491 research outputs found
Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments
Decentralized systems are a subset of distributed systems where multiple
authorities control different components and no authority is fully trusted by
all. This implies that any component in a decentralized system is potentially
adversarial. We revise fifteen years of research on decentralization and
privacy, and provide an overview of key systems, as well as key insights for
designers of future systems. We show that decentralized designs can enhance
privacy, integrity, and availability but also require careful trade-offs in
terms of system complexity, properties provided, and degree of
decentralization. These trade-offs need to be understood and navigated by
designers. We argue that a combination of insights from cryptography,
distributed systems, and mechanism design, aligned with the development of
adequate incentives, are necessary to build scalable and successful
privacy-preserving decentralized systems
GRIDKIT: Pluggable overlay networks for Grid computing
A `second generation' approach to the provision of Grid middleware is now emerging which is built on service-oriented architecture and web services standards and technologies. However, advanced Grid applications have significant demands that are not addressed by present-day web services platforms. As one prime example, current platforms do not support the rich diversity of communication `interaction types' that are demanded by advanced applications (e.g. publish-subscribe, media streaming, peer-to-peer interaction). In the paper we describe the Gridkit middleware which augments the basic service-oriented architecture to address this particular deficiency. We particularly focus on the communications infrastructure support required to support multiple interaction types in a unified, principled and extensible manner-which we present in terms of the novel concept of pluggable overlay networks
Collaborative internet worm containment
Large-scale worm outbrakes that leads to distributed denial-of-dervice attacks pose a major threat to internet infrastructure security. To prevent computers from such attacks deployment of fast, scalable security overlay networks based on distributed hash tables to facilitate high-speed intrusion detection and alert-information exchange are proposed. An effective system for worm detection and cyberspace defence must have robustness, cooperation among multiple sites, responsiveness to unexpected worms and efficiency and scalability. Deployment of collaborative WormShield monitors on just 1 percent of the vulnerable edge networks can detect worm signatures roughly 10 times faster than with independent monitors.published_or_final_versio
File management in a mobile DHT-based P2P environment
The emergence of mobile P2P systems is largely due to the evolution of mobile devices into powerful information processing units. The relatively structured context that results from the mapping of mobile patterns of behaviour onto P2P models is however constrained by the vulnerabilities of P2P networks and the inherent limitations of mobile devices. Whilst the implementation of P2P models gives rise to security and reliability issues, the deployment of mobile devices is subject to efficiency constraints. This paper presents the development and deployment of a mobile P2P system based on distributed hash tables (DHT). The secure, reliable and efficient dispersal of files is taken as an application. Reliability was addressed by providing two methods for file dispersal: replication and erasure coding. Security constraints were catered for by incorporating an authentication mechanism and three encryption schemes. Lightweight versions of various algorithms were selected in order to attend to efficiency requirements
Data Storage and Dissemination in Pervasive Edge Computing Environments
Nowadays, smart mobile devices generate huge amounts of data in all sorts of gatherings.
Much of that data has localized and ephemeral interest, but can be of great use if shared
among co-located devices. However, mobile devices often experience poor connectivity,
leading to availability issues if application storage and logic are fully delegated to a
remote cloud infrastructure. In turn, the edge computing paradigm pushes computations
and storage beyond the data center, closer to end-user devices where data is generated
and consumed. Hence, enabling the execution of certain components of edge-enabled
systems directly and cooperatively on edge devices.
This thesis focuses on the design and evaluation of resilient and efficient data storage
and dissemination solutions for pervasive edge computing environments, operating with
or without access to the network infrastructure. In line with this dichotomy, our goal can
be divided into two specific scenarios. The first one is related to the absence of network
infrastructure and the provision of a transient data storage and dissemination system
for networks of co-located mobile devices. The second one relates with the existence of
network infrastructure access and the corresponding edge computing capabilities.
