36,226 research outputs found
Micro-CernVM: Slashing the Cost of Building and Deploying Virtual Machines
The traditional virtual machine building and and deployment process is
centered around the virtual machine hard disk image. The packages comprising
the VM operating system are carefully selected, hard disk images are built for
a variety of different hypervisors, and images have to be distributed and
decompressed in order to instantiate a virtual machine. Within the HEP
community, the CernVM File System has been established in order to decouple the
distribution from the experiment software from the building and distribution of
the VM hard disk images.
We show how to get rid of such pre-built hard disk images altogether. Due to
the high requirements on POSIX compliance imposed by HEP application software,
CernVM-FS can also be used to host and boot a Linux operating system. This
allows the use of a tiny bootable CD image that comprises only a Linux kernel
while the rest of the operating system is provided on demand by CernVM-FS. This
approach speeds up the initial instantiation time and reduces virtual machine
image sizes by an order of magnitude. Furthermore, security updates can be
distributed instantaneously through CernVM-FS. By leveraging the fact that
CernVM-FS is a versioning file system, a historic analysis environment can be
easily re-spawned by selecting the corresponding CernVM-FS file system
snapshot.Comment: Conference paper at the 2013 Computing in High Energy Physics (CHEP)
Conference, Amsterda
Server Structure Proposal and Automatic Verification Technology on IaaS Cloud of Plural Type Servers
In this paper, we propose a server structure proposal and automatic
performance verification technology which proposes and verifies an appropriate
server structure on Infrastructure as a Service (IaaS) cloud with baremetal
servers, container based virtual servers and virtual machines. Recently, cloud
services have been progressed and providers provide not only virtual machines
but also baremetal servers and container based virtual servers. However, users
need to design an appropriate server structure for their requirements based on
3 types quantitative performances and users need much technical knowledge to
optimize their system performances. Therefore, we study a technology which
satisfies users' performance requirements on these 3 types IaaS cloud. Firstly,
we measure performances of a baremetal server, Docker containers, KVM (Kernel
based Virtual Machine) virtual machines on OpenStack with virtual server number
changing. Secondly, we propose a server structure proposal technology based on
the measured quantitative data. A server structure proposal technology receives
an abstract template of OpenStack Heat and function/performance requirements
and then creates a concrete template with server specification information.
Thirdly, we propose an automatic performance verification technology which
executes necessary performance tests automatically on provisioned user
environments according to the template.Comment: Evaluations of server structure proposal were insufficient in section
Biometrics-as-a-Service: A Framework to Promote Innovative Biometric Recognition in the Cloud
Biometric recognition, or simply biometrics, is the use of biological
attributes such as face, fingerprints or iris in order to recognize an
individual in an automated manner. A key application of biometrics is
authentication; i.e., using said biological attributes to provide access by
verifying the claimed identity of an individual. This paper presents a
framework for Biometrics-as-a-Service (BaaS) that performs biometric matching
operations in the cloud, while relying on simple and ubiquitous consumer
devices such as smartphones. Further, the framework promotes innovation by
providing interfaces for a plurality of software developers to upload their
matching algorithms to the cloud. When a biometric authentication request is
submitted, the system uses a criteria to automatically select an appropriate
matching algorithm. Every time a particular algorithm is selected, the
corresponding developer is rendered a micropayment. This creates an innovative
and competitive ecosystem that benefits both software developers and the
consumers. As a case study, we have implemented the following: (a) an ocular
recognition system using a mobile web interface providing user access to a
biometric authentication service, and (b) a Linux-based virtual machine
environment used by software developers for algorithm development and
submission
Building an Emulation Environment for Cyber Security Analyses of Complex Networked Systems
Computer networks are undergoing a phenomenal growth, driven by the rapidly
increasing number of nodes constituting the networks. At the same time, the
number of security threats on Internet and intranet networks is constantly
growing, and the testing and experimentation of cyber defense solutions
requires the availability of separate, test environments that best emulate the
complexity of a real system. Such environments support the deployment and
monitoring of complex mission-driven network scenarios, thus enabling the study
of cyber defense strategies under real and controllable traffic and attack
scenarios. In this paper, we propose a methodology that makes use of a
combination of techniques of network and security assessment, and the use of
cloud technologies to build an emulation environment with adjustable degree of
affinity with respect to actual reference networks or planned systems. As a
byproduct, starting from a specific study case, we collected a dataset
consisting of complete network traces comprising benign and malicious traffic,
which is feature-rich and publicly available
Transformation of Attributed Structures with Cloning (Long Version)
Copying, or cloning, is a basic operation used in the specification of many
applications in computer science. However, when dealing with complex
structures, like graphs, cloning is not a straightforward operation since a
copy of a single vertex may involve (implicitly)copying many edges. Therefore,
most graph transformation approaches forbid the possibility of cloning. We
tackle this problem by providing a framework for graph transformations with
cloning. We use attributed graphs and allow rules to change attributes. These
two features (cloning/changing attributes) together give rise to a powerful
formal specification approach. In order to handle different kinds of graphs and
attributes, we first define the notion of attributed structures in an abstract
way. Then we generalise the sesqui-pushout approach of graph transformation in
the proposed general framework and give appropriate conditions under which
attributed structures can be transformed. Finally, we instantiate our general
framework with different examples, showing that many structures can be handled
and that the proposed framework allows one to specify complex operations in a
natural way
- …