大型知识库知识存储结构的研究及其在知识发现系统中的应用

在基于数据库和知识库的知识发现系统(KDD&K)的研究中,需对知识库中的重复、冗余、矛盾、循环的知识进行实时校验、修改,并能够发现知识短缺,指导KDD过程进行聚焦;在KDK过程中,需要找出有关联的知识组成的知识域以便于归纳、解释等具体应用需求,针对于此,该文提出了一种基于知识节点(属性)的图矩阵、二维链表、产生式规则的三级管理模式和数据存储结构,通过知识库管理系统(KBMS)实现了二层逻辑结构和一层物理结构的三层独立映射关系,大大压缩了知识的搜索空间。经在KDD&K原型系统中的具体应用,该知识库系统结构的定义以及相应的KBMS完全满足上述要求,并可推广至通用的大、中型知识库系统。     

Integrating forward-chaining rules with operations and permanent knowledge bases

Traditionally, rule-based forward-chaining systems are considered to be standalone, working on a volatile memory. This paper focuses on the integration of forward-chaining rules with command-driven programming paradigms in the context of permanent, integrated knowledge bases. A system architecture is proposed that integrates the data management functions of large computerized knowledge bases into a module called a knowledge base management system (KBMS). Experiences we had in integrating rules with operations into a prototype KBMS called DALI are surveyed. For this integration, a new form of production rule, called the activation pattern controlled rule, is introduced, which augments traditional forward-chaining rules by a second, additional left-hand side, which allows making rules sensitive to calls of particular operations. Activation pattern controlled rules play an important role in DALI's system architecture, because they facilitate the storage of knowledge that has been specified relying on mixed programming, a combination of data-driven, command-driven, and preventive programming. The general problems of implementing permanent knowledge bases that contain rules and operations are discussed, and an algorithm for implementating activation pattern controlled rules, called IPTREAT, a generalization of the TREAT algorithm, is provided. Furthermore, the paper intends to clarify the differences between traditional, volatile rule-based systems and rule-based systems that are geared toward knowledge integration by supporting a permanent knowledge base.This paper is an extended and significantly revised version of a paper entitled Integrating Rules into a Knowledge Base Management System, which was presented at the First International Conference on Systems Integration, April 1990 [1].     

基于STEP的协同设计版本存储控制策略

计算机支持的协同设计的版本管理应保存整个设计过程中产生的所有版本,以便查询和检索。在对版本信息的存储方式中,完整版本存储的存取速度快,但占用存储空间大、冗余信息多,差值存储需要的存储空间少,但存取速度慢、安全性低。该文基于STEP数据交换标准,提出2个差值存储模型,通过构造版本存储阈值函数,将差值存储与完整存储相结合,有效实现了空间效率和时间效率的平衡。     

The design and implementation of K: a high-level knowledge-base programming language of OSAM*.KBMS

The OSAM*.KBMS is a knowledge-base management system, or the so-called next-generation database management system, for non-traditional data/knowledge-intensive applications. In order to define, query, and manipulate a knowledge base, as well as to write codes to implement any application system, we have developed an object-oriented knowledge-base programming language called K to serve as the high-level interface of OSAM*.KBMS. This paper presents the design of K, its implementation, and its supporting KBMS developed at the Database Systems Research and Development Center of the University of Florida. Edited by Dennis McLeod. Received July 1992 / Accepted August 1995     

OFFS：基于对象模型的闪存文件系统研究*

提出了一种基于对象的存储系统管理框架,它使用统一的对象接口来访问flash或者磁盘。重点对基于对象模型的闪存文件系统进行了研究设计,在系统中引入了段的层次来进行对象管理,通过分析能够显著减少徘徊树问题引起的大量数据更新次数,并避免了垃圾回收时多余的I/O操作,缓解了垃圾回收过程中的数据锁定问题。     

一个自主授权的多用户可搜索加密方案

可搜索加密(searchable encryption, SE)允许用户将数据加密后存储到云服务器上,然后在密文数据中按关键词进行搜索,且保证隐私泄漏的最小化.现已提出了针对效率和安全性方面的多种SE方案,但对于多方用户的可搜索加密,目前绝大多数方案都需要用到完全可信的第三方来进行用户授权.针对这一问题,提出让半诚实的云服务器来维护一个权限分配矩阵,允许用户按自己的意愿控制其他用户对自己文件的访问权限,从而弱化了可信第三方的功能.而且,搜索者可指定用户并且服务器只在对其授权的用户文档中进行搜索,从而缩小了搜索范围.同时,利用双线性对的性质,在不增加额外交互的前提下解决了加密文档的密钥分发问题.最后给出该方案在随机预言机模型下安全性的形式化证明.     

