Exploiting Flow Relationships to Improve the Performance of Distributed Applications

Application performance continues to be an issue even with increased Internet bandwidth. There are many reasons for poor application performance including unpredictable network conditions, long round trip times, inadequate transmission mechanisms, or less than optimal application designs. In this work, we propose to exploit flow relationships as a general means to improve Internet application performance. We define a relationship to exist between two flows if the flows exhibit temporal proximity within the same scope, where a scope may either be between two hosts or between two clusters of hosts. Temporal proximity can either be in parallel or near-term sequential. As part of this work, we first observe that flow relationships are plentiful and they can be exploited to improve application performance. Second, we establish a framework on possible techniques to exploit flow relationships. In this framework, we summarize the improvements that can be brought by these techniques into several types and also use a taxonomy to break Internet applications into different categories based on their traffic characteristics and performance concerns. This approach allows us to investigate how a technique helps a group of applications rather than a particular one. Finally, we investigate several specific techniques under the framework and use them to illustrate how flow relationships are exploited to achieve a variety of improvements. We propose and evaluate a list of techniques including piggybacking related domain names, data piggybacking, enhanced TCP ACKs, packet aggregation, and critical packet piggybacking. We use them as examples to show how particular flow relationships can be used to improve applications in different ways such as reducing round trips, providing better quality of information, reducing the total number of packets, and avoiding timeouts. Results show that the technique of piggybacking related domain names can significantly reduce local cache misses and also reduce the same number of domain name messages. The data piggybacking technique can provide packet-efficient throughput in the reverse direction of a TCP connection without sacrificing forward throughput. The enhanced ACK approach provides more detailed and complete information about the state of the forward direction that could be used by a TCP implementation to obtain better throughput under different network conditions. Results for packet aggregation show only a marginal gain of packet savings due to the current traffic patterns. Finally, results for critical packet piggybacking demonstrate a big potential in using related flows to send duplicate copies to protect performance-critical packets from loss

COLLECTING POWER CONSUMPTION METRICS FROM OPERATIONALLY INACCESSIBLE NETWORKS

Operational traffic, such as management plane traffic carrying power consumption metrics from a device in the field, is often inaccessible to a device’s vendor. Techniques are presented herein that support a novel mechanism for encoding power consumption metrics in standard communication protocols such as, for example, domain name system (DNS) requests. Aspects of the presented techniques ensure the atomicity of self-contained messages, as well as the confidentiality and integrity of the metrics that are sent to the corresponding vendors. Further aspects of the presented techniques support selectable levels of anonymity during the exporting of the above-described metrics. For example, selectable Terms and Conditions may not only allow administrators to choose among different levels of anonymity, but also facilitate frictionless operations and automatic configuration during the activation of a license

European Railway Comparisons: Final Report

The Institute for Transport Studies (ITS), University of Leeds and the British Railways Board (BRB) carried out a major comparative study of Western European railways in the late 1970s (BRB and University of Leeds, 1979). Follow-up work was carried out by ITS financed by the Social Science Research Council and reported by Nash (1985). It was deaded to revive this work at ITS for a number of reasons: It is over ten years since the last set of comparisons (for 1981) were made at ITS and therefore a review of the changes in costs and productivity may be timely. There has been a number of technical developments that make the use of statistical cost analysis more promising. These developments include the use of more flexible functional forms such as the translog, and the development of comprehensive total factor productivity indices (see, for example, Dodgson, 1985 and, more recently, Hensher and Waters, 1993). There is increasing interest in the organisational structure of railway industries as a result of the 1988 Transport Act in Sweden, the EC directive 91/4-40 and the publication of proposals for privatising British Rail in July 1992 (see, for example, ECMT, 1993). Given the explosion in information technology, there were some hopes that data availability would have improved. (Continues..

