Yong LI Depeng JIN Li SU Lieguang ZENG
Delay Tolerant Networks (DTNs) are able to provide communication services in challenged networks where the end-to-end path between the source and destination does not exist. In order to increase the probability of message delivery, DTN routing mechanisms require nodes in the network to store and carry messages in their local buffer and to replicate many copies. When the limited buffer is consumed, choosing appropriate messages to discard is critical to maximizing the system performance. Current approaches for this are sub-optimal or assumed unrealistic conditions. In this paper, we propose an optimal buffer management scheme for the realistic situations where the bandwidth is limited and messages vary in size. In our scheme, we design a message discard policy that maximizes the message delivery rate. Simulation results demonstrate the efficiency of our proposal.
Toshihiro YOKOYAMA Miyuki HANAOKA Makoto SHIMAMURA Kenji KONO Takahiro SHINAGAWA
Secure operating systems (secure OSes) are widely used to limit the damage caused by unauthorized access to Internet servers. However, writing a security policy based on the principle of least privilege for a secure OS is a challenge for an administrator. Considering that remote attackers can never attack a server before they establish connections to it, we propose a novel scheme that exploits phases to simplify security policy descriptions for Internet servers. In our scheme, the entire system has two execution phases: an initialization phase and a protocol processing phase. The initialization phase is defined as the phase before the server establishes connections to its clients, and the protocol processing phase is defined as the phase after it establishes connections. The key observation is that access control should be enforced by the secure OS only in the protocol processing phase to defend against remote attacks. Since remote attacks cannot be launched in the initialization phase, a secure OS is not required to enforce access control in this phase. Thus, we can omit the access-control policy in the initialization phase, which effectively reduces the number of policy rules. To prove the effectiveness of our scheme, we wrote security policies for three kinds of Internet servers (HTTP, SMTP, and POP servers). Our experimental results demonstrate that our scheme effectively reduces the number of descriptions; it eliminates 47.2%, 27.5%, and 24.0% of policy rules for HTTP, SMTP, and POP servers, respectively, compared with an existing SELinux policy that includes the initialization of the server.
MPLS-based path technology shows promise as a means of realizing reliable IP networks. Real-time services such as VoIP and video-conference supplied through a multi-domain MPLS network must be able to guarantee end-to-end QoS of the inter-domain paths. Thus, it is important to allocate an appropriate QoS class to the inter-domain paths in each domain traversed by the inter-domain paths. Because each domain has its own policy for QoS class allocation, it is necessary to adaptively allocate the optimum QoS class based on estimation of the QoS class allocation policies in other domains. This paper proposes two kinds of adaptive QoS class allocation schemes, assuming that the arriving inter-domain path requests include the number of downstream domains traversed by the inter-domain paths and the remaining QoS value toward the destination nodes. First, a measurement-based scheme, based on measurement of the loss rates of inter-domain paths in the downstream domains, is proposed. This scheme estimates the QoS class allocation policies in the downstream domains, using the measured loss rates of path requests. Second, a state-dependent type scheme, based on measurement of the arrival rates of path requests in addition to the loss rates of paths in the downstream domains, is also proposed. This scheme allows an appropriate QoS class to be allocated according to the domain state. This paper proposes an application of the Markov decision theory to the modeling of state-dependent type scheme. The performances of the proposed schemes are evaluated and compared with those of the other less complicated non-adaptive schemes using a computer simulation. The results of the comparison reveal that the proposed schemes can adaptively increase the number of inter-domain paths accommodated in the considered domain, even when the QoS class allocation policies change in the other domains and the arrival pattern of path requests varies in the considered domain.
Youngjoo HAN Hyewon SONG Byungsang KIM Chan-Hyun YOUN
Due to the dynamic nature and uncertainty of grid computing, system reliability can become very unpredictable. Thus, a well-defined scheduling mechanism that provides high system availability for grid applications is required. In this letter, we propose a SLA-constrained policy-based scheduling mechanism to enhance system performance in grid. Also, we implement the proposed model and show that our policy-based scheduling mechanism can guarantee high system availability as well as support load balancing on an experimental basis.
