Highly available long running transactions and activities for j2ee applications

Abstract. Today´s business applications are getting increasingly complex and sophisticated. These applications may evolve into long running activities able to adapt to different circumstances. They are typically built on top of middleware platforms, such as J2EE, and use transactions. Several specifications, such as the J2EE Activity Service, have been proposed for applications requiring support for long running activities. Moreover, these applications also demand high availability to prevent financial losses and/or service level agreements violations due to service unavailability or crashes. Replication is a means to attain high availability. However, current middleware does not provide highly available transactions. In the advent of crashes, running transactions abort and the application is forced to re-execute them, what results in a loss of availability and transparency. Moreover, many applications maintain state across transactions and aborting the current transaction might introduce inconsistencies in the application, sometimes requiring human assistance. The situation is worse for the case of long running activities, very common in the web service realm, for which high availability support is almost non-existent. Most approaches using J2EE consider the replication of either the application server or the database. This results in poor availability when the non-replicated tier crashes. In this paper, we present replication support for J2EE both for the application server and the database providing highly available transactions and long running activities. Failure masking is absolutely transparent to client applications. We have implemented and evaluated a prototype using ECPerf benchmark and a specific benchmark for long running activities.

Highly Available Long Running Transactions and Activities for J2EE Applications

Today’s business applications are typically built on top of middleware platforms such as J2EE and use transactions that have evolved into long running activities able to adapt to different circumstances. Specifications, such as the J2EE Activity Service, have arised for applications requiring that support. These applications also demand high availability to prevent financial losses and/or service level agreements (SLAs) violations due to service unavailability or crashes. Replication is a means to attain high availability but current middleware does not provide highly available transactions. In the advent of crashes, running transactions abort and the application is forced to re-execute them, what results in a loss of availability and transparency. Most approaches using J2EE consider the replication of either the application server or the database. This results in poor availability when the non-replicated tier crashes. This paper presents a novel J2EE replication support for both, application server and database layers providing highly available transactions and long running activities. Failure masking is transparent to client applications. A prototype has been implemented and evaluated.

Enhancing intrusion resilience in publicly accessible distributed systems

PhD ThesisThe internet is increasingly used as a means of communication by many businesses. Online shopping has become an important commercial activity and many governmental bodies offer services online. Malicious intrusion into these systems can have major negative consequences, both for the providers and users of these services. The need to protect against malicious intrusion, coupled with the difficulty of identifying and removing all possible vulnerabilities in a distributed system, have led to the use of systems that can tolerate intrusions with no loss of integrity. These systems require that services be replicated as deterministic state machines, a relatively hard task in practice, and do not ensure that confidentiality is maintained when one or more replicas are successfully intruded into. This thesis presents FORTRESS, a novel intrusion-resilient system that makes use of proactive obfuscation techniques and cheap off-the-shelf hardware to enhance intrusionresilience. FORTRESS uses proxies to prevent clients accessing servers directly, and regular replacement of proxies and servers with differently obfuscated versions. This maintains both confidentiality and integrity as long as an attacker does not compromise the system as a whole. The expected lifetime until system compromise of the FORTRESS system is compared to those of state machine replicated and primary backup systems when confronted with an attacker capable of launching distributed attacks against known vulnerabilities. Thus, FORTRESS is demonstrated to be a viable alternative to building intrusion-tolerant systems using deterministic state machine replication. The performance overhead of the FORTRESS system is also evaluated, using both a general state transfer framework for distributed systems, and a lightweight framework for large scale web applications. This shows the FORTRESS system has a sufficiently small performance overhead to be of practical use