Application skeletons: Construction and use in eScience

Computer scientists who work on tools and systems to support eScience (a variety of parallel and distributed) applications usually use actual applications to prove that their systems will benefit science and engineering (e.g., improve application performance). Accessing and building the applications and necessary data sets can be difficult because of policy or technical issues, and it can be difficult to modify the characteristics of the applications to understand corner cases in the system design. In this paper, we present the Application Skeleton, a simple yet powerful tool to build synthetic applications that represent real applications, with runtime and I/O close to those of the real applications. This allows computer scientists to focus on the system they are building; they can work with the simpler skeleton applications and be sure that their work will also be applicable to the real applications. In addition, skeleton applications support simple reproducible system experiments since they are represented by a compact set of parameters.Our Application Skeleton tool (available as open source at https://github.com/applicationskeleton/Skeleton) currently can create easy-to-access, easy-to-build, and easy-to-run bag-of-task, (iterative) map-reduce, and (iterative) multistage workflow applications. The tasks can be serial, parallel, or a mix of both. The parameters to represent the tasks can either be discovered through a manual profiling of the applications or through an automated method. We select three representative applications (Montage, BLAST, CyberShake Postprocessing), then describe and generate skeleton applications for each. We show that the skeleton applications have identical (or close) performance to that of the real applications. We then show examples of using skeleton applications to verify system optimizations such as data caching, I/O tuning, and task scheduling, as well as the system resilience mechanism, in some cases modifying the skeleton applications to emphasize some characteristic, and thus show that using skeleton applications simplifies the process of designing, implementing, and testing these optimizations.     

Distributed computing practice for large‐scale science and engineering applications

It is generally accepted that the ability to develop large‐scale distributed applications has lagged seriously behind other developments in cyberinfrastructure. In this paper, we provide insight into how such applications have been developed and an understanding of why developing applications for distributed infrastructure is hard. Our approach is unique in the sense that it is centered around half a dozen existing scientific applications; we posit that these scientific applications are representative of the characteristics, requirements, as well as the challenges of the bulk of current distributed applications on production cyberinfrastructure (such as the US TeraGrid). We provide a novel and comprehensive analysis of such distributed scientific applications. Specifically, we survey existing models and methods for large‐scale distributed applications and identify commonalities, recurring structures, patterns and abstractions. We find that there are many ad hoc solutions employed to develop and execute distributed applications, which result in a lack of generality and the inability of distributed applications to be extensible and independent of infrastructure details. In our analysis, we introduce the notion of application vectors: a novel way of understanding the structure of distributed applications. Important contributions of this paper include identifying patterns that are derived from a wide range of real distributed applications, as well as an integrated approach to analyzing applications, programming systems and patterns, resulting in the ability to provide a critical assessment of the current practice of developing, deploying and executing distributed applications. Gaps and omissions in the state of the art are identified, and directions for future research are outlined. Copyright © 2012 John Wiley & Sons, Ltd.     

云应用管理引擎的设计与实现

介绍了云应用管理引擎的设计思想与实现方式,以解决传统上应用程序必须安装在本地才能运行的问题.云应用管理引擎对安装在Windows或Linux应用服务器上的应用程序进行管理,在集群范围或服务器范围内将应用程序发布为远程应用,并将远程应用授权给用户.授权用户可以从各种客户端设备和系统运行交付给自己的远程应用程序,就像运行本地应用程序一样.     

Ajax引擎的设计和应用

Web应用在界面易操作性方面的弱点是制约其应用面的重要因素，Ajax技术是为了克服这些缺点而提出的。采用它实现的页面在易操作性上可以做到与桌面应用相同的效果，因此，其应用也逐渐多起来。文章介绍了Ajax的基本原理并通过在一个考试系统中的具体实践给出了Ajax引擎的实现方法，对于一般的Web应用开发具有一定的参考价值。     

利用单分类SVM算法检测Android应用程序

目前, Android应用市场大多数应用程序均采取加壳的方法保护自身被反编译, 使得恶意应用的检测特征只能基于权限等来源于AndroidManifest.xml配置文件. 基于权限等特征的机器学习分类算法因为恶意应用与良性应用差异性变小导致检测效果不理想. 如果将更加细粒度的应用程序调用接口(Application Program Interface,API)作为特征, 会因为应用程序加壳的原因造成正负样本数量的严重失衡. 针对上述问题, 本文将大量的恶意应用作为训练样本, 将良性应用样本作为新颖点, 采用单分类SVM算法建立恶意应用的检测模型. 相比于二分类监督学习, 该方法能有效地检测出恶意应用和良性应用, 具有现实意义.     