Global connectivity architecture of mobile personal devices

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2008.This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Includes bibliographical references (p. 193-207).The Internet's architecture, designed in the days of large, stationary computers tended by technically savvy and accountable administrators, fails to meet the demands of the emerging ubiquitous computing era. Nontechnical users now routinely own multiple personal devices, many of them mobile, and need to share information securely among them using interactive, delay-sensitive applications.Unmanaged Internet Architecture (UIA) is a novel, incrementally deployable network architecture for modern personal devices, which reconsiders three architectural cornerstones: naming, routing, and transport. UIA augments the Internet's global name system with a personal name system, enabling users to build personal administrative groups easily and intuitively, to establish secure bindings between his devices and with other users' devices, and to name his devices and his friends much like using a cell phone's address book. To connect personal devices reliably, even while mobile, behind NATs or firewalls, or connected via isolated ad hoc networks, UIA gives each device a persistent, location-independent identity, and builds an overlay routing service atop IP to resolve and route among these identities. Finally, to support today's interactive applications built using concurrent transactions and delay-sensitive media streams, UIA introduces a new structured stream transport abstraction, which solves the efficiency and responsiveness problems of TCP streams and the functionality limitations of UDP datagrams. Preliminary protocol designs and implementations demonstrate UIA's features and benefits. A personal naming prototype supports easy and portable group management, allowing use of personal names alongside global names in unmodified Internet applications. A prototype overlay router leverages the naming layer's social network to provide efficient ad hoc connectivity in restricted but important common-case scenarios.(cont) Simulations of more general routing protocols--one inspired by distributed hash tables, one based on recent compact routing theory--explore promising generalizations to UIA's overlay routing. A library-based prototype of UIA's structured stream transport enables incremental deployment in either OS infrastructure or applications, and demonstrates the responsiveness benefits of the new transport abstraction via dynamic prioritization of interactive web downloads. Finally, an exposition and experimental evaluation of NAT traversal techniques provides insight into routing optimizations useful in UIA and elsewhere.by Bryan Alexander Ford.Ph.D

No Security Through Obscurity: Changing Circumvention Law to Protect our Democracy Against Cyberattacks

Cybersecurity is increasingly vital in a climate of unprecedented digital assaults against liberal democracy. Russian hackers have launched destabilizing cyberattacks targeting the United States’ energy grid, voting machines, and political campaigns. America\u27s existing inadequate cyber defenses operate according to a simple assumption: hide the computer code that powers critical infrastructure so that America\u27s enemies cannot exploit undiscovered weaknesses. Indeed, the intellectual property regime relies entirely on this belief, protecting those who own the rights in computer code by punishing those who might access and copy that code. This “security through obscurity” approach has failed. Rightsholders, on their own, cannot develop effective countermeasures to hacking because there are simply too many possibilities to preempt. The most promising solution, therefore, is to open the project of cybersecurity to as many talented and ethical minds as possible. Openness, not civil remedies and secrecy, is a greater means of ensuring safety. This Article proposes that we adopt a “defense in depth” approach to security that will increase transparency by modifying anticircumvention laws and by facilitating communication between the security community and product vendors

Bandwidth management and monitoring for IP network traffic : an investigation

Bandwidth management is a topic which is often discussed, but on which relatively little work has been done with regard to compiling a comprehensive set of techniques and methods for managing traffic on a network. What work has been done has concentrated on higher end networks, rather than the low bandwidth links which are commonly available in South Africa and other areas outside the United States. With more organisations increasingly making use of the Internet on a daily basis, the demand for bandwidth is outstripping the ability of providers to upgrade their infrastructure. This resource is therefore in need of management. In addition, for Internet access to become economically viable for widespread use by schools, NGOs and other academic institutions, the associated costs need to be controlled. Bandwidth management not only impacts on direct cost control, but encompasses the process of engineering a network and network resources in order to ensure the provision of as optimal a service as possible. Included in this is the provision of user education. Software has been developed for the implementation of traffic quotas, dynamic firewalling and visualisation. The research investigates various methods for monitoring and management of IP traffic with particular applicability to low bandwidth links. Several forms of visualisation for the analysis of historical and near-realtime traffic data are also discussed, including the use of three-dimensional landscapes. A number of bandwidth management practices are proposed, and the advantages of their combination, and complementary use are highlighted. By implementing these suggested policies, a holistic approach can be taken to the issue of bandwidth management on Internet links

