Memory-aware kernel mechanism and policies for improving internode load balancing on NUMA systems

Although nonuniform memory access architecture provides better scalability for multicore systems, cores accessing memory on remote nodes take longer than those accessing on local nodes. Remote memory access accompanied by contention for internode interconnection degrades performance. Properly mapping threads to cores and data accessed to their nodes can substantially improve performance and energy efficiency. However, an operating system kernel's load-balancing activity may migrate threads across nodes, which thus messes up the thread mapping. Besides, subsequent data mapping behavior pays for the cost of page migration to reduce remote memory access. Once unsuitable threads are migrated, it is detrimental to system performance. This paper focuses on improving the kernel's internode load balancing on nonuniform memory access systems. We develop a memory-aware kernel mechanism and policies to reduce remote memory access incurred by internode thread migration. The Linux kernel's load balancing mechanism is modified to incorporate selection policies in the internode thread migration, and the kernel is modified to track the amount of memory used by each thread on each node. With this information, well-designed policies can then choose suitable threads for internode migration. The purpose is to avoid migrating a thread that might incur relatively more remote memory access and page migration. The experimental results show that with our mechanism and the proposed selection policies, the system performance is substantially increased when compared with the unmodified Linux kernel that does not consider memory usage and always migrates the first-fit thread in the runqueue that can be migrated to the target central processing unit.     

An adaptive threshold based hybrid load balancing scheme with sender and receiver initiated approach using random information exchange

The primary objective of load balancing for distributed systems is to minimize the job execution time while maximizing the resource utilization. Load balancing on decentralized systems need effective information exchange policy so that with minimum amount of communication the nodes have up to date information about other nodes in the system. Periodic, event‐based and on‐demand information exchange are some important policies used for the same. All these approaches involve a lot of overhead and even sometime leading toward obsolete data with the nodes if there is a delay in the updation. This work presents an adaptive threshold‐based hybrid load balancing scheme with sender and receiver initiated approach (HLBWSR) using random information exchange (RIE). RIE ensures that the information is exchanged in such a way that each node in the system has up‐to‐date state of the other nodes with much reduced communication overhead. Further, the adaptive threshold ensures that almost an average numbers of jobs are executed by all the nodes in the system. The study of the effect of the use of RIE on sender initiated, receiver initiated and hybrid of sender and receiver initiated load balancing approach establishes the superior performance of HLBWSR among its RIE‐based peers. A comparative analysis of HLBWSR, with periodic information exchange strategy, modified estimated load information scheduling algorithm and load balancing on arrival reveals its effectiveness under various test conditions. Copyright © 2016 John Wiley & Sons, Ltd.     

Data Placement in P2P Data Grids Considering the Availability, Security, Access Performance and Load Balancing

Data dependability is an important issue in data Grids. Replication schemes have been widely used in distributed systems to ensure availability and improve access performance. Alternatively, data partitioning schemes (secret sharing, erasure coding with encryption) can be used to provide availability and, in addition, to offer confidentiality protection. In peer-to-peer data Grids, such confidentiality protection is essential since the nodes hosting the data shares may not be trustworthy or may be compromised. However, difficulties in generating new shares and potential security concerns for share reallocation make a pure data partitioning scheme not easily adaptable to dynamic user access patterns. In this paper, we consider combining replication and data partitioning to assure data availability, confidentiality, load balance, and efficient access for data Grid applications. Data are partitioned and shares are dispersed. The shares may be replicated to achieve better performance, load balance, and availability. Models for assessing confidentiality, availability, load balance, and communication cost are developed and used as the metrics to guide placement decisions. Due to the nature of contradicting goals, we model the placement decision problem as a multi-objective problem and use a genetic algorithm to determine solutions that are approximate to the Pareto optimal placement solutions.     

分布式数据流上的高性能分发策略

随着大数据应用的普及,高效可扩展的数据流操作在实时分析处理中扮演着越来越重要的角色.分布式并行处理架构是应对大流量、低延时数据流处理任务的一种有效解决方案.然而,在Key-based分组并行处理中,由于数据的倾斜分布及数据流本身的实时、动态和数据规模不可预知等特性,使得数据流分布并行处理系统存在持续且动态的负载不均衡现象,这会造成系统时效性降低、硬件资源浪费等问题.现有的研究工作处理均衡负载有两种方案：1）基于key粒度的迁移使得并行处理节点负载达到均衡,2）基于元组粒度级别的拆分,采用随机分发来使系统均衡.前者将系统调整至给定的均衡容忍范围内,类似于一维装箱的NP问题;后者对key的拆分势必带来新的为维护Key-based操作的正确性而增加的额外代价,如内存及网络通信成本.本文综合两种方法,提出对key按需拆分、尽量合并的方法,通过轻量级均衡调整算法以及保证Key-based操作特性的拆分方法,使系统既能达到后者的均衡,又能减少细粒度均衡所带来的额外代价.     

