Intrusion-Tolerant Server Architecture for Survivable Services

Survivable systems are increasingly needed in a wide range of applications. As a step toward realizing survivable systems, this paper presents architecture of intrusion-tolerant servers. It is to deliver intended services transparently to the clients even when a computing node fails due to failures, intrusions, and other threats. In order to deliver only secure results to the client, we need an algorithm to decide agreement on results from replicated servers. For this purpose, a secure and practical decentralized voting algorithm for the architecture is proposed in the paper. Through the experiments on a test-bed, especially, for web services, the approach turned out very effective in terms of extra cost and considered to be able to cope with both confidentiality and integrity attacks.     

Secure spread: an integrated architecture for secure group communication

Group communication systems are high-availability distributed systems providing reliable and ordered message delivery, as well as a membership service, to group-oriented applications. Many such systems are built using a distributed client-server architecture where a relatively small set of servers provide service to numerous clients. In this work, we show how group communication systems can be enhanced with security services without sacrificing robustness and performance. More specifically, we propose several integrated security architectures for distributed client-server group communication systems. In an integrated architecture, security services are implemented in servers, in contrast to a layered architecture, where the same services are implemented in clients. We discuss performance and accompanying trust issues of each proposed architecture and present experimental results that demonstrate the superior scalability of an integrated architecture.     

直播服务器一般性框架体系设计

基于流媒体服务器设计框架,结合直播服务器本身的功能、特性,并综合考虑波动的网络环境对其的影响,给出一种适用于直播服务器的一般性的实现框架。在这个实现框架中直播服务器由四个功能模块组成:速率控制模块、差错控制模块、质量自适应模块以及缓冲区控制模块。这四个功能模块各自完成特定的功能,并相互协作以使直播服务器系统作为整体提供适应性的视频传输服务。对各功能模块之间的协作和互动关系作了详细的阐述。提出的框架体系可以根据应用需求进行灵活配置以得到适当的实现形式,对开发直播系统具有参考价值。     

Hybrid Cloud Architecture for Higher Education System

As technology improves, several modernization efforts are taken in the process of teaching and learning. An effective education system should maintain global connectivity, federate security and deliver self-access to its services. The cloud computing services transform the current education system to an advanced one. There exist several tools and services to make teaching and learning more interesting. In the higher education system, the data flow and basic operations are almost the same. These systems need to access cloud-based applications and services for their operational advancement and flexibility. Architecting a suitable cloud-based education system will leverage all the benefits of the cloud to its stakeholders. At the same time, educational institutions want to keep their sensitive information more secure. For that, they need to maintain their on-premises data center along with the cloud infrastructure. This paper proposes an advanced, flexible and secure hybrid cloud architecture to satisfy the growing demands of an education system. By sharing the proposed cloud infrastructure among several higher educational institutions, there is a possibility to implement a common education system among organizations. Moreover, this research demonstrates how a cloud-based education architecture can utilize the advantages of the cloud resources offered by several providers in a hybrid cloud environment. In addition, a reference architecture using Amazon Web Service (AWS) is proposed to implement a common university education system.     

Providing security and fault tolerance in P2P connections between clouds for mHealth services

The mobile health (mHealth) and electronic health (eHealth) systems are useful to maintain a correct administration of health information and services. However, it is mandatory to ensure a secure data transmission and in case of a node failure, the system should not fall down. This fact is important because several vital systems could depend on this infrastructure. On the other hand, a cloud does not have infinite computational and storage resources in its infrastructure or would not provide all type of services. For this reason, it is important to establish an interrelation between clouds using communication protocols in order to provide scalability, efficiency, higher service availability and flexibility which allow the use of services, computing and storage resources of other clouds. In this paper, we propose the architecture and its secure protocol that allows exchanging information, data, services, computing and storage resources between all interconnected mHealth clouds. The system is based on a hierarchic architecture of two layers composed by nodes with different roles. The routing algorithm used to establish the connectivity between the nodes is the shortest path first (SPF), but it can be easily changed by any other one. Our architecture is highly scalable and allows adding new nodes and mHealth clouds easily, while it tries to maintain the load of the cloud balanced. Our protocol design includes node discovery, authentication and fault tolerance. We show the protocol operation and the secure system design. Finally we provide the performance results in a controlled test bench.     

