泛政府行业信息化数据跨域共享服务总线平台的设计与实现

对泛政府行业内网与其他网络间的跨网域的请求服务进行了研究,提出了泛政府行业信息化数据跨域共享服务总线平台的设计方案,底层硬件设计上基于单向光传输方式,实现不同网域间数据的安全隔离传输;上层系统软件通过服务总线（ESB）体系架构和定义统一请求调用接口,实现跨区域、跨网域间服务授权访问、资源授权调用和数据安全转发。整个系统由请求协议转换、安全检控组件、健康度评估、MQ数据服务、节点资源调度、限流熔断管理、通道任务管理、资源监控上报等模块组成,可实现请求服务、设备状态上报、通道任务管理、安全访问控制等功能,并根据不同业务量级设定不同应用模式,可满足跨网域移动警务请求服务数据资源的安全、高效传输需求。     

Modules,objects and distributed programming: Issues in RPC and remote object invocation

Distributed programming can be greatly simplified by language support for distributed communication, such as that provided by remote procedure call (RPC) or remote object invocation. This paper examines design and implementation issues in these systems, and focuses on the influence of the communication system on a distributed program. To make the discussion concrete, we introduce a single application as implemented in two environments: Modula-2+, an extension of Modula-2 with RPC, and Emerald, an object-based language that supports remote object invocation. We show that small differences in the implementation of the communication system can have a significant impact on how distributed applications are structured.     

一个安全文件系统的半形式化功能规范设计

形式化、半形式化规范的理论和实践是高安全等级操作系统设计所必须解决的问题,但我国高安全等级操作系统形式化设计方面十分薄弱,没有实践过程和相关理论的技术积累.本文借助Lapadula给出的规则集建模方法,基于Linux系统调用给出了一个实际开发的安全文件系统NeoFs的顶层功能规范的方法和过程.     

A measurement-based study of hardware support for object invocation

The object invocation paradigm is attractive for structuring distributed systems. Distributed object-based operating systems view the resources of the system as a collection of objects. Object invocation is the primary mechanism in such systems, and is often used as a yardstick for measuring the system performance. However, existing systems of this flavour exhibit poor performance due to the mismatch between the requirements of the object invocation mechanism and the machine architecture. Through measurements of an existing object-based kernel, we present a breakdown of the costs involved in implementing the object invocation mechanism. The measurements suggest architectural solutions to improve the performance of such systems. We present our preliminary studies towards providing hardware support for the object invocation mechanism.     

Estimating page fetches for index scans with finite LRU buffers

We describe an algorithm for estimating the number of page fetches for a partial or complete scan of a B-tree index. The algorithm obtains estimates for the number of page fetches for an index scan when given the number of tuples selected and the number of LRU buffers currently available. The algorithm has an initial phase that is performed exactly once before any estimates are calculated. This initial phase, involving LRU buffer modeling, requires a scan of all the index entries and calculates the number of page fetches for different buffer sizes. An approximate empirical model is obtained from this data. Subsequently, an inexpensive estimation procedure is called by the query optimizer whenever it needs an estimate of the page fetches for the index scan. This procedure utilizes the empirical model obtained in the initial phase.     

Partial rollback in object-oriented/object-relational database management systems with dual buffer

Partial rollback mechanism has been widely supported by many database management systems (DBMSs). It allows a transaction to be rolled back partially, that is, only back to a certain savepoint set by the user. A partial rollback, however, makes the DBMS buffer management complicated because it requires the DBMS to restore the state of not only the database but also the buffers. There are several literatures addressing such a partial rollback in a relational DBMS (RDBMS), which has page buffer only. However, to our knowledge, there exists no literature addressing it in an object-oriented/relational DBMS (OO/ORDBMS). The RDBMS partial rollback scheme cannot be applied to OO/ORDBMSs directly. The reason is that, unlike RDBMSs, many OO/ORDBMSs use dual buffer which consists of object buffer and page buffer. In this paper, we thoroughly study the partial rollback schemes for OO/ORDBMSs with dual buffer. For this, we propose four different partial rollback schemes which are based on (single) page buffer, (single) object buffer, dual buffer using a soft log, and dual buffer using shadows, respectively. The schemes proposed are practical enough to be implemented in a real OO/ORDBMS. The results of performance evaluations show that the dual buffer-based scheme using shadows achieves the best performance.     