From decision tables to expert system shells

Building and maintaining high quality knowledge based systems is not a trivial task. Decision tables have sometimes been recommended in this process, mainly in verification and validation. In this paper, however, it is shown how decision tables can also be used to generate, and not just to validate, knowledge bases and how the transformation process from decision tables to knowledge bases can be organized. Several options to generate rules or other knowledge representation from decision tables are described and evauluated.

The proposed generation strategy enables the knowledge engineer to concentrate on the acquisition and modelling issues and allows him to isolate the knowledge body from its implementation. The generation process has been implemented for two commercial tools, AionDS and KBMS and has been applied to real world applications.     

An efficient multiversion access structure

An efficient multiversion access structure for a transaction-time database is presented. Our method requires optimal storage and query times for several important queries and logarithmic update times. Three version operations-inserts, updates, and deletes-are allowed on the current database, while queries are allowed on any version, present or past. The following query operations are performed in optimal query time: key range search, key history search, and time range view. The key-range query retrieves all records having keys in a specified key range at a specified time; the key history query retrieves all records with a given key in a specified time range; and the time range view query retrieves all records that were current during a specified time interval. Special cases of these queries include the key search query, which retrieves a particular version of a record, and the snapshot query which reconstructs the database at some past time. To the best of our knowledge no previous multiversion access structure simultaneously supports all these query and version operations within these time and space bounds. The bounds on query operations are worst case per operation, while those for storage space and version operations are (worst-case) amortized over a sequence of version operations. Simulation results show that good storage utilization and query performance is obtained     

Circuit diagnosis support system for electronics assembly operations

Diagnosis and repair operations are often major bottlenecks in electronics circuit assembly operations. Increasing board density and circuit complexity have made fault diagnosis difficult. But, with shrinking product life cycles and increasing competition, quick diagnosis and feedback is critical for cost control, process improvement, and timely product introduction. This paper describes a case-based diagnosis support system to improve the effectiveness and efficiency of circuit diagnosis in electronics assembly facilities. The system stores individual diagnostic instances rather than general rules and algorithmic procedures, and prioritizes the tests during the sequential testing process. Its knowledge base grows as new faults are detected and diagnosed by the analyzers. The system provides distributed access to multiple users, and incorporates on-line updating features that make it quick to adapt to changing circumstances. Because it is easy to install and update, this method is well-suited for real manufacturing applications. We have implemented a prototype version, and tested the approach in an actual electronics assembly environment. We describe the system's underlying principles, discuss methods to improve diagnostic effectiveness through principled test selection and sequencing, and discuss managerial implications for successful implementation.     

基于区块链的策略隐藏大数据访问控制方法

针对大数据应用中用户共享数据的访问控制由半可信云服务商实施所带来的隐私泄露、策略和访问日志易被篡改等问题, 提出一种基于区块链的策略隐藏大数据访问控制方法 (A policy-hidden big data access control method based on blockchain, PHAC). 该方法采用区块链技术实施访问控制以减少对服务商的信任依赖, 引入属性基加密(Attribute-based encryption, ABE)以及双线性映射技术, 实现在不泄露访问控制策略的前提下, 通过智能合约正确执行访问控制策略. 同时, 解耦访问控制策略, 简化用户策略的发布、更新和执行. 并应用链上和链下存储相结合方式, 解决智能合约和访问控制策略占用区块链节点资源不断增大的问题. 最后, 对该方法进行了理论分析和HyperLedger Fabric环境下的实验评估, 结果表明该方法能在策略隐藏情况下有效实现访问控制, 但不会给数据拥有者、区块链节点增加过多额外计算和存储开销.     