Enlargement of vulnerable web applications for testing

There are two main kinds of vulnerable web applications, usual applications developed with a specific aim and applications which are vulnerable by design. On one hand, the usual applications are those that are used everywhere and on a daily basis, and where vulnerabilities are detected, and often mended, such as online banking systems, newspaper sites, or any other Web site. On the other hand, vulnerable by design web applications are developed for proper evaluation of web vulnerability scanners and for training in detecting web vulnerabilities. The main drawback of vulnerable by design web applications is that they used to include just a short set of well-known types of vulnerabilities, usually from famous classifications like the OWASP Top Ten. They do not include most of the types of web vulnerabilities. In this paper, an analysis and assessment of vulnerable web applications is conducted in order to select the applications that include the larger set of types of vulnerabilities. Then those applications are enlarged with more types of web vulnerabilities that vulnerable web applications do not include. Lastly, the new vulnerable web applications have been analyzed to check whether web vulnerability scanners are able to detect the new added vulnerabilities, those vulnerabilities that vulnerable by design web applications do not include. The results show that the tools are not very successful in detecting those vulnerabilities, less than well-known vulnerabilities.     

Understanding Ajax applications by connecting client and server-side execution traces

Ajax-enabled Web applications are a new breed of highly interactive, highly dynamic Web applications. Although Ajax allows developers to create rich Web applications, Ajax applications can be difficult to comprehend and thus to maintain. For this reason, we have created FireDetective, a tool that uses dynamic analysis at both the client (browser) and server-side to facilitate the understanding of Ajax applications. We evaluate FireDetective using (1) a pretest-posttest user study and (2) a field user study. Preliminary evidence shows that the FireDetective tool is an effective aid for Web developers striving to understand Ajax applications.     

科学计算应用与流处理器

研究科学计算应用在流处理器上的适用性已成为当前研究热点之一。本文首先分析了流处理器处理科学计算应用的优势以及在流处理器上开发科学计算面临的重大挑战;然后针对不同类型的科学计算应用给出了将科学计算应用映射到流处理器上的关键与优化方法;最后将八种具有不同性能特征的典型科学计算应用映射到流处理器上,并比较和分析这些流程序在时钟精确模拟器运行性能和在处理科学计算应用的相应Fortran程序在主流Itanium 2处理器上的运行性能。实验结果表明,流处理器能有效处理科学计算应用。     

Attitudes towards specific uses of the computer Quantitative, decisionmaking and record-keeping applications

A survey of 203 undergraduates indicated that there are three clusters of computer applications about which respondents hold similar attitudes: quantitative applications (e.g. processing bills), decisionmaking applications (e.g. diagnosing medical problems) and record-keeping applications (e.g. storing information about criminals). Respondents were favourable towards quantitative and record-keeping applications but rejected decisionmaking applications, especially those involving decisions traditionally made by psychologists. Experience with computers and perceptions of the computer as efficient, humanizing and enjoyable were correlated significantly with attitudes towards specific applications. Locus of control and interpersonal trust were not related to attitudes. Interpretations of potentially dehumanizing effects of computers were discussed, along with implications of attitudes towards specific applications for decisions about how computers ought to be used.     

基于状态图的Web导航模型及其特性分析

WWW的指数级增长和Web应用的复杂性，需要系统化的方法和模型以支持Web应用的开发，导航建模是Web应用开发的特殊需求，提出了基于状态图的Web应用的导航模型，清楚地描述了复杂、动态的Web应用的导航特性，简化了系统的维护，并提出了导航树的概念和构造算法，能够有效地分析Web应用的导航特性，如可达性、死锁等。     

Integration,optimization and usability of enterprise applications

Many enterprises rely on a wide variety of collaborative applications in order to support their everyday activities and to share resources. The collaborative applications are typically designed from scratch if the existing applications do not meet the enterprise's evolving needs. This incurs significant costs, and inconvenience. In this paper we present a case study of six applications (Sage 200, Gold-Vision CRM system, E-Commerce System, Gold-Vision Connect System, Realex Transaction and Spindle Document Automation Tool) within an enterprise. These applications are working in isolation. Therefore, sharing of information and data among these applications is carried out manually which imposes additional burden on their users and causes performance degradation. In this paper, we address this problem by integration and optimization of these applications by applying Service-Oriented Architecture (SOA) approach. We also address the usability problems of these applications. We present comparative evaluation results that show significant improvement in ease and performance of user tasks using integrated applications.     

Byte code level cross-compilation for developing web applications

JavaScript provides the technological foundation of Web 2.0 applications. AJAX (Asynchronous JavaScript And XML) applications have received wide-spread attention as a new way to develop highly interactive web applications. Breaking with the complete-page-reload paradigm of traditional web applications, AJAX applications rival desktop applications in their look-and-feel. But AJAX places a high burden on a web developer requiring extensive JavaScript knowledge as well as other advanced client-side technologies. In this paper, we introduce a technique that allows a developer to implement an application in Java or any.NET language and then automatically cross-compile it to an AJAX-enabled web application.     

ServiceSs: An Interoperable Programming Framework for the Cloud

The rise of virtualized and distributed infrastructures has led to new challenges to accomplish the effective use of compute resources through the design and orchestration of distributed applications. As legacy, monolithic applications are replaced with service-oriented applications, questions arise about the steps to be taken in order to maximize the usefulness of the infrastructures and to provide users with tools for the development and execution of distributed applications. One of the issues to be solved is the existence of multiple cloud solutions that are not interoperable, which forces the user to be locked to a specific provider or to continuously adapt applications. With the objective of simplifying the programmers challenges, ServiceSs provides a straightforward programming model and an execution framework that helps on abstracting applications from the actual execution environment. This paper presents how ServiceSs transparently interoperates with multiple providers implementing the appropriate interfaces to execute scientific applications on federated clouds.     