An object-oriented database system Jasmine: implementation,application, and extension

We have devised an object oriented DBMS called Jasmine for advanced applications. The paper describes the implementation, application and extension of Jasmine in detail. We focus on the impact of the design of its object oriented model and language on database implementation technology. We describe what part of traditional relational database technology we extend to handle object oriented features such as object identifiers, complex objects, class hierarchies, and methods. We introduce nested relations to efficiently store and access clustered complex objects. We use hash based methods to efficiently access nonclustered complex objects. We provide user defined functions directly evaluated on page buffers to efficiently process method invocation. We devise object oriented optimization of queries including class hierarchies, complex objects, and method invocation. We incorporate dedicated object buffering to allow efficient access to objects through object identifiers. We also describe nontrivial applications of Jasmine and discuss the validity of object oriented databases. We focus on a constraint management facility, which can be implemented by taking advantage of the extensibility of Jasmine. The facility includes constraint rules, called design goals, for automatic database population required by engineering applications. Finally, we describe a view facility for schema integration also needed by engineering applications in distributed environments. We focus on how we extend Jasmine to implement the facility     

On using cache conscious clustering for improving OODBMS performance

The two main techniques of improving I/O performance of Object Oriented Database Management Systems (OODBMS) are clustering and buffer replacement. Clustering is the placement of objects accessed near to each other in time into the same page. Buffer replacement involves the selection of a page to be evicted, when the buffer is full. The page evicted ideally should be the page needed least in the future. These two techniques both influence the likelihood of a requested object being memory resident. We believe an effective way of reducing disk I/O is to take advantage of the synergy that exists between clustering and buffer replacement. Hence, we design a framework, whereby clustering algorithms incorporating buffer replacement cache behaviour can be conveniently employed for enhancing the I/O performance of OODBMS. We call this new type of clustering algorithm, Cache Conscious Clustering (C3). In this paper, we present the C3 framework, and a C3 algorithm that we have developed, namely C3-GP. We have tested C3-GP against three well known clustering algorithms. The results show that C3-GP out performs them by up to 40% when using popular buffer replacement algorithms such as LRU and CLOCK. C3-GP offers the same performance as the best existing clustering algorithm when the buffer size compared to the database size is very small.     

主从链下的物联网隐私数据跨域安全共享模型

为了解决各个信任应用域之间的跨域安全问题,保证隐私数据的跨域共享,利用区块链技术构建了基于主从链的隐私数据跨域共享模型。首先构建了主从链,并提出基于主从链的跨域共享模型架构;设计了基于智能合约的跨域访问机制,并基于跨域访问机制提出了面向隐私数据的跨域安全共享方案;最后,对模型的稳定性、吞吐量、存储开销等方面进行了实验及对比分析。实验结果表明,该模型同最新的单链跨域模型相比,吞吐量提升了270 TPS左右,节点的平均CPU负载和平均内存开销分别下降了24%和64%;同现有多链跨域模型相比,节点的平均CPU负载和平均内存开销分别下降了15%和20%,为物联网隐私数据的跨域安全共享提供了一种有效方法。     

Implementing location independent invocation

The problems of finding objects in large and wide-area networks where objects may change their location in volatile memory as well as on stable storage are presented. The authors discuss possible solutions and describe those adopted in the Hermes system (a corporate wide, real life office application). They have designed and developed a location-independent-invocation (LII) mechanism that combines finding with invocation, using temporal location information. The mechanism also updates the system's knowledge of an object's location as a side-effect of invocation and object migration. Assumptions about object mobility indicate that objects are likely to be found within a few propagations of an invocation. If they cannot be found in this way, stable-storage and name services are used to locate the object. The major contribution of this work is to show how LII can be achieved in a large and dynamic environment in which objects are supported by neither are operating system nor the programming language     

