Scalable and Highly Available Database Systems in the Cloud

Cloud computing allows users to tap into a massive pool of shared computing resources such as servers, storage, and network. These resources are provided as a service to the users allowing them to “plug into the cloud” similar to a utility grid. The promise of the cloud is to free users from the tedious and often complex task of managing and provisioning computing resources to run applications. At the same time, the cloud brings several additional benefits including: a pay-as-you-go cost model, easier deployment of applications, elastic scalability, high availability, and a more robust and secure infrastructure. One important class of applications that users are increasingly deploying in the cloud is database management systems. Database management systems differ from other types of applications in that they manage large amounts of state that is frequently updated, and that must be kept consistent at all scales and in the presence of failure. This makes it difficult to provide scalability and high availability for database systems in the cloud. In this thesis, we show how we can exploit cloud technologies and relational database systems to provide a highly available and scalable database service in the cloud. The first part of the thesis presents RemusDB, a reliable, cost-effective high availability solution that is implemented as a service provided by the virtualization platform. RemusDB can make any database system highly available with little or no code modifications by exploiting the capabilities of virtualization. In the second part of the thesis, we present two systems that aim to provide elastic scalability for database systems in the cloud using two very different approaches. The three systems presented in this thesis bring us closer to the goal of building a scalable and reliable transactional database service in the cloud

Database development and intranet based image included database management system for ballistic firearm identification system

The process of imaging, collecting and searching a cartridge case to identifying its suspected firearm is a time consuming procedure. Within this study, a cartridge case identification database management system in an Intranet environment is designed and implemented, thus enabling firearm examiners from different forensic laboratories to engage firearm identification without the constraints of time and location. Specifically, the study investigates appropriate database management system for image involved and Intranet secured ballistics firearm identification database. The results demonstrated that a computerized firearm identification system could be implemented in Intranet with a secure, scalable, performable Intranet database management system

A method for securing online community service: A study of selected Western Australian councils

Since the Internet was made publicly accessible, it has become increasingly popular and its deployment has been broad and global thereby facilitating a range of available online services such as Electronic Mail (email), news or bulletins, Internet Relay Chat (IRC) and World Wide Web (WWW). Progressively, other online services such as telephony, video conference, video on demand, Interactive Television (ITV) and Geographic Information System (GIS) have been integrated with the Internet and become publicly available. Presently, Internet broadband communication services incorporating both wired and wireless network technologies has seen the emergence of the concept of a digital community which has been growing and expanding rapidly around the world. Internet and the ever expanding online services to the wider digital community has raised the issue of security of these services during usage. Most local councils throughout Western Australia have resorted to delivering online services such as library, online payments and email accessibility. The provision and usage of these services have inherent security risks. Consequently, this study investigated the concept of a secure digital community in the secure provision and usage of these online services in selected local councils in Western Australia (WA). After an extensive review of existing literature, information security frameworks were derived from the adaptation of various resources, such as the OSSTMM 2.2 Section C: Internet Technology Security benchmark which was used as the main template. In addition, this template was enhanced into a framework model by incorporating other benchmarks such as NIST, CIS, ISSAF as well as other sources of information. These included information security related books, related ICT network and security websites such as CERT, CheckPoint, Cisco, GFI, Juniper, MS, NESSUS and NMAP together with journals and personal interviews. The proposed information security frameworks were developed to enhance the level of security strength of the email and online web systems as well as to increase the level of confidence in the system security within the selected local councils in WA. All the investigative studies were based upon the available selected local councils’ data and the associated analyses of the results as obtained from the testing software. In addition, the interpretive multiple-case study principles were used during the investigation to achieve or fulfil the purpose of this study. The findings from this study were then abstracted for use in a framework and made available for use as a model for possible adaptation and implementation to other similarly structured councils or organisations. As a result, the study confirmed that the proposed information security frameworks have the capability and potential to improve the level of security strength. In addition, the level of satisfaction and confidence of council staff of the selected local councils in WA in the system security would also be increased due to the application of these frameworks. Although these information security frameworks may be recommended as practical and supporting tools for local councils, the findings from this study were specific only to the selected local councils used in this study. Further research using other councils, may be necessary in order for the information security frameworks to be adopted within a wider range of councils or organisations in WA or elsewhere

