Debugging Scandal: The Next Generation

In 1997, the general lack of debugging tools was termed "the debugging scandal". Today, as new languages are emerging to support software evolution, once more debugging support is lagging. The powerful abstractions offered by new languages are compiled away and transformed into complex synthetic structures. Current debugging tools only allow inspection in terms of this complex synthetic structure; they do not support observation of program executions in terms of the original development abstractions. In this position paper, we outline this problem and present two emerging lines of research that ease the burden for debugger implementers and enable developers to debug in terms of development abstractions. For both approaches we identify language-independent debugger components and those that must be implemented for every new language. One approach restores the abstractions by a tool external to the program. The other maintains the abstractions by using a dedicated execution environment, supporting the relevant abstractions. Both approaches have the potential of improving debugging support for new languages. We discuss the advantages and disadvantages of both approaches, outline a combination thereof and also discuss open challenges

Run-time and Atomic Weaving of Distributed Aspects

There is an increasing need for dynamic and context-sensitive adaptation of distributed applications in order to dynamically cope with evolving requirements of the usage context. To support dynamic and context-sensitive adaptation, we propose an aspect-oriente architecture that weaves and unweaves aspects at run-time on demand of the usage context. The goal of this report is to explore and solve the atomicity issues that appear when distributed aspects are woven at run-time. Run-time weaving of distributed aspects, if performed without any support for atomicity, may endanger the global behavioral integrity of the application. Existing aspect-oriented middlewares lack support for atomic weaving of distributed aspects. This lack stems from the absence of appropriate internode coordination protocols at the level of the underlying runtime support of these middlewares. The contribution of this report is the design and implementation of a middleware, named Lasagne, that supports runtime weaving of distributed aspects in an atomic way. As a result, Lasagne is very well suited for coordinating cross-node and crosslayer adaptations in a distributed system. We present a detailed overview of Lasagne’s run-time weaving model and the design of the Lasagne middleware

Component-Based Open Middleware Supporting Aspect-Oriented Software Composition

Abstract. State-of-the-art middleware for component-based distributed applications requires openness to support a broad and varying range of services. It also requires powerful and maintainable composition between application logic and middleware services. In this paper we describe Dy-MAC (Dynamic Middleware with Aspect-Components), a component and aspect-based middleware framework that supports component-based development of middleware services and offers the power of aspect-oriented composition to connect the application logic to the middleware services. We discuss the issue of a lack of expressive power in the contracts of components and aspects when combining component-based and stateof-the-art aspect-oriented development. We describe how the DyMAC framework offers a component model that solves this problem with aspect integration contracts.

Toward efficient and confidentiality-aware federation of access control policies

This paper presents our work in progress on efficient and confidentiality-aware access control for Software-as-a-Service applications. In SaaS, a tenant organization rents access to a shared, typically web-based application. Access control for these applications requires large amounts of fine-grained data, also from the remaining on-premise applications, of which often sensitive application data. With current SaaS applications the provider evaluates both provider and tenant policies. This forces the tenant to disclose its sensitive access control data and limits policy evaluation performance by having to fetch this data. To address these challenges, we propose to decompose the tenant policies and deploy them across tenant and provider in order to evaluate parts of the policies near the data they require as much as possible, while taking into account the tenant confidentiality constraints. We present a policy decomposition algorithm based on a general attribute-based policy model and describe a supporting middleware system. In the future, we plan to refine this work and evaluate the impact on performance using real-life policies from research projects. © 2012 ACM.status: publishe

Middleware for efficient and confidentiality-aware federation of access control policies

Software-as-a-Service (SaaS) is a type of cloud computing in which a tenant rents access to a shared, typically web-based application hosted by a provider. Access control for SaaS should enable the tenant to control access to data that are located at the provider side, based on tenant-specific access control policies. Moreover, with the growing adoption of SaaS by large enterprises, access control for SaaS has to integrate with on-premise applications, inherently leading to a federated set-up. However, in the state of the art, the provider completely evaluates all policies, including the tenant policies. This (i) forces the tenant to disclose sensitive access control data and (ii) limits policy evaluation performance by having to fetch this policy-specific data. To address these challenges, we propose to decompose the tenant policies and evaluate the resulting parts near the data they require as much as possible while keeping sensitive tenant data local to the tenant environment. We call this concept policy federation. In this paper, we motivate the need for policy federation using an in-depth case study analysis in the domain of e-health and present a policy federation algorithm based on a widely-applicable attribute-based policy model. Furthermore, we show the impact of policy federation on policy evaluation time using the policies from the case study and a prototype implementation of supporting middleware. As shown, policy federation effectively succeeds in keeping the sensitive tenant data confidential and at the same time improves policy evaluation time in most cases.status: publishe

Multi-stage aspect-oriented composition of component-based applications

The creation of distributed applications requires sophisticated compositions, as various components --- supporting application logic or non-functional requirements --- must be assembled and configured in an operational application. Aspect-oriented middleware has contributed to improving the modularization of such complex applications, by supporting a component model that offers aspect-oriented composition alongside the traditional composition of provided and required interfaces. One of the recent advances in AO middleware is the ability to express dynamic compositions that depend on the evaluation of available context information --- some of this information may only be available at deployment time. The search for high level composition mechanisms is an ongoing track in the research community, yet the composition logic of a real world application remains complex and it would greatly pay off if composition logic --- traditionally encoded in monolithic deployment descriptors --- could be reused over ranges of applications and even be gradually refined for specific applications. This paper presents M-Stage, an AO component and composition model that supports the reuse and adaptation of compositions in distributed applications that are built on AO middleware. We illustrate the power of M-Stage by applying the model in a realistic distributed application where we analyze the reuse and adaptation potential of the M-Stage model.status: publishe

Advanced monitoring and smart auto-scaling of NoSQL systems

Recent years have shown that RDBMS systems do not always meet the performance and scalability requirements of today's applications. Horizontal scalability is hindered by the ACID properties and the normalized data model these systems use. For this reason, a whole new range of database systems (NoSQL systems) has emerged. This paper focusses on eventual consistent storage systems, which have a certain inconsistency window after an update. Within this window different replicas contain a different version of a certain data item. While RDBMS systems provide strong transactional semantics, this is not the case for eventual consistent storage systems. The level of consistency is often configurable, but figuring out the optimal configuration is not a trivial task. Next to that, recent research has shown that the size of the inconsistency window can change over time, considering a fixed configuration. In this Phd research we envision a solution where all consistency-related parameters are managed by an SLA-driven autonomous system. Continuously monitoring the size of the inconsistency window allows dynamic reconfiguration and re-provisioning of the database cluster to keep the inconsistency window under a certain limit. As such, more guarantees can be provided to the application programmer.status: publishe