Satellite Networks: Architectures, Applications, and Technologies

Since global satellite networks are moving to the forefront in enhancing the national and global information infrastructures due to communication satellites' unique networking characteristics, a workshop was organized to assess the progress made to date and chart the future. This workshop provided the forum to assess the current state-of-the-art, identify key issues, and highlight the emerging trends in the next-generation architectures, data protocol development, communication interoperability, and applications. Presentations on overview, state-of-the-art in research, development, deployment and applications and future trends on satellite networks are assembled

Becoming Artifacts: Medieval Seals, Passports and the Future of Digital Identity

What does a digital identity token have to do with medieval seals? Is the history of passports of any use for enabling the discovery of Internet users\u27 identity when crossing virtual domain boundaries during their digital browsing and transactions? The agility of the Internet architecture and its simplicity of use have been the engines of its growth and success with the users worldwide. As it turns out, there lies also its crux. In effect, Internet industry participants have argued that the critical problem business is faced with on the Internet is the absence of an identity layer from the core protocols of its logical infrastructure. As a result, the cyberspace parallels a global territory without any identification mechanism that is reliable, consistent and interoperable across domains. This dissertation is an investigation of the steps being taken by Internet stakeholders in order to resolve its identity problems, through the lenses of historical instances where similar challenges were tackled by social actors. Social science research addressing the Internet identity issues is barely nascent. Research on identification systems in general is either characterized by a paucity of historical perspective, or scantily references digital technology and online identification processes. This research is designed to bridge that gap. The general question at its core is: How do social actors, events or processes enable the historical emergence of authoritative identity credentials for the public at large? This work is guided by that line of inquiry through three broad historical case studies: first, the medieval experience with seals used as identity tokens in the signing of deeds that resulted in transfers of rights, particularly estate rights; second, comes the modern, national state with its claim to the right to know all individuals on its territory through credentials such as the passport or the national identity card; and finally, viewed from the United States, the case of ongoing efforts to build an online digital identity infrastructure. Following a process-tracing approach to historical case study, this inquiry presents enlightening connections between the three identity frameworks while further characterizing each. We understand how the medieval doctrines of the Trinity and the Eucharist developed by schoolmen within the Church accommodated seals as markers of identity, and we understand how the modern state seized on the term `nationality\u27 - which emerged as late as in the 19th century - to make it into a legal fiction that was critical for its identification project. Furthermore, this investigation brings analytical insights which enable us to locate the dynamics driving the emergence of those identity systems. An ordering of the contributing factors in sequential categories is proposed in a sociohistorical approach to explain the causal mechanisms at work across these large phenomena. Finally this research also proposes historically informed projections of scenarios as possible pathways to the realization of authoritative digital identity. But that is the beginning of yet another story of identity

Wi-Fi Enabled Healthcare

Focusing on its recent proliferation in hospital systems, Wi-Fi Enabled Healthcare explains how Wi-Fi is transforming clinical work flows and infusing new life into the types of mobile devices being implemented in hospitals. Drawing on first-hand experiences from one of the largest healthcare systems in the United States, it covers the key areas associated with wireless network design, security, and support. Reporting on cutting-edge developments and emerging standards in Wi-Fi technologies, the book explores security implications for each device type. It covers real-time location services and emerging trends in cloud-based wireless architecture. It also outlines several options and design consideration for employee wireless coverage, voice over wireless (including smart phones), mobile medical devices, and wireless guest services. This book presents authoritative insight into the challenges that exist in adding Wi-Fi within a healthcare setting. It explores several solutions in each space along with design considerations and pros and cons. It also supplies an in-depth look at voice over wireless, mobile medical devices, and wireless guest services. The authors provide readers with the technical knowhow required to ensure their systems provide the reliable, end-to-end communications necessary to surmount today’s challenges and capitalize on new opportunities. The shared experience and lessons learned provide essential guidance for large and small healthcare organizations in the United States and around the world. This book is an ideal reference for network design engineers and high-level hospital executives that are thinking about adding or improving upon Wi-Fi in their hospitals or hospital systems