Transparent and scalable client-side server selection using netlets

Replication of web content in the Internet has been found to improve service response time, performance and reliability offered by web services. When working with such distributed server systems, the location of servers with respect to client nodes is found to affect service response time perceived by clients in addition to server load conditions. This is due to the characteristics of the network path segments through which client requests get routed. Hence, a number of researchers have advocated making server selection decisions at the client-side of the network. In this paper, we present a transparent approach for client-side server selection in the Internet using Netlet services. Netlets are autonomous, nomadic mobile software components which persist and roam in the network independently, providing predefined network services. In this application, Netlet based services embedded with intelligence to support server selection are deployed by servers close to potential client communities to setup dynamic service decision points within the network. An anycast address is used to identify available distributed decision points in the network. Each service decision point transparently directs client requests to the best performing server based on its in-built intelligence supported by real-time measurements from probes sent by the Netlet to each server. It is shown that the resulting system provides a client-side server selection solution which is server-customisable, scalable and fault transparent

Continuous client-side query evaluation over dynamic linked data

Existing solutions to query dynamic Linked Data sources extend the SPARQL language, and require continuous server processing for each query. Traditional SPARQL endpoints already accept highly expressive queries, so extending these endpoints for time-sensitive queries increases the server cost even further. To make continuous querying over dynamic Linked Data more affordable, we extend the low-cost Triple Pattern Fragments (TPF) interface with support for time-sensitive queries. In this paper, we introduce the TPF Query Streamer that allows clients to evaluate SPARQL queries with continuously updating results. Our experiments indicate that this extension significantly lowers the server complexity, at the expense of an increase in the execution time per query. We prove that by moving the complexity of continuously evaluating queries over dynamic Linked Data to the clients and thus increasing bandwidth usage, the cost at the server side is significantly reduced. Our results show that this solution makes real-time querying more scalable for a large amount of concurrent clients when compared to the alternatives

Policy-agnostic programming on the client-side

Browser security has become a major concern especially due to web pages becoming more complex. These web applications handle a lot of information, including sensitive data that may be vulnerable to attacks like data exfiltration, cross-site scripting (XSS), etc. Most modern browsers have security mechanisms in place to prevent such attacks but they still fall short in preventing more advanced attacks like evolved variants of data exfiltration. Moreover, there is no standard that is followed to implement security into the browser. A lot of research has been done in the field of information flow security that could prove to be helpful in solving the problem of securing the client-side. Policy- agnostic programming is a programming paradigm that aims to make implementation of information flow security in real world systems more flexible. In this paper, we explore the use of policy-agnostic programming on the client-side and how it will help prevent common client-side attacks. We verify our results through a client-side salary management application. We show a possible attack and how our solution would prevent such an attack

To Share or Not to Share in Client-Side Encrypted Clouds

With the advent of cloud computing, a number of cloud providers have arisen to provide Storage-as-a-Service (SaaS) offerings to both regular consumers and business organizations. SaaS (different than Software-as-a-Service in this context) refers to an architectural model in which a cloud provider provides digital storage on their own infrastructure. Three models exist amongst SaaS providers for protecting the confidentiality data stored in the cloud: 1) no encryption (data is stored in plain text), 2) server-side encryption (data is encrypted once uploaded), and 3) client-side encryption (data is encrypted prior to upload). This paper seeks to identify weaknesses in the third model, as it claims to offer 100% user data confidentiality throughout all data transactions (e.g., upload, download, sharing) through a combination of Network Traffic Analysis, Source Code Decompilation, and Source Code Disassembly. The weaknesses we uncovered primarily center around the fact that the cloud providers we evaluated were each operating in a Certificate Authority capacity to facilitate data sharing. In this capacity, they assume the role of both certificate issuer and certificate authorizer as denoted in a Public-Key Infrastructure (PKI) scheme - which gives them the ability to view user data contradicting their claims of 100% data confidentiality. We have collated our analysis and findings in this paper and explore some potential solutions to address these weaknesses in these sharing methods. The solutions proposed are a combination of best practices associated with the use of PKI and other cryptographic primitives generally accepted for protecting the confidentiality of shared information