Application framework issues when evolving business applications for electronic commerce

When an organization embarks on e-commerce it rarely has a chance to re-engineer its existing business applications. However, if these business applications were built using an application framework, then one might hope to reuse many of the existing legacy applications in the new e-commerce context. How much of the original application can be reused, and how much does the original application framework have to evolve in order to support this reuse? This paper describes our experience with evolving our framework for building engineered-product business applications so that these applications can be delivered over the Internet. We discuss the general issues created by migrating applications to e-commerce, and identify architectural concerns for application frameworks that must support e-commerce.     

Olfaction-enhanced multimedia: perspectives and challenges

Olfaction—or smell—is one of the last challenges which multimedia and multimodal applications have to conquer. Enhancing such applications with olfactory stimuli has the potential to create a more complex—and richer—user multimedia experience, by heightening the sense of reality and diversifying user interaction modalities. Nonetheless, olfaction-enhanced multimedia still remains a challenging research area. More recently, however, there have been initial signs of olfactory-enhanced applications in multimedia, with olfaction being used towards a variety of goals, including notification alerts, enhancing the sense of reality in immersive applications, and branding, to name but a few. However, as the goal of a multimedia application is to inform and/or entertain users, achieving quality olfaction-enhanced multimedia applications from the users’ perspective is vital to the success and continuity of these applications. Accordingly, in this paper we have focused on investigating the user perceived experience of olfaction-enhanced multimedia applications, with the aim of discovering the quality evaluation factors that are important from a user’s perspective of these applications, and consequently ensure the continued advancement and success of olfaction-enhanced multimedia applications.     

实时操作系统调度策略的分析与改进

在RT-Linux的基础上提出一个能统一支持硬实时、软实时和尽力而为应用的调度框架,在该框架之下,硬实时应用的响应时间短且可预测.对软实时应用进行接入控制,从而可以保证软实时应用的QoS.对尽力而为的应用保留CPU资源,从而保证它不会饥饿.     

企业实施SOA面向服务架构初探

SOA的目标是把各个应用程序集成为一个无缝的整体,SOA中的应用是一套可重复使用的服务,通过组合这些服务可以很容地搭建功能完善的企业应用,或者通过重新组合这些服务构建全新的应用来满足企业不断变化的需求.     

On the Characterization and Risk Assessment of AI-Powered Mobile Cloud Applications

Ultra-reliable low-latency communication supports powerful mission-critical applications such as artificial intelligence-enabled mobile cloud applications designed to deliver the quality of service and quality of experience to their users. However, whether existing security mechanisms are ready to address the risks emerging from these applications operating over ultra-fast 5G and 6G infrastructures is an open question. The complexity of finding answers to this question is partly due to the lack of means to measure software applications’ intelligence levels and partly due to the limitations of existing risk assessment approaches. In this paper, first, we propose an ability-based scale to characterize intelligent software applications. After that, we propose a semi-quantitative approach for threat modeling and risk analysis of intelligent software applications. Focusing on Android, we define three intelligent mobile cloud applications’ scenarios and demonstrate the feasibility of the proposed scale and approach. We perform their risk analyses for assessing the readiness of Android security mechanisms to mitigate their risks and identify open problems. We propose to rethink intelligent mobile cloud computing applications’ characterization and warn security experts to redesign their security mechanisms to serve evolving privacy, security, and trust requirements.     

Web应用浏览器兼容性的自动规范化方案

近年来万维嘲应用在中国正在飞速增长．但是在我国很多Web应用要求用户只能用IE浏览器．符合W3C组织制定的规范就能保证web应用跨浏览器的移植性．文中着眼于Web应用的特点,从遗留系统的角度来看待这个问题,提出了基于模型的自动规范化重构方法来解决这个问题．作为一个例子,构建了一个能够跨浏览器上访问小来只能用IE的中国银行的网上银行服务的实例,证明此方法能够有效解决国内现存Web应用的规范化问题．     

认知无线电网络动态QoS保证机制研究

针对认知无线电网络提出了一种基于中间件的分布式动态QoS保证机制DQAM,当网络对应用承诺的QoS保证发生变化,或者应用对网络的QoS要求发生变化时,通过网络和应用之间的反馈和协商,在分析当前网络状态和应用需求的基础上,根据特定的策略对网络和应用进行动态干预,在保证一定QoS的前提下,使应用最大程度的适应网络,网络最大限度的支持应用,以提高认知无线电网络对应用的支持能力和应用对网络的适应能力。对DQAM的原理、系统组成以及运行方式等,进行了讨论;从体系结构、工作过程、信息收集与策略生成和节点（任务）重构等4个方面,给出了DQAM的基本框架,并通过一个典型场景就DQAM的应用问题进行了探讨。