First, the thesis presents time-aware reactive storage (TARS), a reactive data storage
and dissemination model with intrinsic time-awareness, that exploits synergies between
the storage substrate and the publish/subscribe paradigm, and allows queries within a
specific time scope. Next, it describes in more detail: i) Thyme, a data storage and dis-
semination system for wireless edge environments, implementing TARS; ii) Parsley, a
flexible and resilient group-based distributed hash table with preemptive peer relocation
and a dynamic data sharding mechanism; and iii) Thyme GardenBed, a framework
for data storage and dissemination across multi-region edge networks, that makes use of
both device-to-device and edge interactions.
The developed solutions present low overheads, while providing adequate response
times for interactive usage and low energy consumption, proving to be practical in a
variety of situations. They also display good load balancing and fault tolerance properties.Resumo
Hoje em dia, os dispositivos mĂłveis inteligentes geram grandes quantidades de dados
em todos os tipos de aglomeraçÔes de pessoas. Muitos desses dados tĂȘm interesse loca-
lizado e efĂȘmero, mas podem ser de grande utilidade se partilhados entre dispositivos
co-localizados. No entanto, os dispositivos mĂłveis muitas vezes experienciam fraca co-
nectividade, levando a problemas de disponibilidade se o armazenamento e a lĂłgica das
aplicaçÔes forem totalmente delegados numa infraestrutura remota na nuvem. Por sua
vez, o paradigma de computação na periferia da rede leva as computaçÔes e o armazena-
mento para além dos centros de dados, para mais perto dos dispositivos dos utilizadores
finais onde os dados são gerados e consumidos. Assim, permitindo a execução de certos
componentes de sistemas direta e cooperativamente em dispositivos na periferia da rede.
Esta tese foca-se no desenho e avaliação de soluçÔes resilientes e eficientes para arma-
zenamento e disseminação de dados em ambientes pervasivos de computação na periferia
da rede, operando com ou sem acesso Ă infraestrutura de rede. Em linha com esta dico-
tomia, o nosso objetivo pode ser dividido em dois cenĂĄrios especĂficos. O primeiro estĂĄ
relacionado com a ausĂȘncia de infraestrutura de rede e o fornecimento de um sistema
efĂȘmero de armazenamento e disseminação de dados para redes de dispositivos mĂłveis
co-localizados. O segundo diz respeito Ă existĂȘncia de acesso Ă infraestrutura de rede e
aos recursos de computação na periferia da rede correspondentes.
Primeiramente, a tese apresenta armazenamento reativo ciente do tempo (ARCT), um
modelo reativo de armazenamento e disseminação de dados com percepção intrĂnseca
do tempo, que explora sinergias entre o substrato de armazenamento e o paradigma pu-
blicação/subscrição, e permite consultas num escopo de tempo especĂfico. De seguida,
descreve em mais detalhe: i) Thyme, um sistema de armazenamento e disseminação de
dados para ambientes sem fios na periferia da rede, que implementa ARCT; ii) Pars-
ley, uma tabela de dispersĂŁo distribuĂda flexĂvel e resiliente baseada em grupos, com
realocação preventiva de nós e um mecanismo de particionamento dinùmico de dados; e
iii) Thyme GardenBed, um sistema para armazenamento e disseminação de dados em
redes multi-regionais na periferia da rede, que faz uso de interaçÔes entre dispositivos e
com a periferia da rede.