Primary copy synchronization for DB-Sharing

In a database sharing (DB-Sharing) system multiple loosely or closely coupled processors share access to a single set of databases. Such systems promise better availability and linear growth of transaction throughput at equivalent response time compared to single processor database systems. The efficiency of a DB-Sharing system heavily depends on the synchronization technique used for maintaining consistency of the shared data. A promising algorithm is the primary copy approach which will be presented in this paper. We describe the actions of the lock manager in a basic and in a more advanced version. Furthermore, it is shown how the lock managers can be enabled to deal with the so-called buffer invalidation problem that results from the existence of a database buffer in each processor.     

数据库系统与知识库系统的对比分析

文章在分析数据和知识、数据库和知识库、DBMS和KBMS的定义、功能、结构的基础之上,对数据库系统和知识库系统进行了详细的对比分析。     

纠删码存储系统数据更新方法研究综述

在分布式存储系统中,节点故障已成为一种常态,为了保证数据的高可用性,系统通常采用数据冗余的方式.目前主要有2种冗余机制：一种是多副本,另一种是纠删码.伴随着数据量的与日俱增,多副本机制带来的效益越来越低,人们逐渐将目光转向存储效率更高的纠删码.但是纠删码本身的复杂规则导致使用纠删码的分布式存储系统的读、写、更新操作的开销相比于多副本较大.所以纠删码通常被用于冷数据或者温数据的存储,热数据这种需要频繁访问更新的场景仍然用多副本机制存储.专注于纠删码存储系统内的数据更新,从硬盘I/O、网络传输、系统优化3方面综述了目前纠删码更新相关的优化工作,对目前具有代表性的编码方案的更新性能做了对比分析,最后展望了未来研究趋势.通过分析发现目前的纠删码更新方案仍然无法获得和多副本相近的更新性能.如何在纠删码更新规则和系统架构角度优化纠删码存储系统,使其能够替换掉热数据场景下的多副本机制,降低热数据存储开销仍是未来值得深入研究的问题.     

DEAM: Decoupled,Expressive, Area-Efficient Metadata Cache

Chip multiprocessor presents brand new opportunities for holistic on-chip data and coherence management solutions. An intelligent protocol should be adaptive to the fine-grain accessing behavior. And in terms of storage of metadata, the size of conventional directory grows as the square of the number of processors, making it very expensive in large-scale systems. In this paper, we propose a metadata cache framework to achieve three goals: 1) reducing the latency of data access and coherence activities, 2) saving the storage of metadata, and 3) providing support for other optimization techniques. The metadata is implemented with compact structures and tracks the dynamically changing access pattern. The pattern information is used to guide the delegation and replication of decoupled data and metadata to allow fast access. We also use our metadata cache as a building block to enhance stream prefetching. Using detailed execution-driven simulation, we demonstrate that our protocol achieves an average speedup of 1.12X compared with a shared cache protocol with 1/5 of the storage of metadata.     

A constant update time finger search tree

Levcopolous and Overmars (Acta Inform., 26 (1988) 269-277) describe a search tree with O(1) worst-case update time, i.e., the time to insert or delete a key is O(1) in the worst case if the position of the key is known. Their data structure does not support fingers, pointers to specific keys such that access and update operations in the vicinity of a finger are especially efficient. We modify their data structure to support fingers while still maintaining O(1) worst-case update time, partially improving upon an earlier result of Harel (University of California, Davis, TR #154, 1980) who achieved O(log^* n) worst-case update time in a search tree with fingers. Our data structure uses the random-access machine (RAM) model with unit-cost measure and logarithmic word size; the data structures of Levcopolous and Overmars and Harel use the weaker pointer machine model.     

A bi-level concise modular structured knowledge representation scheme

For many years, major drawbacks that have been present in knowledge-based systems are their lack of structure-based knowledge access, high consumption of storage space, long response time, and incapability of tracing items related to each other, unlike a data processing system manipulating a data constructed according to the doubly linked list data structure. This article presents a bi-level knowledge representation scheme that addresses these problems along with several others. This scheme is based on a new knowledge access method in which the expert system communicates with the knowledge base through sub-knowledge sources rather than knowledge sources (facts and rules), i.e., through distinguished objects and relations. This method is used to design the scheme through building the knowledge base using a set of individual objects and relations. This individuality is shown to make it possible to construct highly efficient indices for these objects and relations.