Periodic early detection for improved TCP performance and energy efficiency

Reducing the size of packet buffers in network equipment is a straightforward method for improving the network performance experienced by user applications and also the energy efficiency of system designs. Smaller buffers imply lower queueing delays, with faster delivery of data to receivers and shorter round-trip times for better controlling the size of TCP congestion windows. If small enough, downsized buffers can even fit in the same chips where packets are processed and scheduled, avoiding the energy cost of external memory chips and of the interfaces that drive them. On-chip buffer memories also abate packet access latencies, further contributing to system scalability and bandwidth density. Unfortunately, despite more than two decades of intense research activity on buffer management, current-day system designs still rely on the conventional bandwidth-delay product rule to set the size of their buffers. Instead of decreasing, buffer sizes keep on growing linearly with link capacities.We draw from the limitations of the buffer management schemes that are commonly available in commercial network equipment to define Periodic Early Detection (PED), a new active queue management scheme that achieves important buffer size reductions (more than 95%) while retaining TCP throughput and fairness. We show that PED enables on-chip buffer implementations for link rates up to 100 Gbps while relieving end users from network performance disruptions of common occurrence.     

支持网格的机群操作系统的设计

机群操作系统面临着网格计算对其提出的资源共享、协同工作和自治管理的挑战，现有的扁平机群操作系统不能够适应这种需求，提出了一种基于服务的机群操作系统DCOS，采用层次型结构和面向对象的设计思想，从多个角度为网络系统提供支持，讨论了远程过程调用、系统状态侦测、实时检查点、安全机制等主要关键技术。     

Online FPS games: effect of router buffer and multiplexing techniques on subjective quality estimators

First Person Shooters are a genre of online games in which users demand a high interactivity, because the actions and the movements are very fast. They usually generate high rates of small packets which have to be delivered to the server within a deadline. When the traffic of a number of players shares the same link, these flows can be aggregated in order to save bandwidth. Certain multiplexing techniques are able to merge a number of packets, in a similar way to voice trunking, creating a bundle which is transmitted using a tunnel. In addition, the headers of the original packets can be compressed by means of standard algorithms. The characteristics of the buffers of the routers which deliver these bundled packets may have a strong influence on the network impairments (mainly delay, jitter and packet loss) which determine the quality of the game. A subjective quality estimator has been used in order to study the mutual influence of the buffer and multiplexing techniques. Taking into account that there exist buffers which size is measured in terms of bytes, and others measured in packets, both kinds of buffers have been tested, using different sizes. Traces from real game parties have been merged in order to obtain the traffic of 20 simultaneous players sharing the same Internet access. The delay and jitter produced by the buffer of the access router have been obtained using simulations. In general, the quality is expected to be reduced as the background traffic grows, but the results show an anomalous region in which the quality rises with the background traffic amount. Small buffers present better subjective quality results than bigger ones. When the total traffic amount gets above the available bandwidth, the buffers measured in bytes add to the packets a fixed delay, which grows with buffer size. They present a jitter peak when the offered traffic is roughly the link capacity. On the other hand, buffers which size is measured in packets add a smaller delay, but they increase packet loss for gaming traffic. The obtained results illustrate the need of knowing the characteristics of the buffer in order to make the correct decision about traffic multiplexing. As a conclusion, it would be interesting for game developers to identify the behaviour of the router buffer so as to adapt the traffic to it.     

实时中间件的优先级映射

实时CORBA(common object request broker architecture)规定了独立于操作系统的CORBA优先级,每个请求都可以携带CORBA优先级,而执行请求的所有线程都使用该CORBA优先级映射后的本地操作系统优先级.如何将范围较大的CORBA优先级映射到范围较小的操作系统优先级,并且尽量保持CORBA优先级的序关系,避免优先级翻转是实时CORBA需要解决的重要问题.该问题在实时中间件中具有普遍意义.简要介绍了实时中间件中的优先级映射机制,提出了中间件优先级到本地操作系统优先级的静态散列法和动态映射法,并给出了动态映射法的实现算法.散列法实现简单,但会影响中间件的互操作和可移植性,难以保证优先级映射的严格序关系;动态映射法实现复杂,但能严格保证优先级映射的序关系.     