Performance Implications of Using Diverse Redundancy for Database Replication

Using diverse redundancy for database replication is the focus of this thesis. Traditionally, database replication solutions have been built on the fail-stop failure assumption, i.e. that crashes are believed to cause a majority of failures. However, recent findings refuted this common assumption, showing that many of the faults cause systematic non-crash failures. These findings demonstrate that the existing, non-diverse database replication solutions, which use the same database server products, are ineffective fault-tolerant mechanisms. At the same time, the findings motivated the use of diverse redundancy (when different database server products are used) as a promising way of improving dependability. It seems that using a fault-tolerant server, built with diverse database servers, would deliver improvements in availability and failure rates compared with the individual database servers or their replicated, non-diverse configurations. Besides the potential for improving dependability, one would like to evaluate the performance implications of using diverse redundancy in the context of database replication. This is the focal point of the research. The work performed to that end can be summarised as follows: - We conducted a substantial performance evaluation of database replication using diverse redundancy. We compared its performance to the ones of various non-diverse configurations as well as non-replicated databases. The experiments revealed systematic differences in behaviour of diverse servers. They point to the potential for performance improvement when diverse servers are used. Under particular workloads diverse servers performed better than both non-diverse and non-replicated configurations. - We devised a middleware-based database replication protocol, which provides dependability assurance and guarantees database consistency. It uses an eager update everywhere approach for replica control. Although we focus on the use of diverse database servers, the protocol can be used with the database servers from the same vendor too. We provide the correctness criteria of the protocol. Different regimes of operation of the protocol are defined, which would allow it to be dynamically optimised for either dependability or performance improvements. Additionally, it can be used in conjunction with high-performance replication solutions. - We developed an experimental test harness for performance evaluation of different database replication solutions. It enabled us to evaluate the performance of the diverse database replication protocol, e.g. by comparing it against known replication solutions. We show that, as expected, the improved dependability exhibited by our replication protocol carries a performance overhead. Nevertheless, when optimised for performance improvement our protocol shows good performance. - In order to minimise the performance penalty introduced by the replication we propose a scheme whereby the database server processes are prioritised to deliver performance improvements in cases of low to modest resource utilisation by the database servers. - We performed an uncertainty-explicit assessment of database server products. Using an integrated approach, where both performance and reliability are considered, we rank different database server products to aid selection of the components for the fault-tolerant server built out of diverse databases

DIGITAL FORENSIC ARTIFACTS OF SQLITE-BASED WINDOWS 1 0 APPLICATIONS

O Windows 10 é um dos Operating System (OS) mais populares e utilizado. Contém vários serviços, como o Windows Push Notification Services (WNS) e o Timeline, que usam bases de dados SQLite. O Windows 10 tem também uma plataforma, Universal Windows Platform (UWP), para suportar o desenvolvimento de aplicações. As aplicações desta plataforma podem guardar os seus dados em bases de dados SQLite, como o Photos da Microsoft e o Messenger do Facebook. Esta dissertação estuda, numa perspetiva de análise digital forense, dois componentes do Windows 10, o ambiente Your Phone, e o WNS. O primeiro consiste de uma aplicação Android, Your Phone Companion (YPC), e uma aplicação UWP, Your Phone. O último é um sistema do Windows 10 que disponibiliza o serviço de notificações. No âmbito desta dissertação foram desenvolvidos scripts para analisar esses componentes, extraindo-se os artefactos forenses considerados mais relevantes. As soluções desenvolvidas estão integradas com o conhecido software de análise forense Autopsy. Para ajudar a desenvolver e manter estas soluções de forense digital que analisam artefactos produzidos por aplicações UWP, foi desenvolvido o UWP scanner. Tratase de um analisador de aplicações focado na deteção de alterações ao nível das bases de dados SQLite empregue por aplicações UWP. Esta ferramenta ajuda a manter um histórico da evolução das bases de dados utilizadas por certas aplicações UWP

