Instant restore after a media failure

Media failures usually leave database systems unavailable for several hours until recovery is complete, especially in applications with large devices and high transaction volume. Previous work introduced a technique called single-pass restore, which increases restore bandwidth and thus substantially decreases time to repair. Instant restore goes further as it permits read/write access to any data on a device undergoing restore--even data not yet restored--by restoring individual data segments on demand. Thus, the restore process is guided primarily by the needs of applications, and the observed mean time to repair is effectively reduced from several hours to a few seconds. This paper presents an implementation and evaluation of instant restore. The technique is incrementally implemented on a system starting with the traditional ARIES design for logging and recovery. Experiments show that the transaction latency perceived after a media failure can be cut down to less than a second and that the overhead imposed by the technique on normal processing is minimal. The net effect is that a few "nines" of availability are added to the system using simple and low-overhead software techniques

Persistent Buffer Management with Optimistic Consistency

Finding the best way to leverage non-volatile memory (NVM) on modern database systems is still an open problem. The answer is far from trivial since the clear boundary between memory and storage present in most systems seems to be incompatible with the intrinsic memory-storage duality of NVM. Rather than treating NVM either solely as memory or solely as storage, in this work we propose how NVM can be simultaneously used as both in the context of modern database systems. We design a persistent buffer pool on NVM, enabling pages to be directly read/written by the CPU (like memory) while recovering corrupted pages after a failure (like storage). The main benefits of our approach are an easy integration in the existing database architectures, reduced costs (by replacing DRAM with NVM), and faster peak-performance recovery

Toward Smart Moving Target Defense for Linux Container Resiliency

This paper presents ESCAPE, an informed moving target defense mechanism for cloud containers. ESCAPE models the interaction between attackers and their target containers as a "predator searching for a prey" search game. Live migration of Linux-containers (prey) is used to avoid attacks (predator) and failures. The entire process is guided by a novel host-based behavior-monitoring system that seamlessly monitors containers for indications of intrusions and attacks. To evaluate ESCAPE effectiveness, we simulated the attack avoidance process based on a mathematical model mimicking the prey-vs-predator search game. Simulation results show high container survival probabilities with minimal added overhead.Comment: Published version is available on IEEE Xplore at http://ieeexplore.ieee.org/document/779685

Software defined networking: meeting carrier grade requirements

Software Defined Networking is a networking paradigm which allows network operators to manage networking elements using software running on an external server. This is accomplished by a split in the architecture between the forwarding element and the control element. Two technologies which allow this split for packet networks are ForCES and Openflow. We present energy efficiency and resilience aspects of carrier grade networks which can be met by Openflow. We implement flow restoration and run extensive experiments in an emulated carrier grade network. We show that Openflow can restore traffic quite fast, but its dependency on a centralized controller means that it will be hard to achieve 50 ms restoration in large networks serving many flows. In order to achieve 50 ms recovery, protection will be required in carrier grade networks

Shifting the Conversation: Colbert\u27s Super PAC and the measurement of satirical efficacy

Stephen Colbert’s announcement in 2011 that he was starting his own Super PAC oneupped The Colbert Report’s already substantial commitment to boundary muddling. By raising real money, producing commercials, and exploring the nuances of campaign finance regulations, Colbert acted out his critique of current law in tangible form. The novelty of the experiment created anticipation amongst fans and commentators that the project would have a direct effect on attitudes about campaign finance, or that Colbert would veer into clear advocacy work. Indeed, expectations matched the standard assumptions about satire: that efficacy should be gauged by measurable influence on individual opinions. In reality, the PAC’s commercials likely did not influence many outside his existent fan group. However, the project as a whole did work to license journalistic attention and to impact the wider debate about campaign finance. The example demonstrates that the more grandiose expectations of political entertainment are often misdirected, as they are premised on the prospect of instant audience malleability. Rather the most interesting possibilities involve more incremental shifts in the public conversation

State of New York Public Employment Relations Board Decisions from January 11, 1985

1_11_1985_PERB_BD_DecisionsOCR.pdf: 281 downloads, before Oct. 1, 2020

Telegraaf judgment on protection of journalists' sources: security and intelligence services must also respect protection of journalistic sources

Analysis and comment of judgment on protection of sources and coercive measures by public authorities, including judiciary and intelligence services