基于UNIX的多功能服务器构建的实现

在Internet网络上,安全的通讯一直都是组织及个人最为重视的一环,对于安全通讯的高度需求也造成一股研究linux安全服务器的风潮。本文以Linux作为系统的一些应用,并学习如何架设各种服务器的技巧。实现了一个集Linux防火墙和代理服务为一体的安全系统,不仅保护了Linux服务器的安全,而且也有效地保证了整个内部网络资源的安全。     

Buffer-Sharing Techniques in Service-Guaranteed Video Servers

Advances in networking and storage technology have made it possible to deliver on-demand services over networks such as the emerging video-on- demand (VOD) applications. Although a variety of studies have been focused on designing video servers suitable for VOD applications, the number of concurrent on-demand services supported by such servers is often limited by the I/O bandwidth of the storage systems. Recently, several researchers have focused on providing guaranteed services instead of on-demand services in a VOD system. A service is said to be guaranteed if every viewer can be served within a specified waiting time after the video has been subscribed. This paper describes a model called a buffer-sharing autonomy, which combines batching and bridging techniques to provide guaranteed services to VOD systems. We also describe how buffer-sharing techniques can be used in this model to provide the same services with fewer buffer resource through the use of playback-rate alteration. Additionally, in order to make buffer sharing efficient, it is important to group appropriate video streams together to share buffer resource. Four grouping policies are proposed for this purpose and the benefits yielded are also analyzed and compared. Finally, the results of our experiments show that the proposed buffer-sharing techniques promise the provision of guaranteed video services at low cost.     

云计算中数据隐私的安全保护机制

在云计算中,用户所拥有的数据信息通常被存放在遥远的云端,而其它用户常常能够访问这些数据且这些数据通常不由数据拥有者自己控制和管理.在此状况下,如何在云计算中保护用户的数据隐私安全则是一个十分具有挑战性的问题.为了解决这个问题,本文提出了一种数据隐私的安全保护机制.在此安全保护机制中,针对用户数据上载和访问的过程,首先提出了一种数据隐私保护的安全流程.在此基础上,提出了用户数据安全存储算法和云端数据安全访问算法.为了证明这种保护机制的有效性,本文对其安全性能进行了一系列的分析.分析结果表明：在云计算中使用这种机制能够确保数据隐私的安全性.     

Dynamic Buffer Management for Near Video-On-Demand Systems

Advances in networking and storage technology have made it possible to deliver on-demand services over networks such as the emerging video-on-demand (VOD) applications. A variety of studies have been focused on designing a video server suitable for VOD applications. However, the number of concurrent on-demand services supported by the server is often limited by the I/O bandwidth of the storage systems. This paper describes a discrete buffer sharing model which uses batching and buffer sharing techniques in video servers to support a large number of VOD services. Two operations, splitting and merging, enable the model to fully utilize system resources such as buffers and disk bandwidths. Moreover, this paper also introduces the concept of imprecise video viewing which assumes that a limited amount of quality loss is acceptable during video playback. Based upon this assumption, three shrinking strategies are explored to reduce buffer requirements. Finally, the results of experiments show that our methods perform better than traditional buffer management techniques for VOD systems.     

Staggered push - a linearly scalable architecture for push-based parallel video servers

With the rapid performance improvements in low-cost PCs, it becomes increasingly practical and cost-effective to implement large-scale video-on-demand (VoD) systems around parallel PC servers. This paper proposes a novel parallel video server architecture where video data are striped across an array of autonomous servers connected by an interconnection network. To coordinate data transmissions from multiple autonomous servers to a client station, a staggered push scheduling algorithm is proposed. A system model is constructed to quantify the performance of the architecture. Unlike most studies, this work does not assume the existence of a global clock among the servers and tackles two problems arising from server asynchrony: inconsistent schedule assignment and traffic overlapping. The former problem is solved by using an admission scheduler and the latter problem is solved by an over-rate transmission scheme. Analytical results prove a remarkable property of the staggered push architecture: as long as the network has sufficient capacity, the system can be scaled up linearly to an arbitrary number of servers. Design examples and numerical results are used to evaluate the proposed architecture under realistic assumptions and to compare it against other architecture.     