As soluçÔes desenvolvidas apresentam baixos custos, proporcionando tempos de res-
posta adequados para uso interativo e baixo consumo de energia, demonstrando serem
pråticas nas mais diversas situaçÔes. Estas soluçÔes também exibem boas propriedades de balanceamento de carga e tolerùncia a faltas
The simplicity project: easing the burden of using complex and heterogeneous ICT devices and services
As of today, to exploit the variety of different "services", users need to configure each of their devices by using different procedures and need to explicitly select among heterogeneous access technologies and protocols. In addition to that, users are authenticated and charged by different means. The lack of implicit human computer interaction, context-awareness and standardisation places an enormous burden of complexity on the shoulders of the final users. The IST-Simplicity project aims at leveraging such problems by: i) automatically creating and customizing a user communication space; ii) adapting services to user terminal characteristics and to users preferences; iii) orchestrating network capabilities. The aim of this paper is to present the technical framework of the IST-Simplicity project. This paper is a thorough analysis and qualitative evaluation of the different technologies, standards and works presented in the literature related to the Simplicity system to be developed
Enabling Social Applications via Decentralized Social Data Management
An unprecedented information wealth produced by online social networks,
further augmented by location/collocation data, is currently fragmented across
different proprietary services. Combined, it can accurately represent the
social world and enable novel socially-aware applications. We present
Prometheus, a socially-aware peer-to-peer service that collects social
information from multiple sources into a multigraph managed in a decentralized
fashion on user-contributed nodes, and exposes it through an interface
implementing non-trivial social inferences while complying with user-defined
access policies. Simulations and experiments on PlanetLab with emulated
application workloads show the system exhibits good end-to-end response time,
low communication overhead and resilience to malicious attacks.Comment: 27 pages, single ACM column, 9 figures, accepted in Special Issue of
Foundations of Social Computing, ACM Transactions on Internet Technolog
Intelligent query processing in P2P networks: semantic issues and routing algorithms
P2P networks have become a commonly used way of disseminating content on the Internet. In this context, constructing efficient and distributed P2P routing algorithms for complex environments that include a huge number of distributed nodes with different computing and network capabilities is a major challenge. In the last years, query routing algorithms have evolved by taking into account different features (provenance, nodes' history, topic similarity, etc.). Such features are usually stored in auxiliary data structures (tables, matrices, etc.), which provide an extra knowledge engineering layer on top of the network, resulting in an added semantic value for specifying algorithms for efficient query routing. This article examines the main existing algorithms for query routing in unstructured P2P networks in which semantic aspects play a major role. A general comparative analysis is included, associated with a taxonomy of P2P networks based on their degree of decentralization and the different approaches adopted to exploit the available semantic aspects.Fil: Nicolini, Ana LucĂa. Consejo Nacional de Investigaciones CientĂficas y TĂ©cnicas. Centro CientĂfico TecnolĂłgico Conicet - BahĂa Blanca. Instituto de Ciencias e IngenierĂa de la ComputaciĂłn. Universidad Nacional del Sur. Departamento de Ciencias e IngenierĂa de la ComputaciĂłn. Instituto de Ciencias e IngenierĂa de la ComputaciĂłn; ArgentinaFil: Lorenzetti, Carlos Martin. Consejo Nacional de Investigaciones CientĂficas y TĂ©cnicas. Centro CientĂfico TecnolĂłgico Conicet - BahĂa Blanca. Instituto de Ciencias e IngenierĂa de la ComputaciĂłn. Universidad Nacional del Sur. Departamento de Ciencias e IngenierĂa de la ComputaciĂłn. Instituto de Ciencias e IngenierĂa de la ComputaciĂłn; ArgentinaFil: Maguitman, Ana Gabriela. Consejo Nacional de Investigaciones CientĂficas y TĂ©cnicas. Centro CientĂfico TecnolĂłgico Conicet - BahĂa Blanca. Instituto de Ciencias e IngenierĂa de la ComputaciĂłn. Universidad Nacional del Sur. Departamento de Ciencias e IngenierĂa de la ComputaciĂłn. Instituto de Ciencias e IngenierĂa de la ComputaciĂłn; ArgentinaFil: Chesñevar, Carlos IvĂĄn. Consejo Nacional de Investigaciones CientĂficas y TĂ©cnicas. Centro CientĂfico TecnolĂłgico Conicet - BahĂa Blanca. Instituto de Ciencias e IngenierĂa de la ComputaciĂłn. Universidad Nacional del Sur. Departamento de Ciencias e IngenierĂa de la ComputaciĂłn. Instituto de Ciencias e IngenierĂa de la ComputaciĂłn; Argentin
- âŠ