It is shown that although the physical structure knowledge achieves high performance through implementing a concise and structured version of the knowledge in its low level, it is organized to provide efficient service to all the tasks carried out by the accompanying knowledge based system. Furthermore, although the low-level knowledge is highly abstracted, it is easily browsed in its full text mode, just like many existing knowledge bases. One of the important issues that this scheme address is the optiional incorporation of certainty degrees that is used by an appropriate reasoning strategy. It is also shown that fuzziness manipulation can be carried out or halted without having to rewrite the knowledge stored physically.     

The mediator authorization-security model for heterogeneous semantic knowledge bases

Many organizations often need to share semantic knowledge base content with selected members of other organizations. However, sharing semantic knowledge across different organizations is a critical problem. This is because the differences in the vocabulary utilized by the organizations have to be resolved before knowledge can be shared. Also, if semantic repositories are syntactically and schematically heterogeneous, information interoperation becomes a vital challenge. When a system needs to allow unknown entities to access its resources, mechanisms should be in place in order to provide a secure and trusted information-sharing environment and enable users to interact and share information easily and perfectly. To address these challenges, the Mediator Authorization-Security model is proposed to provide secure interoperation among heterogeneous semantic repositories. This paper addresses the issue of interoperability and how to incorporate trust into semantic interoperability. The evaluation showed that, despite the complexity of the mediator system, it still provides acceptable performance.     

一种支持属性撤销的密文策略属性基加密方案

针对传统属性基加密方案中单授权中心计算开销大以及安全性较差等问题,通过引入多个授权中心以及安全两方计算协议等技术,提出一种支持细粒度属性级撤销和用户级撤销的密文策略属性基加密方案。引入多个属性授权中心以颁发并更新属性版本秘钥,同时秘钥生成中心与云存储服务器之间进行安全两方计算等操作,生成并更新用户密钥,从而进行细粒度属性级撤销。在云存储服务器中,对用户列表中的用户唯一秘值及唯一身份值进行操作以实现用户级撤销,同时通过多个授权中心抵抗合谋攻击,并将部分计算工作外包给云端。分析结果表明,与基于AND、访问树和LSSS策略的方案相比,该方案有效增强了系统的安全功能,同时显著降低了系统的计算复杂度。     

ENTICE VM Image Analysis and Optimised Fragmentation

Virtual machine (VM) images (VMIs) often share common parts of significant size as they are stored individually. Using existing de-duplication techniques for such images are non-trivial, impose serious technical challenges, and requires direct access to clouds’ proprietary image storages, which is not always feasible. We propose an alternative approach to split images into shared parts, called fragments, which are stored only once. Our solution requires a reasonably small set of base images available in the cloud, and additionally only the increments will be stored without the contents of base images, providing significant storage space savings. Composite images consisting of a base image and one or more fragments are assembled on-demand at VM deployment. Our technique can be used in conjunction with practically any popular cloud solution, and the storage of fragments is independent of the proprietary image storage of the cloud provider.     

适合云存储的访问策略可更新多中心CP-ABE方案

云存储作为一种新型的数据存储体系结构,近年来得到越来越广泛的应用.大多数用户为了降低本地存储开销、实现数据共享选择将自己的数据上传到云服务器存储.然而,云存储系统存在的安全隐患也引发了社会越来越多的担忧.例如,不完全可信的云服务提供商可能会窃取用户的数据或让未授权的其他用户访问数据等.因此,对用户数据进行加密并实现数据的访问控制是确保云存储中数据安全的有效方法.基于密文的属性加密(CP-ABE)方案则能够很好地实现安全云存储目标,它允许一个发送者加密数据并设置访问控制结构,只有符合条件的用户才能对数据进行解密.但是,传统CP-ABE方案中存在的密钥泄露等问题制约了属性加密在云存储系统中的应用.针对上述的问题,提出了一个多授权机构支持策略更新的CP-ABE方案,该方案与之前的方案相比,不仅可以通过多授权机构避免密钥泄露问题,同时将策略更新及密文更新过程交给服务器执行,有效地降低了本地的计算开销和数据传输开销,充分利用云存储的优势提供一个高效、灵活的安全数据存储方案,对所提方案进行了安全性证明,并对方案进行了效率分析.