An SSL Back-End Forwarding Scheme in Cluster-Based Web Servers

State-of-the-art cluster-based data centers consisting of three tiers (Web server, application server, and database server) are being used to host complex Web services such as e-commerce applications. The application server handles dynamic and sensitive Web contents that need protection from eavesdropping, tampering, and forgery. Although the secure sockets layer (SSL) is the most popular protocol to provide a secure channel between a client and a cluster-based network server, its high overhead degrades the server performance considerably and, thus, affects the server scalability. Therefore, improving the performance of SSL-enabled network servers is critical for designing scalable and high-performance data centers. In this paper, we examine the impact of SSL offering and SSL-session-aware distribution in cluster-based network servers. We propose a back-end forwarding scheme, called ssl_with_bf, that employs a low-overhead user-level communication mechanism like virtual interface architecture (VIA) to achieve a good load balance among server nodes. We compare three distribution models for network servers, round robin (RR), ssl_with_session, and ssl_with_bf, through simulation. The experimental results with 16-node and 32-node cluster configurations show that, although the session reuse of ssl_with_session is critical to improve the performance of application servers, the proposed back-end forwarding scheme can further enhance the performance due to better load balancing. The ssl_with_bf scheme can minimize the average latency by about 40 percent and improve throughput across a variety of workloads.     

Auto-Discovery Capabilities for Service Management: An ISP Case Study

Auto-discovery is one of the key technologies that enables management systems to be quickly customized to the environments that they are intended to manage. As Internet services have grown in complexity in recent years, it is no longer sufficient to monitor and manage these services in isolation. Instead, it is critical that management systems discover dependencies that exist among Internet services, and use this knowledge for correlation of measurement resutls, so as to determine the root-causes of problems. While most existing management systems have focused on discovery of host, servers, and network elements in isolation, in this paper we describe auto-discovery techniques that discover relationships among services. Since new Internet services and service elements are being deployed at a rapid pace, it is essential that the discovery methodologies be implemented in an extensible manner, so that new discovery capabilities can be incrementally added to the management system. In this paper, we present an extensible architecture for auto-discovery and describe a prototype implementation of this architecture and associated auto-discovery techniques. We also highlight experiences from applying these techniques to discover real-world ISP systems. Although described in the context of ISP systems, the concepts described in this paper are applicable for the discovery of services and inter-service relationships in enterprise systems as well.     

基于多代理的容忍入侵体系结构

该文提出了一种基于多代理(Agent)技术的容忍入侵体系结构。通过在系统组件中引入一定的冗余度,将冗余和多样性技术相结合,利用门限秘密共享技术将秘密信息分布于多个系统组件上来达到容忍入侵的目的。通过分布在每个服务器上的多个代理,建立一个容忍入侵的安全内核,重要信息通过安全内核来传递,保证系统关键部件为合法用户提供连续和可靠的基本服务。该方案采用系统整体安全策略,将容忍入侵与多代理的入侵检测相结合,使系统具有更好的实用性和可生存性。     

A practical password-based two-server authentication and key exchange system

Most password-based user authentication systems place total trust on the authentication server where cleartext passwords or easily derived password verification data are stored in a central database. Such systems are, thus, by no means resilient against offline dictionary attacks initiated at the server side. Compromise of the authentication server by either outsiders or insiders subjects all user passwords to exposure and may have serious legal and financial repercussions to an organization. Recently, several multiserver password systems were proposed to circumvent the single point of vulnerability inherent in the single-server architecture. However, these multiserver systems are difficult to deploy and operate in practice since either a user has to communicate simultaneously with multiple servers or the protocols are quite expensive. In this paper, we present a practical password-based user authentication and key exchange system employing a novel two-server architecture. Our system has a number of appealing features. In our system, only a front-end service server engages directly with users while a control server stays behind the scene; therefore, it can be directly applied to strengthen existing single-server password systems. In addition, the system is secure against offline dictionary attacks mounted by either of the two servers.     

VEGA Infrastructure for Resource Discovery in Grids

Grids enable users to share and access large collections and various types of re-sources in wide areas, and how to locate resources in such dynamic, heterogeneous and autonomousdistributed environments is a key and challenging issue. In this paper, a three-level decentralizedand dynamic VEGA Infrastructure for Resource Discovery (VIRD) is proposed. In this architec-ture, every Border Grid Resource Name Server (BGRNS) or Grid Resource Name Server (GRNS)has its own local policies, governing information organization, management and searching. Changesin resource information are propagated dynamically among GRNS servers according to a link-state-like algorithm. A client can query its designated GRNS either recursively or iteratively. Optimizing techniques, such as shortcut, are adopted to make the dynamic framework more flexible and effi-cient. A simulator called SimVIRD is developed to verify the proposed architecture and algorithm.q.Experiment results indicate that this architecture could deliver good scalability and performance for grid resource discovery.     