Seng-Phil HONG Gail-Joon AHN Wenjuan XU
The information technology revolution has transformed all aspects of our society including critical infrastructures and led a significant shift from their old and disparate business models based on proprietary and legacy environments to more open and consolidated ones. Supervisory Control and Data Acquisition (SCADA) systems have been widely used not only for industrial processes but also for some experimental facilities. Due to the nature of open environments, managing SCADA systems should meet various security requirements since system administrators need to deal with a large number of entities and functions involved in critical infrastructures. In this paper, we identify necessary access control requirements in SCADA systems and articulate access control policies for the simulated SCADA systems. We also attempt to analyze and realize those requirements and policies in the context of role-based access control that is suitable for simplifying administrative tasks in large scale enterprises.
Chengjie ZANG Shigeki IMAI Steven FRANK Shinji KIMURA
Simultaneous Multithreading (SMT) technology enhances instruction throughput by issuing multiple instructions from multiple threads within one clock cycle. For in-order pipeline to each thread, SMT processors can provide large number of issued instructions close to or surpass than using out-of-order pipeline. In this work, we show an efficient issue logic for predicated instruction sequence with the parallel flag in each instruction, where the predicate register based issue control is adopted and the continuous instructions with the parallel flag of '0' are executed in parallel. The flag is pre-defined by a compiler. Instructions from different threads are issued based on the round-robin order. We also introduce an Instruction Queue skip mechanism for thread if the queue is empty. Using this kind of issue logic, we designed a 6 threads, 7-stage, in-order pipeline processor. Based on this processor, we compare round-robin issue policy (RR(T1-Tn)) with other policies: thread one always has the highest priority (PR(T1)) and thread one or thread n has the highest priority in turn (PR(T1-Tn)). The results show that RR(T1-Tn) policy outperforms others and PR(T1-Tn) is almost the same to RR(T1-Tn) from the point of view of the issued instructions per cycle.
This paper presents a middleware system for multi-agents on a distributed system as a general test-bed for bio-inspired approaches. The middleware is unique to other approaches, including distributed object systems, because it can maintain and migrate a dynamic federation of multiple agents on different computers. It enables each agent to explicitly define its own deployment policy as a relocation between the agent and another agent. This paper describes a prototype implementation of the middleware built on a Java-based mobile agent system and its practical applications that illustrates the utility and effectiveness of the approach in real distributed systems.
This paper examines a system which is inspected at equally spaced points in time. We express the observed states of the system as a discrete time Markov chain with an absorbing state. It is assumed that the true state is certainly identified through inspection. After each inspection, one of three actions can be taken: Operation, repair, or replacement. We assume that the result of repair is uncertain. If repair is taken, we decide whether to inspect the system or not. When inspection is performed after completion of repair, we select an optimal action. After replacement, the system becomes new. We study the optimal maintenance policy which minimizes the expected total discounted cost for unbounded horizon. It is shown that, under reasonable conditions on the system's deterioration and repair laws and the cost structures, a control limit policy is optimal. We derive several valid properties for finding the optimal maintenance policy numerically. Furthermore, numerical analysis is conducted to show our theoretical results could hold under weaker conditions.
"Cognitive radio" and "software-defined radio" (SDR) are today an important consideration in major spectrum debates in the United States. The U.S. drafted its first SDR rules in 2001, and since has continued efforts to resolve potential regulatory concerns and facilitate the benefits of the technology. At the same time, Japan has had a very rich experience in the lab with SDR, with significant achievements on many engineering topics. However, the regulatory state of SDR in Japan has not kept pace with the United States. Likewise cognitive radio, while a topic of inquiry, betrays a different focus. The paper explores why the paths for these technologies have diverged in the U.S. and Japan.
Takeshi MURAKAMI Masaki BANDAI Iwao SASASE
In this paper, we propose Split Multi-path Routing protocol with Load Balancing policy (SMR-LB) to improve TCP performance in mobile ad hoc networks. In SMR-LB, each intermediate node records how many primary paths are attempted to construct as well as which source nodes attempt to construct the primary path. Each intermediate node decides which primary path should be constructed by using the primary path and the source node ID information. As a result, SMR-LB can balance the loads and so reduce the probability of congestion and avoid the continuous link breakage time between the specific source and destination pair. Computer simulation results show that SMR-LB can improve TCP performance compared with the conventional protocols.
