244,138 research outputs found
Affine Sessions
Session types describe the structure of communications implemented by
channels. In particular, they prescribe the sequence of communications, whether
they are input or output actions, and the type of value exchanged. Crucial to
any language with session types is the notion of linearity, which is essential
to ensure that channels exhibit the behaviour prescribed by their type without
interference in the presence of concurrency. In this work we relax the
condition of linearity to that of affinity, by which channels exhibit at most
the behaviour prescribed by their types. This more liberal setting allows us to
incorporate an elegant error handling mechanism which simplifies and improves
related works on exceptions. Moreover, our treatment does not affect the
progress properties of the language: sessions never get stuck
Kuupsatelliidi ESTCube-2 peasidesüsteemi tarkvara arendus
This thesis is focused on software development for the primary communications system of ESTCube-2 nanosatellite. The goals are to describe and document the architecture of the systems software, develop primary prototype software and test it in different cenarios. The system must be compatible with previously agreed standards, developed communication system hardware and other subsystems of the satellite.
As part of this bachelor’s thesis, top and low level functionality of ESTCube-2 communication system was stated and implemented, including data handling, data transmission, communication with other subsystems, error handling and logging
Coexistence of Heterogeneous Services in the Uplink with Discrete Signaling and Treating Interference as Noise
The problem of enabling the coexistence of heterogeneous services, e.g.,
different ultra-reliable low-latency communications (URLLC) services and/or
enhanced mobile broadband (eMBB) services, in the uplink is studied. Each
service has its own error probability and blocklength constraints and the
longer transmission block suffers from heterogeneous interference. Due to the
latency concern, the decoding of URLLC messages cannot leverage successive
interference cancellation (SIC) and should always be performed before the
decoding of eMBB messages. This can significantly degrade the achievable rates
of URLLC users when the interference from other users is strong. To overcome
this issue, we propose a new transmission scheme based on discrete signaling
and treating interference as noise decoding, i.e., without SIC. Guided by the
deterministic model, we provide a systematic way to construct discrete
signaling for handling heterogeneous interference effectively. We demonstrate
theoretically and numerically that the proposed scheme can perform close to the
benchmark scheme based on capacity-achieving Gaussian signaling with the
assumption of perfect SIC.Comment: 7 pages, accepted for presentation at IEEE Global Communications
Conference (GLOBECOM) 202
Talos: Neutralizing Vulnerabilities with Security Workarounds for Rapid Response
Considerable delays often exist between the discovery of a vulnerability and
the issue of a patch. One way to mitigate this window of vulnerability is to
use a configuration workaround, which prevents the vulnerable code from being
executed at the cost of some lost functionality -- but only if one is
available. Since program configurations are not specifically designed to
mitigate software vulnerabilities, we find that they only cover 25.2% of
vulnerabilities.
To minimize patch delay vulnerabilities and address the limitations of
configuration workarounds, we propose Security Workarounds for Rapid Response
(SWRRs), which are designed to neutralize security vulnerabilities in a timely,
secure, and unobtrusive manner. Similar to configuration workarounds, SWRRs
neutralize vulnerabilities by preventing vulnerable code from being executed at
the cost of some lost functionality. However, the key difference is that SWRRs
use existing error-handling code within programs, which enables them to be
mechanically inserted with minimal knowledge of the program and minimal
developer effort. This allows SWRRs to achieve high coverage while still being
fast and easy to deploy.
We have designed and implemented Talos, a system that mechanically
instruments SWRRs into a given program, and evaluate it on five popular Linux
server programs. We run exploits against 11 real-world software vulnerabilities
and show that SWRRs neutralize the vulnerabilities in all cases. Quantitative
measurements on 320 SWRRs indicate that SWRRs instrumented by Talos can
neutralize 75.1% of all potential vulnerabilities and incur a loss of
functionality similar to configuration workarounds in 71.3% of those cases. Our
overall conclusion is that automatically generated SWRRs can safely mitigate
2.1x more vulnerabilities, while only incurring a loss of functionality
comparable to that of traditional configuration workarounds.Comment: Published in Proceedings of the 37th IEEE Symposium on Security and
Privacy (Oakland 2016
Distributed memory in a heterogeneous network, as used in the CERN-PS complex timing system
The Distributed Table Manager (DTM) is a fast and efficient utility for distributing named binary data structures called Tables, of arbitrary size and structure, around a heterogeneous network of computers to a set of registered clients. The Tables are transmitted over a UDP network between DTM servers in network format, where the servers perform the conversions to and from host format for local clients. The servers provide clients with synchronization mechanisms, a choice of network data flows, and table options such as keeping table disc copies, shared memory or heap memory table allocation, table read/write permissions, and table subnet broadcasting. DTM has been designed to be easily maintainable, and to automatically recover from the type of errors typically encountered in a large control system network. The DTM system is based on a three level server daemon hierarchy, in which an inter daemon protocol handles network failures, and incorporates recovery procedures which will guarantee table consistency when communications are re-established. These protocols are implemented over a communications layer which performs the data conversions, packet splitting, error-correction with retry, and time out handling. The same communications layer is used to implement the application program interface which calls on the server daemon for client services. DTM is a registration based system, in which communications are established dynamically as needed, and tables are distributed only to the clients who have registered their interest in them. The registration protocols include mechanisms to recover from daemon re-launches, and clean up after aborted clients
Multicomputer communication system
A local area network is provided for a plurality of autonomous computers which operate at different rates and under different protocols coupled by network bus adapters to a global bus. A host computer (HC) divides a message file to be transmitted into blocks, each with a header that includes a data type identifier and a trailer. The associated network bus adapter (NBA) then divides the data into packets, each with a header to which a transport header and trailer is added with frame type code which specifies one of three modes of addressing in the transmission of data, namely a physical address mode for computer to computer transmission using two bytes for source and destination addresses, a logical address mode and a data type mode. In the logical address mode, one of the two addressing bytes contains a logical channel number (LCN) established between the transmitting and one or more receiving computers. In the data type mode, one of the addressing bytes contains a code identifying the type of data
On the Feasibility of Fine-Grained TLS Security Configurations in Web Browsers Based on the Requested Domain Name
Most modern web browsers today sacrifice optimal TLS security for backward
compatibility. They apply coarse-grained TLS configurations that support (by
default) legacy versions of the protocol that have known design weaknesses, and
weak ciphersuites that provide fewer security guarantees (e.g. non Forward
Secrecy), and silently fall back to them if the server selects to. This
introduces various risks including downgrade attacks such as the POODLE attack
[15] that exploits the browsers silent fallback mechanism to downgrade the
protocol version in order to exploit the legacy version flaws. To achieve a
better balance between security and backward compatibility, we propose a
mechanism for fine-grained TLS configurations in web browsers based on the
sensitivity of the domain name in the HTTPS request using a whitelisting
technique. That is, the browser enforces optimal TLS configurations for
connections going to sensitive domains while enforcing default configurations
for the rest of the connections. We demonstrate the feasibility of our proposal
by implementing a proof-of-concept as a Firefox browser extension. We envision
this mechanism as a built-in security feature in web browsers, e.g. a button
similar to the \quotes{Bookmark} button in Firefox browsers and as a
standardised HTTP header, to augment browsers security
- …