辫群上的可转换认证加密方案

量子计算的快速发展给目前的公钥密码体制带来严重威胁,非交换的辫群为构造安全密码协议提供了新平台。基于辫群上共轭搜索问题和多重共轭搜索问题的难解性,提出一个可转换认证加密方案,只有指定的接收者才能恢复认证的原始消息;当发送者否认签名时,接收者不需要发送方的参与即可将收到的签名转换为一般签名,并向第三方证明发送者的不诚实。与基于交换代数的方案相比,该方案在抗量子攻击上更有优势。     

同时多线程处理器上的动态分支预测器设计方案研究

同时多线程处理器（SMT）每个周期能够从多个线程中发射指令执行,从而大大地提高了超标量微处理器的指令吞吐量,但多个线程的同时执行也带来了许多硬件资源的共享冲突问题.其中,多个线程共享分支预测硬件的方案会对分支预测精度产生较大的影响.研究SMT处理器中分支处理方案对于处理器整体性能的影响,对于指导SMT处理器的设计是十分重要的.本文利用SMT处理器模拟器,针对各线程运行独立应用的SMT结构实验评估了几种著名的分支预测方案;给出了在单线程和多线程情况下,分支预测方案对分支预测精度和处理器整体性能的影响的分析;总结出在这样的SMT结构中,各线程拥有独立的预测器是一种较好的选择,并且由于各独立预测器可以采用小而简单的结构,所以不会带来太多的硬件开销.     

Distributed strategic interleaving with load balancing

In a previous paper, we developed an algebraic theory of threads, interleaving of threads, and interaction of threads with services. In the current paper, we assume that the threads and services are distributed over the nodes of a network. We extend the theory developed so far to the distributed case by introducing distributed interleaving strategies that support explicit thread migration and see to load balancing or capability searching by implicit thread migration. The extension to the distributed case provides insight into details of multi-threading that come up in a networked environment.     

An efficient non-interactive deniable authentication scheme based on trapdoor commitment schemes

Deniable authentication scheme is one of useful tools for secure communications. The scheme allows a sender to prove the authenticity of a message to a specified receiver without permitting the receiver to prove that the message was authenticated by the sender. Non-interactive schemes are more attractive than interactive schemes in terms of communication overhead, and thus several non-interactive deniable authentication scheme have been proposed. In this paper, we propose an efficient non-interactive deniable authentication scheme based on trapdoor commitment scheme. We construct an efficient trapdoor commitment scheme which provides very efficient commitment evaluation operation. Then we design an efficient non-interactive deniable authentication scheme by using the trapdoor commitment scheme. We also prove the security of our scheme under firmly formalized security model.     

Storm环境下基于拓扑结构的任务调度策略

针对Storm流式计算平台中默认轮询调度策略存在通信开销大、负载不均衡的问题,提出基于拓扑结构的任务调度策略（TS²）。首先,选取CPU资源充足且可用的工作节点并各分配一个进程,消除节点内进程间通信开销,优化进程部署;然后,分析拓扑结构,找出拓扑中度最大的组件,优先分配该组件的线程;最后,在满足节点可承载最大线程数的条件下,尽可能将关联任务部署到同一个节点来减少节点间通信开销,改善集群负载均衡,优化线程部署。实验结果表明：在系统延迟方面,与Storm默认调度策略和离线调度策略相比,TS²的平均优化率分别为16.91%和5.69%,有效提高了系统的实时性;在节点间通信开销方面,TS²相比于Storm默认调度策略平均降低了15.75%;在平均吞吐量方面,TS²相比于Storm默认调度策略平均提升了14.21%。     

Techniques for increasing the stream capacity of a high-performancemultimedia server