QoS-Broker for transactional workloads

Typical request processing systems, such as web servers and database servers, try to accommodate all requests as fast as possible, which can be described as a Best-Effort approach. However, different application items may have different quality-of-service (QoS) requirements, and this can be viewed as an orthogonal concern to the basic system functionality. In this paper we propose the QoS-Broker, a middleware for delivering QoS over servers and applications. We show its architecture to support contracts over varied targets including queries, transactions, services or sessions, also allowing expressions on variables to be specified in those targets. We also discuss how the QoS-Broker implements basic strategies for QoS over workloads. Our experimental results illustrate the middleware by applying priority and weighted- fair-queuing based differentiation over clients and over transactions, and also admission control, using a benchmark as a case-study.     

Reconfigurable Service Composition and Categorization for Power-Aware Mobile Computing

The requirement of agile adaptation to varying resource constraints in mobile systems motivates the use of a service-oriented architecture (SOA), which can support the composition of two or more services to form a complex service. In this paper, we propose SOA-based middleware to support QoS control of mobile applications and to configure an energy-efficient service composition graph. We categorize services into two layers:functionality-centric services, which are connected to create a complex service to meet the user's intentions, and resource-centric services, which undertake distributed functionality-centric services in a way that increases the success rate of service composition while reducing contention at specific service nodes. We also present a service routing algorithm to balance the resource consumption of service providers on a service-overlay network. Through simulation of power-aware service composition using a realistic model based on ns-2 and traced data, we demonstrate that our approach can help both the mobile devices and the servers in a service-overlay network to reduce energy consumption without an increase in response time.     

IPoIB体系结构及其应用

InfiniRand (IB) is a high speed, channel based interconnecting technology between systems and devices. It will remove the bottleneck limiting the performance of current servers and storage divices. This article proposes an IP over IrdiniBand (IPoIB) architecture and its application. It will function as a bridge between IP and IB architecture insystems IP and IB coexists. It enables the applications to take advantages of IB without changes in upper layers IP and other protocols. We also introduce the IPoIB protocol and show some experiment results in this paper. The experi-ment results show that IPoIB is suitable to be used in the front-end servers and interface devices for the IrdiniBand-based network servers.     

RaDaR: a scalable architecture for a global Web hosting service

As commercial interest in the Internet grows, more and more companies are offering the service of hosting and providing access to information that belongs to third-party information providers. In the future, successful hosting services may host millions of objects on thousands of servers deployed around the globe. To provide reasonable access performance to popular resources, these resources will have to be mirrored on multiple servers. In this paper, we identify some challenges due to the scale that a platform for such global services would face, and propose an architecture capable of handling this scale. The proposed architecture has no bottleneck points. A trace-driven simulation using an access trace from AT&T's hosting service shows very promising results for our approach.     

Transactional Multimedia Banner as Web Access Point

Currently there is an explosively growing amount of back-end services available (e.g., business to business (B2B) commerce, business to consumer (B2C) commerce, and infomercial services) in the Internet. These services are mostly accessible through static HTML web pages at a few specific web portals. Advertising in TV broadcasting has shown that multimedia is a very effective means to present merchandise and attract shoppers. This has been applied to the Web by including animated multimedia banner ads on web pages. However, the issues of coupling interactive browsing, shopping, and secure transactions, e.g., from inside a multimedia banner, have only recently started to being explored. In this paper, we will investigate the feasibility of using interactive multimedia banners as pervasive access point for the B2C, B2B, and infomercial services. We present a system architecture that involves a layer of middleware agents functioning as the bridge between the interactive multimedia banners and back-end services. The findings suggest that the middleware agents can not only convey the B2B services to the individual consumers via multimedia banners, but also simplify the design of the middleware agents by using the standardized B2B application interfaces. As a specific case study, the use of interactive multimedia banners, communicating with a browsing/transaction middleware agent in accessing the catalog and shopping services, over the Internet will be discussed and prototyped. The system architecture under study consists of an interactive multimedia banner (such as a banner-ad, or the display of merchandise in a catalog), a browsing agent, and a transaction agent. Such interactive multimedia banners allow users to browse and buy the merchandise in the e-mall directly from the banner. The browsing agent enables interactive browsing within the banner. The transaction agent interfaces with various e-commerce servers and existing e-malls to complete the transaction securely. We implement a pure Java based shopping system to investigate the feasibility of this architecture. The initial implementation results indicate that this architecture provides a tight and general integration between multimedia browsing and secure transactions and significantly reduces user interactions needed to choose the merchandise and close the transaction.