Update propagation algorithms for supporting disconnected write in mobile wireless systems with data broadcasting capability

We develop and analyze algorithms for propagating updates by mobile hosts in wireless client-server environments that support disconnected write operations, with the goal of minimizing the tuning time for update propagation to the server. These algorithms allow a mobile host to update cached data objects while disconnected and propagate the updates to the server upon reconnection for conflict resolutions. We investigate two algorithms applicable to mobile systems in which invalidation reports/data can be broadcast to mobile hosts periodically. We show that there exists an optimal broadcasting period under which the tuning time is minimized for update propagations. We perform a comparative analysis between these two update propagation algorithms that rely on broadcasting data and an algorithm that does not, and identify conditions under which an algorithm should be applied to reduce the total tuning time for update propagation by the mobile user to save the valuable battery power and avoid high communication cost. For real-time applications, we address the tradeoff between tuning time and access time with the goal to select the best update propagation algorithm that can minimize the tuning time while satisfying the imposed real-time deadline constraint. The analysis result is applicable to file/data objects that mobile users may need to modify while on the move

A Note for the Ideal Order-Preserving Encryption Object and Generalized Order-Preserving Encryption

Order-preserving encryption (OPE) preserves the order of data in their ciphertexts and, hence, allows range search on the encrypted data without needing to decrypt them. Security analysis of OPE schemes is very important because OPE is not a perfect encryption algorithm (the ciphertexts leak the ordering information of the plaintexts). Most of the existing security analysis for the OPE schemes are informal: they are either based on author-defined attacks or experiments. The authors in \cite{Bol09} initiate the cryptographic study of the OPE scheme. They define the security notion POPF-CCA to qualify the security of OPE. In POPF-CCA, the ``ideal OPE object is defined where the encryption function is uniformly randomly selected from all order-preserving functions (generally the ``ideal OPE object is not computationally feasible), and a (constructed) ``real OPE scheme is secure under POPF-CCA if it is computationally indistinguishable from the ideal object. In other words, although the ``ideal OPE object is not computationally feasible, it is used as the security goal, and a (constructed) ``real OPE scheme is secure if it is as secure as the ``ideal OPE object. Such approach conceives the assumption (but not clearly stated and proved) that the ``ideal OPE object is the most secure OPE. But the correctness of the assumption is an easily ignored problem. In this paper, we investigate the security of the OPE in more depth. We first give example to show that the ``ideal OPE object may not always be the most secure OPE. It indicates that we need to use the ``ideal encryption object more cautiously in the security analysis of OPE. Additionally we extend the concept of OPE to generalized OPE (GOPE). Unlike OPE, the ciphertexts of GOPE may not be numbers, but GOPE still enables the comparisons on the encrypted data without needing to decrypt them. We present two GOPEs in polynomial-sized and superpolynomial-sized domains that satisfy stronger notions of security than that of the ideal OPE object, respectively

Security Analysis and Enhancement for Prefix-Preserving Encryption Schemes

Prefix-preserving encryption (PPE) is an important type of encryption scheme, having a wide range of applications, such as IP addresses anonymization, prefix-matching search, and rang search. There are two issues in PPE schemes, security proof and single key requirement. Existing security proofs for PPE only reduce the security of a real PPE scheme to that of the ideal PPE object by showing their computational indistinguishability \cite{Ama07,Xu02}. Such security proof is incomplete since the security of the ideal encryption object is unknown. Also, existing prefix-preserving encryption schemes only consider a single encryption key, which is infeasible for a practical system with multiple users (Implying that all users should have the single encryption key in order to encrypt or decrypt confidential data). In this paper we develop a novel mechanism to analyze the security of the ideal PPE object. We follow the modern cryptographic approach and create a new security notion IND-PCPA. Then, we show that such weakened security notion is necessary and the ideal PPE object is secure under IND-PCPA. We also design a new, security-enhanced PPE protocol to support its use in multi-user systems, where no single entity in the system knows the PPE key. The protocol secret shares and distributes the PPE key to a group of key agents and let them ``distributedly encrypt\u27\u27 critical data. We develop a novel distributed PPE algorithm and the corresponding request and response protocols. Experimental results show that the protocol is feasible in practical systems