High-performance servers and high-speed networks will form the backbone of the infrastructure required for distributed multimedia information systems. A server for an interactive distributed multimedia system may require thousands of gigabytes of storage space and a high I/O bandwidth. In order to maximize the system utilization, and thus minimize the cost, it is essential that the load be balanced among each of the server's components, viz. the disks, the interconnection network and the scheduler. Many algorithms for maximizing retrieval capacity from the storage system have been proposed in the literature. This paper presents techniques for improving the server capacity by assigning media requests to the nodes of a server so as to balance the load on the interconnection network and the scheduling nodes. Five policies for request assignment-round-robin (RR), minimum link allocation (MLA), minimum contention allocation (MCA), weighted minimum link allocation (WMLA) and weighted minimum contention allocation (WMCA)-are developed. The performance of these policies on a server model developed by the authors (1995) is presented. We also consider the issue of file replication, and develop two schemes for storing the replicas: the parent group-based round-robin placement (PGBRRP) scheme, and the group-wide round-robin placement (GWRRP) scheme. The performance of the request assignment policies in the presence of file replication is presented     

DVE系统中基于延迟拟合的间距一致性控制方法

分布式虚拟环境系统中连续模型的间距一致性问题是影响系统功能和性能的关键问题,现有控制方法通常采用发送节点确定延迟的策略,在接收节点之间建立了制约关系,无法对系统的响应能力进行有效优化。为此,本文提出基于延迟拟合的间距一致性控制方法,该方法通过接收节点定序的方式解除了节点间的强制约关系,并通过本地事件和异地事件统一延迟的策略维护了事件处理的时序一致和间距一致。此外,为了在运行期对节点延迟时间进行有效调配,本文提出一种基于二叉搜索树的延迟拟合值维护方法,通过周期性地对节点间延迟进行拟合及更新,保证了该方法的有效性。实验结果表明本文方法在保证各节点间距一致性的基础上有效改善了系统的整体性能。     

基于组群的可实现接收者匿名的通信模型*

基于组群的匿名实现了通过多主机的转发对发送者或双方通信关系的隐藏,典型的实现如Crowds利用转发概率实现了发送者一定程度的匿名,但该系统对于接收者匿名缺乏保护,接收者对于Crowds的组员而言完全是公开的。新模型在传统的Crowds基础上,利用公开密钥加密实现了接收者匿名,同时提出了一种新的通信加密方案,并通过改进对Jondo的管理,提高了性能,改善了匿名度。     

On the Performance of Permutation Codes for Multi-User Communication

Permutation coding for multi-user communication schemes that originate from the Fast Frequency Hopping/Multiple Frequency Shift Keying modulation is investigated. Each sender is either passive or sends some signal formed as the concatenation of M elementary signals having M different specified frequencies. There is also a jammer, who can introduce disturbances. A single disturbance is either sending the signal that contains all M frequencies at a certain time instant or sending some elementary signal at all time instants. Each receiver receives a vector of M sets, where a set at each time instant contains a fixed frequency if and only if the corresponding elementary signal was sent by either some sender or the jammer. The task of the receiver is to uniquely decode the message of his sender. We present regular constructions of permutation codes for this scheme given the following parameters: the number of frequencies, number of pairs (sender, receiver), number of messages per sender, and maximum number of disturbances of the jammer.     

A novel cryptoprocessor architecture for chained Merkle signature scheme

One-time signature schemes rely on hash functions and are, therefore, assumed to be resistant to attacks by quantum computers. These approaches inherently raise a key management problem, as the key pair can be used only for one message. That means, for one-time signature schemes to work, the sender must deliver the verification key together with the message and the signature. Upon reception, the receiver has to verify the authenticity of the verification key before verifying the signature itself. Hash-tree based solutions tackle this problem by basing the authenticity of a large number of verification keys on the authenticity of a root key. This approach, however, causes computation, communication, and storage overhead. Due to hardware acceleration, this paper proposes, for the first time, a processor architecture which boosts the performance of a one-time signature scheme without degrading memory usage and communication properties. This architecture realizes the chained Merkle signature scheme on the basis of Winternitz one-time signature scheme. All operations, i.e., key generation, signing, and verification are implemented on an FPGA platform, which acts as a coprocessor. Timing measurements on the prototype show a performance boost of at least one order of magnitude compared to an identical software solution.     

Simple Efficient Load-Balancing Algorithms for Peer-to-Peer Systems

Load balancing is a critical issue for the efficient operation of peer-to-peer (P2P) networks. We give two new load-balancing protocols whose provable performance guarantees are within a constant factor of optimal. Our protocols refine the consistent hashing data structure that underlies the Chord (and Koorde) P2P network. Both preserve Chord's logarithmic query time and near-optimal data migration cost. Consistent hashing is an instance of the distributed hash table (DHT) paradigm for assigning items to nodes in a P2P system: items and nodes are mapped to a common address space, and nodes have to store all items residing closeby in the address space. Our first protocol balances the distribution of the key address space to nodes, which yields a load-balanced system when the DHT maps items "randomly" into the address space. To our knowledge, this yields the first P2P scheme simultaneously achieving O(log n) degree, O(log n) look-up cost, and constant-factor load balance (previous schemes settled for any two of the three). Our second protocol aims to balance directly the distribution of items among the nodes. This is useful when the distribution of items in the address space cannot be randomized. We give a simple protocol that balances load by moving nodes to arbitrary locations "where they are needed." As an application, we use the last protocol to give an optimal implementation of a distributed data structure for range searches on ordered data.     