Go-With-The-Winner: Client-Side Server Selection for Content Delivery

Content delivery networks deliver much of the web and video content in the world by deploying a large distributed network of servers. We model and analyze a simple paradigm for client-side server selection that is commonly used in practice where each user independently measures the performance of a set of candidate servers and selects the one that performs the best. For web (resp., video) delivery, we propose and analyze a simple algorithm where each user randomly chooses two or more candidate servers and selects the server that provided the best hit rate (resp., bit rate). We prove that the algorithm converges quickly to an optimal state where all users receive the best hit rate (resp., bit rate), with high probability. We also show that if each user chose just one random server instead of two, some users receive a hit rate (resp., bit rate) that tends to zero. We simulate our algorithm and evaluate its performance with varying choices of parameters, system load, and content popularity.Comment: 15 pages, 9 figures, published in IFIP Networking 201

Secure Cloud Storage with Client-Side Encryption Using a Trusted Execution Environment

With the evolution of computer systems, the amount of sensitive data to be stored as well as the number of threats on these data grow up, making the data confidentiality increasingly important to computer users. Currently, with devices always connected to the Internet, the use of cloud data storage services has become practical and common, allowing quick access to such data wherever the user is. Such practicality brings with it a concern, precisely the confidentiality of the data which is delivered to third parties for storage. In the home environment, disk encryption tools have gained special attention from users, being used on personal computers and also having native options in some smartphone operating systems. The present work uses the data sealing, feature provided by the Intel Software Guard Extensions (Intel SGX) technology, for file encryption. A virtual file system is created in which applications can store their data, keeping the security guarantees provided by the Intel SGX technology, before send the data to a storage provider. This way, even if the storage provider is compromised, the data are safe. To validate the proposal, the Cryptomator software, which is a free client-side encryption tool for cloud files, was integrated with an Intel SGX application (enclave) for data sealing. The results demonstrate that the solution is feasible, in terms of performance and security, and can be expanded and refined for practical use and integration with cloud synchronization services

The client-side project manager: A practitioner of Design

SYNOPSISOur research adds to the client-side project management body of literature by demonstrating that these professionals display all the characteristics of Design Thinking Mentalities, Thinking Styles and Practices as identified by Hassi and Laakso (2011a) and that they utilize a broad range of the Design Thinking tools identified by Liedtka (2015) and Johansson-Sköldberg et al. (2013) when they deliver construction projects.RELEVANCE FOR PRACTICE/EDUCATIONOur findings indicate that client-side project managers should view their role differently to what has been traditionally accepted. The use of Design Thinking within the project management construct highlights that practitioners need to develop skills and tools that address, not just the compliance and control elements of project management, but also information gathering and problem solving techniques. This change of perspective creates opportunities for project managers to broaden their skill set in order to be able create further value in the Construction process.RESEARCH DESIGNOur research uses a Grounded Theory methodology to explore the ‘lived experience’ of client-side project managers to determine if they utilize Design Thinking when managing Construction projects. This is achieved by creating a framework from the work of Hassi and Laakso (2011a), Johansson-Sköldberg et al. (2013) and Liedtka (2015) to guide semi-structured interviews with a cohort of ten client-side project managers.MAIN FINDINGSOur research provides evidence of Design Thinking Mentalities, Thinking Styles, Practices and Tools being utilized by client-side project managers when delivering Construction projects. Our findings also identifies 15 project management tools used by client-side project managers when delivering Construction projects and highlight that the practice of client-side project management should not be viewed exclusively as part of the ‘Implementation’ process.RESEARCH IMPLICATIONSOur results support existing research on client-side project management and expand the Project Management body of literature by demonstrating how client-side project managers employ Design Thinking to handle poorly-defined projects

External technology supply and client-side innovation

Flexibility in response to competitive pressure from globalized markets and increasingly individualized customer desires has become vital for firms. A common strategy to address this challenge is to employ a dynamic concept of organization and reach beyond the boundaries of the firm. Accordingly, technology transfer from providers of knowledge intensive business services attracts more and more attention. In this context we focus on external supply of information technology and client-side innovation. The aim of this paper is to contribute to resolving an empirical puzzle arising from the prior literature. Some authors find beneficial effects of IT outsourcing, others underline that firms often fail to achieve expected strategic goals. Our stylized theoretical model combines a knowledge production function framework and transaction cost economics. We hypothesize that the right balance between internal and external knowledge is critical for innovation. The empirical application is German firm-level data covering a wide range of industries from 2003 to 2006. Our results largely support the theoretical arguments and suggest a positive linear relationship between the level of outsourcing and process innovation. For product innovation we find a hump-shape. --knowledge production function,transaction cost economics,product innovation,process innovation,KIBS,IT outsourcing,ZEW ICT survey