this end, we take the radical approach of moving the data-intensive I/O services at user level from the shared kernel, in order to serve the containers of competing tenants over the same cloud machines. Our contributions consist of innovative methods to handle POSIX-like system calls at user level through a library, the producer-consumer transfer of data and requests over shared memory with efficient memory copy and relaxed lock-free queues, the construction of stacked user-level I/O services, and a multitenant access control mechanism built natively into a distributed filesystem.

Relaxed Concurrent Queues. The producer-consumer communication over shared memory is a critical function of current scalable systems. Queues that provide low latency and high throughput on highly utilized systems can improve the overall performance perceived by the end users. In order to address this demand, we set as priority to achieve both high operation performance and item transfer speed. The Relaxed Concurrent Queues (RCQs) are a family of queues that we have designed and implemented for that purpose. Our key idea is a relaxed ordering model that splits the enqueue and dequeue operations into a stage of sequential assignment to a queue slot and a stage of concurrent execution across the slots. At each slot, we apply no order restrictions among the operations of the same type. We experimentally show that our algorithms achieve factors to orders of magnitude advantage over the state-of-the-art strict or relaxed queue algorithms.

Optimized memory copy. Critical operations are often implemented in roughly the same way across multiple platforms, but differently by software systems running on the same platform. This observation is arguably justified by the potential restrictions of each software system, but it is surprising given the operation sensitivity to numerous platform-specific software and hardware parameters. With initial focus on the memory copy operation (memcpy), we introduce a methodology based on exhaustive search to optimize the performance across different platforms. We design and implement the Asterope algorithm to experimentally generate optimal memcpy parameters for two x86-64 processor models from different vendors. With experiments on microbenchmarks and two production systems, we demonstrate that Asterope respectively achieves up to 2.4x and 1.9x higher function and system performance in comparison to using the Linux kernel memcpy.

Multitenant Access Control. Secure access control is a challenging problem that organizations face in collaborative virtual environments, which has prevented many of them from migrating critical data or applications into these environments. In our research we examined approaches for efficient and effective support of multitenancy in filesystems used in cloud environments. We introduced a system architecture that is backwards compatible to object-based filesystems, and combines native access control with namespace isolation. Our architecture securely isolates dfferent tenants, and enables flexible file sharing both within and among tenants. We developed a Linux-based prototype solution over Ceph and obtained encouraging experimental results about the scalability and low overhead of our design on a local cluster and on Amazon AWS.

Publications and Talks

Following is a list of my recent publications and invited talks:

Journal Papers

  • Giorgos Kappes, Stergios V. Anastasiadis, Diciclo: Flexible User-level Services for Efficient Multitenant Isolation, ACM Transactions on Computer Systems (TOCS), vol. 42, issue 1-2, May 2024, pg. 3:1-47. (ACM).
  • Giorgos Kappes, Stergios V. Anastasiadis, A Family of Relaxed Concurrent Queues for Low-latency Operations and Item Transfers, ACM Transactions on Parallel Computing (TOPC), vol. 9, no. 4, December 2022, pg. 16:1-16:37. (ACM).
  • Giorgos Kappes, Andromachi Hatzieleftheriou, Stergios V. Anastasiadis, Multitenant Access Control for Cloud-Aware Distributed Filesystems, IEEE Transactions on Dependable and Secure Computing (TDSC), Nov-Dec 2019, pg. 1070-1085. (IEEE, PDF).