基于Java线程迁移的Web包容器集群系统的实现

Web包容器集群解决了Web包容器系统容量问题,其核心思想是负载均衡。传统的做法是单一地把HTTP请求静态地分配到各集群节点,这种方法最大的缺陷是不能动态地均衡负载。论文提出了一种前端使用HTTP请求分配,后端使用Java线程迁移的Web包容器集群系统,从很大程度上动态地均衡了节点之间的负载。     

实用的可否认加密方案及安全性证明*

分析了一比特消息可否认加密方案和发送者（或接收者）可否认的加密方案,发现这些方案是不实用的。基于二次剩余问题,使用一个可信第三方,提出了一个方案,实现了发送者和接收者都可否认的加密,可以对多比特消息加密,并且证明语义是安全的。该方案是实用的。     

Robust load-balanced backbone-based multicast routing in mobile opportunistic networks

Mobile opportunistic network (MON) is an efficient way of communication when there is no persistent connection between nodes. Multicast in MONs can be used to efficiently deliver messages to multiple destination nodes. However, because multiple destination nodes are involved, multicast routing is more complex than unicast and brings a higher communication cost. Backbone-based routing can effectively reduce the network overhead and the complexity of routing scheme. However, the load of backbone nodes is larger than that of regular nodes. If the backbone node’s buffer is exhausted, it will have a significant impact on the performance of the routing scheme. Load balancing can improve the ability of backbone to deal with the change of network load, and backbone maintenance algorithm can provide backbone robustness. In this paper, we propose a robust load-balanced backbone-based multicast routing scheme in MONs. In the backbone construction algorithm, we transform the problem of backbone construction into a multi-objective optimization problem, and propose a multi-objective evolutionary algorithm-based backbone construction algorithm, namely LBMBC-MOEA algorithm. In addition, in order to increase the robustness of the backbone-based routing scheme, we propose a localized multicast backbone maintenance algorithm (MBMA) to deal with the buffer exhaustion of backbone nodes. When a backbone node’s residual buffer is insufficient, MBMA algorithm selects other nodes to replace the backbone node. The results on extensive simulations show that when considering the node buffer size constraints, compared with previous backbone-based multicast routing schemes, our proposed algorithm has better performance, and when the node’s residual buffer is insufficient, MBMA algorithm can significantly improve the performance of the backbone-based multicast routing scheme.     

一种结合页分配和组调度的内存功耗优化方法

多核系统中,内存子系统消耗大量的能耗并且比例还会继续增大.因此,解决内存的功耗问题成为系统功耗优化的关键.根据线程的内存地址空间和负载均衡策略将系统中的线程划分成不同的线程组,根据线程所属的组,给同一组内的线程分配相同内存rank中的物理页,然后,根据划分的线程组以组为单位进行调度.提出了结合页分配和组调度的内存功耗优化方法（CAS）.CAS周期性地激活当前需要的内存rank,从而可以将暂时不使用的内存rank置为低功耗状态,同时延长低功耗内存rank的空闲时间.仿真实验结果显示：与其他同类方法相比,CAS方法能够平均降低10%的内存功耗,同时提高8%的性能.     

Concurrently deniable ring authentication and its application to LBS in VANETs

Deniable ring authentication can be used to facilitate privacy-preserving communication since the receiver accepts authentication while cannot convince a third party that the fact of this authentication occurred. Besides that, the receiver cannot decide the actual sender as the sender identity is hidden among a group of participants. However, the concurrent problem has not been studied well in the interactive deniable ring authentication so far. In this work, we propose a deniable ring authentication protocol to handle concurrent scenario, which achieves full deniability. We construct a CCA2-secure (which is secure against Adaptive Chosen Ciphertext attack) multi-receiver encryption scheme to support this protocol and it requires only 2 communication rounds, which is round-optimal in fully deniable ring authentications. In addition, we observe that efficient fully deniable ring authentication can be applied to location-based service in VANETs to protect vehicle privacy.