Adventures with portability

In this paper we describe the issues we are facing, and some of the solutions we have developed, in porting a complex multi-component simulation model of pastoral dairy-farming scenarios for execution on a high-performance Linux cluster. This exercise is part of a wider goal to develop and implement global optimization procedures for this model which necessarily require very large numbers of simulations to be executed. The structure of the model poses some particularly interesting challenges as it consists of a strongly object-oriented VisualWorks Smalltalk framework which instantiates third-party "component sub-models", written in a variety of standard (e.g. Fortran, C) and proprietary (e.g. ACSL, ObjectPascal) languages, to represent the functionality of the real-world farm sub-systems. Furthermore, it was unfortunately originally constrained to being implemented in a Microsoft Windows environment and made heavy use of the Microsoft COM/DCOM protocol for communication between objects. Although still in the early stages of on-going work, the techniques developed and lessons learned should be relevant to aspects of other situations where there is a requirement to run "legacy applications" on high-performance clusters

Implementation of an API for distributed communication between processes in closed contexts

Dissertação de mestrado integrado em Engenharia de ComunicaçõesExistem atualmente diversas Application Programming Interfaces (APIs) que ajudam na programação de aplicações distribuídas. Na maior parte dos casos, estas utilizam de forma in exível um único tipo de protocolo aplicacional e interface, cando dependente dos protocolos de transporte já existentes e do sistema operativo. Para o programador, a stack de protocolos e o tipo de interface têm que ser decididos explicitamente antes do estabelecimento da comunicação entre os processos. Algumas APIs facilitam a programação ocultando alguns aspetos espec í cos dos mecanismos e protocolos de comunicação utilizados, disponibilizando uma interface mais homogeneizada. No entanto, a programação continua a não ser totalmente transparente e independente dos protocolos de comunicação utilizados, dos sistemas operativos e da localização relativa dos processos comunicantes. Além disso, estas APIs não tomam decisões sobre o mecanismo de comunicação a utilizar quando existem várias alternativas possíveis, sendo esta decisão da responsabilidade do programador. Num contexto de implementação de simuladores distribuídos e modulares para protocolos de redes de computadores e sistemas de comunicação, seria vantajoso poder-se utilizar uma API para comunicação dos processos de simulação que disponibilizasse apenas um único interface de programação e que decidisse de forma transparente o mecanismo ou protocolo comunicacional mais e ciente, tendo em conta a localização relativa dos processos. Nesta dissertação são abordadas as soluções semelhantes já existentes e é estudada uma API que pretende preencher estas lacunas. A arquitetura desta API será depois apresentada, assim como uma solução com base na investigação realizada. Por m, os resultados dos testes serão analizados e a conclusão apresentada. Esta dissertação foi desenvolvida no contexto do projeto RoutUM, um simulador de redes de computadores atualmente a ser desenvolvido pela Universidade do Minho.There are several Application Programming Interfaces (APIs) available to simplify the development of distributed applications. In most cases, they invariably use one type of application protocol and interface, being dependent of the existing transport protocols and operating system. To the programmer, the protocol stack and the type of interface must be explicitly chosen before initiating communication between processes. Some APIs simplify programming by hiding some speci c aspects about the communication protocols and mechanisms, revealing a more homogenized interface. However, the programming is still not completely transparent and independent from the communication protocols, the operating system and the relative location of the communicating processes. Also, they are unable to decide which communication mechanism to be used when there are several available possibilities, leaving that responsibility to the programmer. On the context of implementation of distributed and modular simulators for network protocols and communication systems, it would be desirable to be able to use an API that would allow communication between the processes while providing only one programming interface. It would then transparently decide the most e cient mechanism or communication protocol from the relative location of the communicating processes. This dissertation will present and discuss the currently available solutions and the problems associated with the development of an API which attempts to ll the missing features indicated above. The API's architecture will then be shown and developed into a solution based on the results from the investigation. In the end, this solution will be tested and the nal results will be presented. This dissertation was developed in the context of the RoutUM project, a network simulator being currently developed in the University of Minho

ACMiner: Extraction and Analysis of Authorization Checks in Android's Middleware

Billions of users rely on the security of the Android platform to protect phones, tablets, and many different types of consumer electronics. While Android's permission model is well studied, the enforcement of the protection policy has received relatively little attention. Much of this enforcement is spread across system services, taking the form of hard-coded checks within their implementations. In this paper, we propose Authorization Check Miner (ACMiner), a framework for evaluating the correctness of Android's access control enforcement through consistency analysis of authorization checks. ACMiner combines program and text analysis techniques to generate a rich set of authorization checks, mines the corresponding protection policy for each service entry point, and uses association rule mining at a service granularity to identify inconsistencies that may correspond to vulnerabilities. We used ACMiner to study the AOSP version of Android 7.1.1 to identify 28 vulnerabilities relating to missing authorization checks. In doing so, we demonstrate ACMiner's ability to help domain experts process thousands of authorization checks scattered across millions of lines of code

Improving the Performance of Wide Area Networks

Research in to the performance of wide area data networks is described in this thesis. A model of wide area network packet delays is developed and used to direct the research in to methods of improving performance. Wide area networks are slow and expensive compared to the computer systems that rely on them for communication. Typically data networks are packet switched in order to make efficient use of resources. This can lead to contention, and the mechanisms for resolving contention can bring about further delays when demand for resources is high. In this thesis, network users are viewed as interacting decision makers with conflicting interests, and Game Theory is used to analyse the effects users have on each other’s performance. It is asserted in this thesis that wide area network performance is an ethical issue as well as a technical one. Compression is examined as a technique for reducing network traffic load. While load reductions can reduce the time packets spend waiting in buffer queues experimental results show the compression process itself can present a bottleneck if CPU resources are limited. The other inhibiting factor with regard to wide area network performance is the time it takes for a signal to propagate through a transmission medium. Propagation delays are bounded by the speed of light and becomes significant as the distance between computer systems increases. Mirrors and Caches are methods of bringing data closer to the user, thereby reducing propagation delays and capping traffic loads on long haul communication facilities. The performance benefits of replicating data within a wide area network environment are studied in this thesis