Automatic Flow-Control Adaptation for Enhancing Network Performance in Computational Grids

With the advent of computational Grids, networking performance over the wide-area network (WAN) has become a critical component in the Grid infrastructure. Unfortunately, many high-performance Grid applications only use a small fraction of their available bandwidth because operating systems and their associated protocol stacks are still tuned for yesterday's WAN speeds. As a result, network gurus undertake the tedious process of manually tuning system buffers to allow TCP flow control to scale to today's WAN Grid environments. And although recent research has shown how to set the size of these system buffers automatically at connection set-up, the buffer sizes are only appropriate at the beginning of the connection's lifetime. To address these problems, we describe an automated and lightweight technique called dynamic right-sizing that can improve throughput by as much as an order of magnitude while still abiding by TCP semantics.     

Kernel-Kernel communication in a shared-memory multiprocessor

In the standard kernel organization on a bus-based multiprocessor, all processors share the code and data of the operating system; explicit synchronization is used to control access to kernel data structures. Distributed-memory multicomputers use an alternative approach, in which each instance of the kernel performs local operations directly and uses remote invocation to perform remote operations. Either approach to interkernel communication can be used in a large-scale shared-memory multiprocessor. In the paper we discuss the issues and architectural features that must be considered when choosing between remote memory access and remote invocation. We focus in particular on experience with the Psyche multiprocessor operating system on the BBN Butterfly Plus. We find that the Butterfly architecture is biased towards the use of remote invocation for kernel operations that perform a significant number of memory references, and that current architectural trends are likely to increase this bias in future machines. This conclusion suggests that straightforward parallelization of existing kernels (e.g. by using semaphores to protect shared data) is unlikely in the future to yield acceptable performance. We note, however, that remote memory access is useful for small, frequently-executed operations, and is likely to remain so.     

A compositional Petri net translation of general π-calculus terms

We propose a finite structural translation of possibly recursive π-calculus terms into Petri nets. This is achieved by using high-level nets together with an equivalence on markings in order to model entering into recursive calls, which do not need to be guarded. We view a computing system as consisting of a main program (π-calculus term) together with procedure declarations (recursive definitions of π-calculus identifiers). The control structure of these components is represented using disjoint high-level Petri nets, one for the main program and one for each of the procedure declarations. The program is executed once, while each procedure can be invoked several times (even concurrently), each such invocation being uniquely identified by structured tokens which correspond to the sequence of recursive calls along the execution path leading to that invocation.     

Optimally efficient estimation of the statistics of rare events inqueueing networks

Because of their rarity, the estimation of the statistics of buffer overflows in networks of queues by direct simulation is very costly. An asymptotically optimal (as the overflow recurrence time becomes large) scheme has been proposed by others, using importance sampling. Two aspects of this scheme are addressed. First, in the existing approach, a numerical minimization is required to generate the simulation network. An equivalent analytic minimization is described. A simple procedure for constructing the optimal simulation network is included. Second, it is shown that the average behaviour of the simulation system is the same as the average behavior of the original network in the period leading up to a buffer overflow. For a sufficiently large buffer size, the optimal simulation system depends only on the statistics of the service rate of one queue (that of the least serviced buffer) and the arrival process, assuming that no two service rates are actually equal, and does not depend in any way on the statistics of the service rates of buffers other than the one dominating the overflow statics     

跨安全域网页恶意代码运行机理与防范

网页恶意代码是木马用来传播的主要方式之一,各种有危害性的木马都可以做成网页恶意代码来传播危害用户,通过分析网页恶意代码的运行机理,对其中网页恶意代码实现跨安全域的方法进行深入探讨,分析跨域漏洞形成原因,从程序开发人员的角度给出跨域网页恶意代码的防范方法,为上网用户提供安全的网络环境。