Hui-Kai SU Zhi-Zhen YAU Cheng-Shong WU Kim-Joan CHEN
This paper proposes a framework for session-level SLA (Service Level Agreement) and network-level SLA management to provide QoS-oriented application services over DiffServ/MPLS networks. DiffServ and MPLS technologies enhance the capability of QoS guarantee on IP network, and application service provider can provide QoS-oriented application services to their customers based on the transport networks. The example of using our approaches in the VoIP service involving the network service provider, the VoIP service provider, and the VoIP customers are examined. The session-level SLA between VoIP service provider and VoIP customer and the network-level SLA (N-SLA) between network provider and VoIP service provider are constructed in this paper. Besides, the VoIP service provider faces the QoS-mapping issue and the balance between revenue and cost, i.e., how to contract the N-SLA. Therefore, we introduce an off-line SLA evaluation scheme, a heuristic optimization algorithm and an on-line SLA process method to provide VoIP service policy, and then the optimal QoS-mapping can be resolved. The concept of this framework of session-level SLA and network-level SLA management can be extended easily into other real-time multimedia and non-real time data services.
Yasuyuki TANAKA Mitsunobu KUNISHI Fumio TERAOKA
To achieve profits derived from multihoming, policy routing is supposed to be necessary. For routers' policy routing, some systems and implementations already exist. In addition to routers' operating systems with policy routing functions, IP Filter and iproute2 are useful for policy routing on routers. But they don't suit for policy routing on multihomed end-hosts because of differences on network environments between routers and end-hosts. In contrast with routers' network environments, there are some dynamic changes of network environments with some types of end-hosts, for example, laptop computers. Therefore, another policy routing system is needed for end-hosts' policy routing, which adapts to dynamic changes of network environment. PMPATH (Policy based MultiPATH routing system) is a policy routing system and designed especially for end-hosts uses. PMPATH uses source address selection as network selection, PMPATH can adapt to dynamic changes of network environment. PMPATH's policies for source address selection are defined in form of address block. PMPATH also provides outgoing interface selection. We implemented PMPATH on NetBSD 2.99.15 and tested its performance on multihomed end-hosts. PMPATH implementation works well even if there are changes of network environment. In this result, it is shown that PMPATH is useful for multihomed end-hosts' policy routing.
HeeSoo KIM Shigeru YAMADA DongHo PARK
In this paper, we propose a new software reliability growth model which is the mixture of two exponential reliability growth models, one of which has the reliability growth and the other one does not have the reliability growth after the software is released upon completion of testing phase. The mixture of two such models is characterized by a weighted factor p, which is the proportion of reliability growth part within the model. Firstly, this paper discusses an optimal software release problem with regard to the expected total software cost incurred during the warranty period under the proposed software reliability growth model, which generalizes Kimura, Toyota and Yamada's (1999) model with consideration of the weighted factor. The second main purpose of this paper is to apply the Bayesian approach to the optimal software release policy by assuming the prior distributions for the unknown parameters contained in the proposed software reliability growth model. Some numerical examples are presented for the purpose of comparing the optimal software release policies depending on the choice of parameters by the non-Bayesian and Bayesian methods.
The RF environment in the future will consist of many mobile devices operating across a wide range of applications. Most radio developments assume a static operating environment. The physical layer, MAC layer, and network protocols are optimized for that specific environment. However, this new RF environment consisting of many mobile devices will be very dynamic. Radios will need the capacity to sense and adapt to changing environmental conditions. That characteristic is generally associated with cognitive radio. This paper will provide an introduction to new strategies for designing systems for this new, dynamic environment using cognitive radio technology.
Shigeta KUNINOBU Yoshiaki TAKATA Naoya NITTA Hiroyuki SEKI
A policy is an execution rule (or constraint) for objects in a system to retain security and integrity of the system. We introduce a simple policy specification language and define its operational semantics. A new NFA construction algorithm that works in linear time is proposed and a model checking method for policy controlled system (PCS) is presented. We conducted verification of a sample PCS for hotel reservation by our automatic verification tool and the experimental results showed the efficiency of the proposed method.