Extending Order Preserving Encryption for Multi-User Systems

Several order preserving encryption (OPE) algorithms have been developed in the literature to support search on encrypted data. However, existing OPE schemes only consider a single encryption key, which is infeasible for a practical system with multiple users (implying that all users should have the single encryption key in order to encrypt or decrypt confidential data). In this paper, we develop the first protocols, DOPE and OE-DOPE, to support the use of OPE in multi-user systems. First, we introduce a group of key agents into the system and invent the DOPE protocol to enable “distributed encryption” to assure that the OPE encryption key is not known by any entity in the system. However, in DOPE, if a key agent is compromised, the share of the secret data that is sent to this key agent is compromised. To solve the problem, we developed a novel oblivious encryption (OE) protocol based on the oblivious transfer concept to deliver and encrypt the shares obliviously. Then, we integrate it with DOPE to obtain the OE-DOPE protocol. Security of OE-DOPE is further enhanced with additional techniques. Both DOPE and OE-DOPE can be used with any existing OPE algorithms while retaining all the advantages of OPE without requiring the users to share the single encryption key, making the OPE approach feasible in practical systems

Apoptosis induction in BEFV-infected Vero and MDBK cells through Src-dependent JNK activation regulates caspase-3 and mitochondria pathways

Our previous report demonstrated that bovine ephemeral fever virus (BEFV)-infected cultured cells could induce caspase-dependent apoptosis. This study aims to further elucidate how BEFV activates the caspase cascade in bovine cells. BEFV replicated and induced apoptosis in Vero and Madin-Darby bovine kidney (MDBK) cells, and a kinetic study showed a higher efficiency of replication and a greater apoptosis induction ability of BEFV in Vero cells. Src and c-Jun N-terminal kinase (JNK) inhibitor, but not extracellular signal-regulated kinase (ERK) or p38 inhibitor, alleviated BEFV-mediated cytopathic effect and apoptosis. In BEFV-infected Vero and MDBK cells, BEFV directly induced Src tyrosine-418 phosphorylation and JNK phosphorylation and kinase activity, which was inhibited specifically by SU6656 and SP600125, respectively. The caspase cascade and its downstream effectors, Poly (ADP-ribose) polymerase (PARP) and DFF45, were also activated simultaneously upon BEFV infection. In addition, cytochrome c, but not Smac/DIABLO, was released gradually from mitochondria after BEFV infection. SU6656 suppressed Src, JNK, and caspase-3 and -9 activation, as well as PARP and DFF45 cleavage; SP600125 reduced JNK and caspase-3 and -9 activation, as well as PARP and DFF45 cleavage. Taken together, these results strongly support the hypothesis that a Src-dependent JNK signaling pathway plays a key role in BEFV-induced apoptosis. The molecular mechanism identified in our study may provide useful information for the treatment of BEFV

An on-line repository for embedded software

Abstract The use of off-the-shelf components (COTS) can significantly reduce the time and cost of developing largescale software systems. However, there are some difficult problems with the component-based approach. First, the developers have to be able to effectively retrieve components. This requires the developers to have an extensive knowledge of available components and how to retrieve them. After identifying the components, the developers also face a steep learning curve to master the use of these components. We are developing an On-line Repository for Embedded Software (ORES) to facilitate component management and retrieval. In this paper, we address the issues of designing software repository systems to assist users in obtaining appropriate components and learning to understand and use the components efficiently. We use an ontology to construct an abstract view of the organization of the components in ORES. The ontology structure facilitates repository browsing and effective sea rch. We also develop a set of tools to assist with component comprehension, including a tutorial manager and a component explorer

Integrating Clustering and Regression for Workload Estimation in the Cloud

Workload prediction has been widely researched in the literature. However, existing techniques are per‐job based and useful for service‐like tasks whose workloads exhibit seasonality and trend. But cloud jobs have many different workload patterns and some do not exhibit recurring workload patterns. We consider job‐pool‐based workload estimation, which analyzes the characteristics of existing tasks' workloads to estimate the currently running tasks' workload. First cluster existing tasks based on their workloads. For a new task J, collect the initial workload of J and determine which cluster J may belong to, then use the cluster's characteristics to estimate J′s workload. Based on the Google dataset, the algorithm is experimentally evaluated and its effectiveness is confirmed. However, the workload patterns of some tasks do have seasonality and trend, and conventional per‐job‐based regression methods may yield better workload prediction results. Also, in some cases, some new tasks may not follow the workload patterns of existing tasks in the pool. Thus, develop an integrated scheme which combines clustering and regression and utilize the best of them for workload prediction. Experimental study shows that the combined approach can further improve the accuracy of workload prediction