Conference Papers

  • Giorgos Kappes, Stergios V. Anastasiadis, Faster FUSE Filesystems with Efficient Data Transfers, ACM SIGOPS Asia-Pacific Workshop on Systems (APSys), Kyoto, Japan, September 2024, pp. 122-129. (ACM).
  • Georgios C. Androutsopoulos, Giorgos Kappes, Stergios V. Anastasiadis, Quantifying the Security Profile of Linux Applications, 14th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2023), Seoul, South Korea (to appear). (Paper).
  • Giorgos Kappes, Stergios V. Anastasiadis, Danaus: Isolation and Efficiency of Container I/O at the Client Side of Network Storage, ACM/IFIP Middleware International Conference (Middleware 2021), Virtual Event, Quebec, Canada, December 2021. (Paper, Presentation).
  • Giorgos Kappes, Stergios V. Anastasiadis, Asterope: A Cross-Platform Optimization Method for Fast Memory Copy. 11th ACM Workshop on Programming Languages and Operating Systems (PLOS 2021), Virtual Event, October 2021. (Paper, Presentation).
  • Giorgos Kappes, Stergios V. Anastasiadis, A Lock-free Relaxed Concurrent Queue for Fast Work Distribution, ACM Principles and Practice of Parallel Programming 2021 (PPoPP '21), Virtual Event, Republic of Korea, February 2021, pp. 454-456. (Paper, Presentation, Poster).
  • Giorgos Kappes, Stergios V. Anastasiadis, A User-level Toolkit for Storage I/O Isolation on Multitenant Hosts, ACM Symposium on Cloud Computing 2020 (SoCC '20), Virtual Event, USA, October 2020, pp. 74-89. (Paper, Presentation).
  • Giorgos Kappes, Stergios V. Anastasiadis, Libservices: Dynamic Storage Provisioning for Multitenant I/O Isolation, 11th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2020), Virtual Event, Tsukuba, Japan, August 2020, pp. 33-41. (Paper, Presentation).
  • Giorgos Kappes, Andromachi Hatzieleftheriou, Stergios V. Anastasiadis, Virtualization-aware Access Control for Multitenant Filesystems, IEEE International Conference on Massive Storage Systems and Technology (MSST), Santa Clara, CA, USA, June 2014. (Paper, Presentation).

Magazines and Posters

  • Giorgos Kappes, Stergios V. Anastasiadis, Diciclo: Data-Intensive Container Isolation for Multitenant Clouds: Building user-level services for multitenant container storage, USENIX ;login:, December 2021, 7 pages. (Online, Paper).
  • Giorgos Kappes, Stergios V. Anastasiadis, A User-level Toolkit for Storage I/O Isolation on Multitenant Hosts, ACM Symposium on Cloud Computing 2020 (SoCC '20), Renton, WA, USA, (virtual conference), October 2020. (Poster).

Technical Reports

  • Giorgos Kappes, Andromachi Hatzieleftheriou, Stergios V. Anastasiadis, Dike: Virtualization-aware Access Control for Multitenant Filesystems. Technical Report DCS2013-1, Department of Computer Science, University of Ioannina, February 2013. (Paper).

PhD Dissertation

  • User-level Services for Multitenant Isolation. Giorgos Kappes, thesis supervisor: Stergios V. Anastasiadis. PhD Dissertation, Department of Computer Science and Engineering, University of Ioannina, Greece, June 2021. (Text).

Master's Thesis

  • Scalable Access Control for Secure Multi-Tenant Filesystems. Giorgos Kappes, thesis supervisor: Stergios V. Anastasiadis. Master Thesis, Department of Computer Science and Engineering, University of Ioannina, Greece, October 2013. (Text, Presentation).

BSc Thesis

  • Logging File Access Patterns for a More Efficient File Search on Filesystems. Giorgos Kappes, Eirini Micheli, thesis supervisor: Stergios V. Anastasiadis. BSc Thesis, Department of Computer Science and Engineering, University of Ioannina, Greece, October 2013. (Text in Greek).

Invited Talks

  • 15th TERENA TF-Storage Task Force Meeting, “Virtualization-aware Access Control for Multitenant Filesystems”, 22 September 2014. (Presentation).
    • .

Contact Me

Most likely you will find me at A34 office in the first floor of the department. If not, below is more information on how you can reach me.

I use GnuPG for email encryption and signing. I also use it to sign digital content that I create (such as code, documents, and my web pages). The ID of my personal GPG key is 0xD614E92E88507AE1. You can find the key on the SKS OpenPGP Public Key server and here: pubring, public key, fingerprint.
In case you would like to send me a confidential email, please use my key to secure it. Additionally, please sign the email with your signing key and provide me with your public key, so that I can verify your signature.

EMAIL
giorgos (at) giorgoskappes.com
g.kappes (at) uoi.gr
geokapp (at) gmail.com
PHONE
(+30) 2651008833
ADDRESS
Dep. of Computer Science and Engineering
University of Ioannina
Room A-34
45110 Ioannina, Greece

Copyright © 2013-2025 Giorgos Kappes.
All rights reserved.