An Analysis of the Performance and Security of J2SDK 1.4 JSSE Implementation of SSL/TLS

The Java SSL/TLS package distributed with the J2SE 1.4.2 runtime is a Java implementation of the SSLv3 and TLSv1 protocols. Java-based web services and other systems deployed by the DoD will depend on this implementation to provide confidentiality, integrity, and authentication. Security and performance assessment of this implementation is critical given the proliferation of web services within DoD channels. This research assessed the performance of the J2SE 1.4.2 SSL and TLS implementations, paying particular attention to identifying performance limitations given a very secure configuration. The performance metrics of this research were CPU utilization, network bandwidth, memory, and maximum number of secure socket that could be created given various factors. This research determined an integral performance relationship between the memory heap size and the encryption algorithm used. By changing the default heap size setting of the Java Virtual Machine from 64 MB to 256 MB and using the symmetric encryption algorithm of AES256, a high performance, highly secure SSL configuration is achievable. This configuration can support over 2000 simultaneous secure sockets with various encrypted data sizes. This yields a 200 percent increase in performance over the default configuration, while providing the additional security of 256-bit symmetric key encryption to the application data

Benchmarking the Round-Trip Latency of Various Java-Based Middleware Platforms

International audienceNowadays, distributed Java-based applications could be built on top of a plethora of middleware technologies such as Object Request Brokers (ORB) like CORBA and Java RMI, Web Services, and component-oriented platforms like EJB or CCM. Choosing the right technology fitting with application requirements is driven by various criteria such as economic costs, available features, performance, etc. The main contribution of this paper is to present an experience report on the design and implementation of a simple benchmark to evaluate the round-trip latency of various Java-based middleware platforms. Empirical results and analysis are discussed on a large set of widely available implementations including various ORB (Java RMI, Java IDL, ORBacus, JacORB, OpenORB, and Ice), Web Services projects (Apache XML-RPC and Axis), and componentoriented platforms (JBoss, JOnAS, OpenCCM, Fractal, Pro-Active)

Two research contributions in 64-bit computing: Testing and Applications

Following the release of Windows 64-bit and Redhat Linux 64-bit operating systems (OS) in late April 2005, this is the one of the first 64-bit OS research project completed in a British university. The objective is to investigate (1) the increase/decrease in performance compared to 32-bit computing; (2) the techniques used to develop 64-bit applications; and (3) how 64-bit computing should be used in IT and research organizations to improve their work. This paper summarizes research discoveries for this investigation, including two major research contributions in (1) testing and (2) application development. The first contribution includes performance, stress, application, multiplatform, JDK and compatibility testing for AMD and Intel models. Comprehensive testing results reveal that 64-bit computing has a better performance in application performance, system performance and stress testing, but a worse performance in compatibility testing than the traditional 32-bit computing. A 64-bit dual-core processor has been tested and the results show that it performs better than a 64-bit single-core processor, but only in application that requires very high demands of CPU and memory consumption. The second contribution is .NET 1.1 64-bit implementations. Without additional troubleshooting, .NET 1.1 does not work on 64-bit Windows operating systems in stable ways. After stabilizing .NET environment, the next step is the application development, which is a dynamic repository with functions such as registration, download, login-logout, product submissions, database storage and statistical reports. The technology is based on Visual Studio .NET 2003, .NET 1.1 Framework with Service Pack 1, SQL Server 2000 with Service Pack 4 and IIS Server 6.0 on the Windows Server 2003 Enterprise x64 platform with Service Pack 1

Making Digital Artifacts on the Web Verifiable and Reliable

The current Web has no general mechanisms to make digital artifacts --- such as datasets, code, texts, and images --- verifiable and permanent. For digital artifacts that are supposed to be immutable, there is moreover no commonly accepted method to enforce this immutability. These shortcomings have a serious negative impact on the ability to reproduce the results of processes that rely on Web resources, which in turn heavily impacts areas such as science where reproducibility is important. To solve this problem, we propose trusty URIs containing cryptographic hash values. We show how trusty URIs can be used for the verification of digital artifacts, in a manner that is independent of the serialization format in the case of structured data files such as nanopublications. We demonstrate how the contents of these files become immutable, including dependencies to external digital artifacts and thereby extending the range of verifiability to the entire reference tree. Our approach sticks to the core principles of the Web, namely openness and decentralized architecture, and is fully compatible with existing standards and protocols. Evaluation of our reference implementations shows that these design goals are indeed accomplished by our approach, and that it remains practical even for very large files.Comment: Extended version of conference paper: arXiv:1401.577

The Clarens Web Service Framework for Distributed Scientific Analysis in Grid Projects

Large scientific collaborations are moving towards service oriented architecutres for implementation and deployment of globally distributed systems. Clarens is a high performance, easy to deploy Web Service framework that supports the construction of such globally distributed systems. This paper discusses some of the core functionality of Clarens that the authors believe is important for building distributed systems based on Web Services that support scientific analysis

Transforming Internal Activities of Business Process Models to Services Compositions

As a service composition language, BPEL imposes as constraint that a business process model should consist only of activities for interacting with other business processes. BPEL provides limited support for implementing internal activities, i.e. activities that are performed by a single business process without involvement of other business processes. BPEL is hence not suitable to implement internal activities that include complex data manipulation. There are a number of options to make BPEL able to implement such internal activities. In this paper we analyse those options based on their feasibility, efficiency, reusability, portability and merging. The analysis indicates that delegating internal activities’ functionality to other services is the best option. We therefore present an approach for transforming internal activities to service invocations. The application of this approach on a business process model results in a service composition model that consists only of activities for interaction

Distributed Object Medical Imaging Model

Abstract- Digital medical informatics and images are commonly used in hospitals today,. Because of the interrelatedness of the radiology department and other departments, especially the intensive care unit and emergency department, the transmission and sharing of medical images has become a critical issue. Our research group has developed a Java-based Distributed Object Medical Imaging Model(DOMIM) to facilitate the rapid development and deployment of medical imaging applications in a distributed environment that can be shared and used by related departments and mobile physiciansDOMIM is a unique suite of multimedia telemedicine applications developed for the use by medical related organizations. The applications support realtime patients’ data, image files, audio and video diagnosis annotation exchanges. The DOMIM enables joint collaboration between radiologists and physicians while they are at distant geographical locations. The DOMIM environment consists of heterogeneous, autonomous, and legacy resources. The Common Object Request Broker Architecture (CORBA), Java Database Connectivity (JDBC), and Java language provide the capability to combine the DOMIM resources into an integrated, interoperable, and scalable system. The underneath technology, including IDL ORB, Event Service, IIOP JDBC/ODBC, legacy system wrapping and Java implementation are explored. This paper explores a distributed collaborative CORBA/JDBC based framework that will enhance medical information management requirements and development. It encompasses a new paradigm for the delivery of health services that requires process reengineering, cultural changes, as well as organizational changes