The Architecture of an Autonomic, Resource-Aware, Workstation-Based Distributed Database System

Distributed software systems that are designed to run over workstation machines within organisations are termed workstation-based. Workstation-based systems are characterised by dynamically changing sets of machines that are used primarily for other, user-centric tasks. They must be able to adapt to and utilize spare capacity when and where it is available, and ensure that the non-availability of an individual machine does not affect the availability of the system. This thesis focuses on the requirements and design of a workstation-based database system, which is motivated by an analysis of existing database architectures that are typically run over static, specially provisioned sets of machines. A typical clustered database system -- one that is run over a number of specially provisioned machines -- executes queries interactively, returning a synchronous response to applications, with its data made durable and resilient to the failure of machines. There are no existing workstation-based databases. Furthermore, other workstation-based systems do not attempt to achieve the requirements of interactivity and durability, because they are typically used to execute asynchronous batch processing jobs that tolerate data loss -- results can be re-computed. These systems use external servers to store the final results of computations rather than workstation machines. This thesis describes the design and implementation of a workstation-based database system and investigates its viability by evaluating its performance against existing clustered database systems and testing its availability during machine failures.Comment: Ph.D. Thesi

Secure data communication over mobile devices in health networks.

The continuous developments in the field of mobile computing have made it possible to use mobile devices for healthcare applications. These devices can be used by healthcare providers to collect and share patients' medical data. However, with increasing adoption of mobile devices that carry confidential data, organizations need to secure the data from unauthorized users and mobile device theft. When unencrypted data is transmitted from one device to another it faces various security threats from malicious code, unsecure networks, unauthorized access, and data theft. The objective of this research is to develop a secure data sharing solution customized for healthcare environments, which would allow authorized users to securely access and share patients' data over mobile devices. We identify the vulnerable locations in mobile communication network that can possibly be exploited by unauthorized users or malicious code to access the confidential data, and develop an efficient security protocol that provides end to end data protection without compromising device's performance. To demonstrate the feasibility of our proposed data sharing architecture, a prototype customized for Point-of-Care-Testing (POCT) scenarios was built in collaboration with Northern Health, Prince George. Simulations were performed to analyze and validate our solution against the pre-defined requirement criteria. --P. ii.The original print copy of this thesis may be available here: http://wizard.unbc.ca/record=b178382

Serializable Isolation for Snapshot Databases

Many popular database management systems implement a multiversion concurrency control algorithm called snapshot isolation rather than providing full serializability based on locking. There are well-known anomalies permitted by snapshot isolation that can lead to violations of data consistency by interleaving transactions that would maintain consistency if run serially. Until now, the only way to prevent these anomalies was to modify the applications by introducing explicit locking or artificial update conflicts, following careful analysis of conflicts between all pairs of transactions. This thesis describes a modification to the concurrency control algorithm of a database management system that automatically detects and prevents snapshot isolation anomalies at runtime for arbitrary applications, thus providing serializable isolation. The new algorithm preserves the properties that make snapshot isolation attractive, including that readers do not block writers and vice versa. An implementation of the algorithm in a relational database management system is described, along with a benchmark and performance study, showing that the throughput approaches that of snapshot isolation in most cases

A Framework for the Automatic Physical Configuration and Tuning of a Mysql Community Server

Manual physical configuration and tuning of database servers, is a complicated task requiring a high level of expertise. Database administrators must consider numerous possibilities, to determine a candidate configuration for implementation. In recent times database vendors have responded to this problem, providing solutions which can automatically configure and tune their products. Poor configuration choices, resulting in performance degradation commonplace in manual configurations, have been significantly reduced in these solutions. However, no such solution exists for MySQL Community Server. This thesis, proposes a novel framework for automatically tuning a MySQL Community Server. A first iteration of the framework has been built and is presented in this paper together with its performance measurements