3,212 research outputs found
Interest-Based Access Control for Content Centric Networks (extended version)
Content-Centric Networking (CCN) is an emerging network architecture designed
to overcome limitations of the current IP-based Internet. One of the
fundamental tenets of CCN is that data, or content, is a named and addressable
entity in the network. Consumers request content by issuing interest messages
with the desired content name. These interests are forwarded by routers to
producers, and the resulting content object is returned and optionally cached
at each router along the path. In-network caching makes it difficult to enforce
access control policies on sensitive content outside of the producer since
routers only use interest information for forwarding decisions. To that end, we
propose an Interest-Based Access Control (IBAC) scheme that enables access
control enforcement using only information contained in interest messages,
i.e., by making sensitive content names unpredictable to unauthorized parties.
Our IBAC scheme supports both hash- and encryption-based name obfuscation. We
address the problem of interest replay attacks by formulating a mutual trust
framework between producers and consumers that enables routers to perform
authorization checks when satisfying interests from their cache. We assess the
computational, storage, and bandwidth overhead of each IBAC variant. Our design
is flexible and allows producers to arbitrarily specify and enforce any type of
access control on content, without having to deal with the problems of content
encryption and key distribution. This is the first comprehensive design for CCN
access control using only information contained in interest messages.Comment: 11 pages, 2 figure
A Taxonomy of Data Grids for Distributed Data Sharing, Management and Processing
Data Grids have been adopted as the platform for scientific communities that
need to share, access, transport, process and manage large data collections
distributed worldwide. They combine high-end computing technologies with
high-performance networking and wide-area storage management techniques. In
this paper, we discuss the key concepts behind Data Grids and compare them with
other data sharing and distribution paradigms such as content delivery
networks, peer-to-peer networks and distributed databases. We then provide
comprehensive taxonomies that cover various aspects of architecture, data
transportation, data replication and resource allocation and scheduling.
Finally, we map the proposed taxonomy to various Data Grid systems not only to
validate the taxonomy but also to identify areas for future exploration.
Through this taxonomy, we aim to categorise existing systems to better
understand their goals and their methodology. This would help evaluate their
applicability for solving similar problems. This taxonomy also provides a "gap
analysis" of this area through which researchers can potentially identify new
issues for investigation. Finally, we hope that the proposed taxonomy and
mapping also helps to provide an easy way for new practitioners to understand
this complex area of research.Comment: 46 pages, 16 figures, Technical Repor
The Dafny Integrated Development Environment
In recent years, program verifiers and interactive theorem provers have
become more powerful and more suitable for verifying large programs or proofs.
This has demonstrated the need for improving the user experience of these tools
to increase productivity and to make them more accessible to non-experts. This
paper presents an integrated development environment for Dafny-a programming
language, verifier, and proof assistant-that addresses issues present in most
state-of-the-art verifiers: low responsiveness and lack of support for
understanding non-obvious verification failures. The paper demonstrates several
new features that move the state-of-the-art closer towards a verification
environment that can provide verification feedback as the user types and can
present more helpful information about the program or failed verifications in a
demand-driven and unobtrusive way.Comment: In Proceedings F-IDE 2014, arXiv:1404.578
Bridging the Gap between Enumerative and Symbolic Model Checkers
We present a method to perform symbolic state space generation for languages with existing enumerative state generators. The method is largely independent from the chosen modelling language. We validated this on three different types of languages and tools: state-based languages (PROMELA), action-based process algebras (muCRL, mCRL2), and discrete abstractions of ODEs (Maple).\ud
Only little information about the combinatorial structure of the\ud
underlying model checking problem need to be provided. The key enabling data structure is the "PINS" dependency matrix. Moreover, it can be provided gradually (more precise information yield better results).\ud
\ud
Second, in addition to symbolic reachability, the same PINS matrix contains enough information to enable new optimizations in state space generation (transition caching), again independent from the chosen modelling language. We have also based existing optimizations, like (recursive) state collapsing, on top of PINS and hint at how to support partial order reduction techniques.\ud
\ud
Third, PINS allows interfacing of existing state generators to, e.g., distributed reachability tools. Thus, besides the stated novelties, the method we propose also significantly reduces the complexity of building modular yet still efficient model checking tools.\ud
\ud
Our experiments show that we can match or even outperform existing tools by reusing their own state generators, which we have linked into an implementation of our ideas
Distributed Hybrid Simulation of the Internet of Things and Smart Territories
This paper deals with the use of hybrid simulation to build and compose
heterogeneous simulation scenarios that can be proficiently exploited to model
and represent the Internet of Things (IoT). Hybrid simulation is a methodology
that combines multiple modalities of modeling/simulation. Complex scenarios are
decomposed into simpler ones, each one being simulated through a specific
simulation strategy. All these simulation building blocks are then synchronized
and coordinated. This simulation methodology is an ideal one to represent IoT
setups, which are usually very demanding, due to the heterogeneity of possible
scenarios arising from the massive deployment of an enormous amount of sensors
and devices. We present a use case concerned with the distributed simulation of
smart territories, a novel view of decentralized geographical spaces that,
thanks to the use of IoT, builds ICT services to manage resources in a way that
is sustainable and not harmful to the environment. Three different simulation
models are combined together, namely, an adaptive agent-based parallel and
distributed simulator, an OMNeT++ based discrete event simulator and a
script-language simulator based on MATLAB. Results from a performance analysis
confirm the viability of using hybrid simulation to model complex IoT
scenarios.Comment: arXiv admin note: substantial text overlap with arXiv:1605.0487
A model and framework for reliable build systems
Reliable and fast builds are essential for rapid turnaround during
development and testing. Popular existing build systems rely on correct manual
specification of build dependencies, which can lead to invalid build outputs
and nondeterminism. We outline the challenges of developing reliable build
systems and explore the design space for their implementation, with a focus on
non-distributed, incremental, parallel build systems. We define a general model
for resources accessed by build tasks and show its correspondence to the
implementation technique of minimum information libraries, APIs that return no
information that the application doesn't plan to use. We also summarize
preliminary experimental results from several prototype build managers
- ā¦