uFLIP: Understanding Flash IO Patterns

Does the advent of flash devices constitute a radical change for secondary storage? How should database systems adapt to this new form of secondary storage? Before we can answer these questions, we need to fully understand the performance characteristics of flash devices. More specifically, we want to establish what kind of IOs should be favored (or avoided) when designing algorithms and architectures for flash-based systems. In this paper, we focus on flash IO patterns, that capture relevant distribution of IOs in time and space, and our goal is to quantify their performance. We define uFLIP, a benchmark for measuring the response time of flash IO patterns. We also present a benchmarking methodology which takes into account the particular characteristics of flash devices. Finally, we present the results obtained by measuring eleven flash devices, and derive a set of design hints that should drive the development of flash-based systems on current devices.Comment: CIDR 200

The legal protection of databases from copyright to dataright.

PhDThe vast and sweeping developments, which have occurred recently in the fields of computers, telecommunications and information technologies have stimulated the formation of a new global market of electronic information services and products, in which databases are principal components. Within the context of Intellectual Property Law, these advances challenge the traditional legal rules, resulting in ongoing reforms for adapting the law of intellectual property to the novel environment. Initiatives discussed in this study for determining the appropriate international legal standards for the protection of databases are the Agreement on Trade Related Aspects of Intellectual Property (1994), the present discussions in the World Intellectual Property Organisation (WIPO), and the European Union's Directive on the Legal Protection of Databases (1996). The last initiative constitutes the most comprehensive attempt to resolve the issues involved in the protection of databases within the realm of intellectual property law. A particular reference is made to international copyright law and its adequacy to provide a suitable legal regime for the protection of databases. Furthermore, the rules of database copyright law, as applied in the United Kingdom and the United States, are examined and compared in the light of the anticipated reforms derived from the above-mentioned initiatives. From these explorations, the thesis concludes that copyright law has a limited application in the protection of databases. Moreover, the copyright regime as applied to databases can lead to under-protection of certain databases and over-protection of others. Therefore, a tailor-made intellectual property regime, termed in this study as dataright, must be developed as an adequate response. The dataright regime as introduced in the above European Union Database Directive is thoroughly examined and compared to proposals made by WIPO and by the United States Congress, as well as to alternative models of database protection. The quest for the adequate dataright system is considered as a balance of rights among database producers and users to the extent that incentives for database creation and dissemination are secured without excessive effects on access to information and free competition. The debate of how to achieve this balance has focused on whether the appropriate approach is to adopt unfair competition law, or to introduce a sui generis exclusive-right regime. The thesis demonstrates that whichever starting point is adopted, the results are substantially similar on fundamental points. The research concludes with detailed suggestions towards the adoption of a proposed Dataright Treaty, thus reconciling competing approaches and producing an international database protection system, which is a necessity for the functioning of the global information market

Data Degradation: Making Private Data Less Sensitive Over Time

Trail disclosure is the leakage of privacy sensitive data, resulting from negligence, attack or abusive scrutinization or usage of personal digital trails. To prevent trail disclosure, data degradation is proposed as an alternative to the limited retention principle. Data degradation is based on the assumption that long lasting purposes can often be satisfied with a less accurate, and therefore less sensitive, version of the data. Data will be progressively degraded such that it still serves application purposes, while decreasing accuracy and thus privacy sensitivity

uFLIP: Understanding the Energy Consumption of Flash Devices

International audienceUnderstanding the energy consumption of flash devices is important for two reasons. First, energy is emerging as a key metric for data management systems. It is thus important to understand how we can reason about the energy consumption of flash devices beyond their approximate aggregate consumption (low power consumption in idle mode, average Watt consumption from the data sheets). Second, when measured at a sufficiently fine granularity, the energy consumption of a given device might complement the performance characteristics derived from its response time profile. Indeed, background work which is not directly observable with a response time profile appears clearly when energy is used as a metric. In this paper, we discuss the results from the uFLIP benchmark applied to four different SSD devices using both response time and energy as metric

Défauts d'intégrité contextuelle liés à la collecte de données personnelles par des applications de médias sociaux sur Android

Les applications de médias sociaux démultiplient le volume de données contextuelles collectées corrélant numérique et environnement physique en temps réel. Cela a de nombreuses conséquences, encore peu appréhendées, pouvant porter atteinte à la vie privée de leurs usagers. Nous explorons la notion d’« intégrité contextuelle » lors de la collecte de données de dix applications hégémoniques de médias sociaux sur la plateforme mobile Android. À savoir, nous évaluons l’écart entre les attentes d’un utilisateur et l’accès effectif aux ressources du mobile et à ses données personnelles. Ce mémoire présente trois études complémentaires : 1. une étude a priori qui permet de cerner les pratiques de collecte annoncées (politiques de confidentialité, autorisations et permissions); 2. une analyse pratique qui instrumente le mobile pour recueillir la fréquence et les circonstances d’accès aux ressources de localisation et de messagerie texte, régulées par des autorisations; 3. une étude de la viabilité d’une solution permettant à l’utilisateur de paramétrer les permissions concédées aux applications en fonction du contexte d’utilisation. Nous mettons en lumière des défauts d’intégrité contextuelle, tant au niveau de l’étude a priori (politiques peu claires, incohérences, défauts structurels), que de l’étude pratique (captage de la localisation à chaque seconde pour certaines applications). La solution proposée permet de mitiger ces problèmes et a peu d’impact sur les fonctionnalités des applications

The Life-Cycle Policy model

Our daily life activity leaves digital trails in an increasing number of databases (commercial web sites, internet service providers, search engines, location tracking systems, etc). Personal digital trails are commonly exposed to accidental disclosures resulting from negligence or piracy and to ill-intentioned scrutinization and abusive usages fostered by fuzzy privacy policies. No one is sheltered because a single event (e.g., applying for a job or a credit) can suddenly make our history a precious asset. By definition, access control fails preventing trail disclosures, motivating the integration of the Limited Data Retention principle in legislations protecting data privacy. By this principle, data is withdrawn from a database after a predefined time period. However, this principle is difficult to apply in practice, leading to retain useless sensitive information for years in databases. In this paper, we propose a simple and practical data degradation model where sensitive data undergoes a progressive and irreversible degradation from an accurate state at collection time, to intermediate but still informative degraded states, up to complete disappearance when the data becomes useless. The benefits of data degradation is twofold: (i) by reducing the amount of accurate data, the privacy offence resulting from a trail disclosure is drastically reduced and (ii) degrading the data in line with the application purposes offers a new compromise between privacy preservation and application reach. We introduce in this paper a data degradation model, analyze its impact over core database techniques like storage, indexation and transaction management and propose degradation-aware techniques

Safe Data Sharing and Data Dissemination on Smart Devices

The erosion of trust put in traditional database servers, the growing interest for different forms of data dissemination and the concern for protecting children from suspicious Internet content are different factors that lead to move the access control from servers to clients. Several encryption schemes can be used to serve this purpose but all suffer from a static way of sharing data. In a precedent paper, we devised smarter client-based access control managers exploiting hardware security elements on client devices. The goal pursued is being able to evaluate dynamic and personalized access control rules on a ciphered XML input document, with the benefit of dissociating access rights from encryption. In this demonstration, we validate our solution using a real smart card platform and explain how we deal with the constraints usually met on hardware security elements (small memory and low throughput). Finally, we illustrate the generality of the approach and the easiness of its deployment through two different applications: a collaborative application and a parental control application on video streams