Jangmin O Jongwoo LEE Jae Won LEE Byoung-Tak ZHANG
Effective trading with given pattern-based multi-predictors of stock price needs an intelligent asset allocation strategy. In this paper, we study a method of dynamic asset allocation, called the meta policy, which decides how much the proportion of asset should be allocated to each recommendation for trade. The meta policy makes a decision considering both the recommending information of multi-predictors and the current ratio of stock funds over the total asset. We adopt evolutionary computation to optimize the meta policy. The experimental results on the Korean stock market show that the trading system with the proposed meta policy outperforms other systems with fixed asset allocation methods.
Il-Gu LEE Hyung-Joun YOO Sin-Chong PARK
In the recent draft of the 802.11e MAC, the Hybrid Coordinator (HC) gives transmission opportunity (TXOP) for a station to transmit burst frames in TXOP for improving throughput efficiency. In this paper, we express the expected throughput for the Block Ack policy in Polled TXOP as a closed form function of the number of burst MSDUs, the number of fragmented MPDUs, the data payload length, the frame retry count, the wireless channel condition, and the selected PHY mode. Based on our simulation study and analysis, we show that the TXOP and proper Ack policy can enhance system performance, and that there are the Block Ack efficient block size and frame length to transmit the burst frames for each PHY mode. Moreover, we also show that when the Block Ack mechanism is combined with link adaptation, it has better throughput performance.
Gang FENG Chee Kheong SIEW Kek Wee LOK Kwan Lawrence YEUNG
Active Reliable Multicast (ARM) is a novel loss recovery scheme for large-scale reliable multicast that employs active routers to protect the sender and network bandwidth from unnecessary feedback and repair traffic. Active routers perform NACKs suppression, cache multicast data for local loss recovery, and use scoped retransmission to avoid exposure. Limited active resources at routers need to be optimized to achieve low loss recovery latency and/or high network throughput. In this paper, we study the cache placement strategies and caching policies for ARM. Several heuristics, namely uniform allocation, proportional allocation, max-min fair share and weighted allocation for cache allocation methods are proposed. To further improve the loss recovery performance, caching policies can be employed in conjunction with the cache allocation strategies. Several caching policies, namely complete caching, random caching and deterministic caching, are proposed. Extensive simulation experiments are conducted to evaluate and compare the performance of the proposed strategies and policies. Numerical results reveal that significant performance gains can be achieved when a proper cache placement strategy and a caching policy are used for a given available cache resource. Another interesting finding is that the contributions of the cache placement scheme and caching policy to the recovery latency performance are roughly independent. The obtained insights in this study will provide some design guidelines for optimal active resource allocation and caching polices for reliable multicast communications.
In this article we propose a new framework to support QoS and 4G enabled mobility management. The key feature of this framework is twofold; the Policy based Handover control, and the adaptive handover mechanisms. On one hand, the adaptive handover mechanism will allow the selection of different handover schemes based on the user service level specification in order to differentiate the handover quality provided for the required service level, thus optimizing the network resources usage and providing the agreed service level to users. On the other hand, the proposed handover control mechanism considers resource availability and other constraints during the handover decision in order to provide support for QoS aware mobility on the contrary of the classical naïve mobility management that considers only signal strength fading. This decision mechanism will provide mainly the interaction between the mobility and QoS management frameworks but also a 4G handover control. In addition, the QoS aware handover will provide the knowledge necessary to achieve a proactive handover's procedures control.
Kiyohito YOSHIHARA Manabu ISOMURA Hiroki HORIUCHI
In policy-based management, in addition to deliver and enforce policies in managed systems, it is inevitable to manage the policy life-cycle. We mean the policy life-cycle as cyclic iteration of processes involving monitoring to see if the enforced policies actually work at operators' will and their adaptation based on monitoring. Enabling such policy life-cycle management by the current centralized management paradigm such as SNMP may, however, result in poor scalability and reliability. This is typically due to much bandwidth consumption for monitoring and communication failure between a management system and a managed system. It may also impose a heavy burden on the operators in analyzing management information for the policy adaptation. For a solution to that, we propose a scalable and reliable policy-based management scheme enabling the policy life-cycle management based on distributed management paradigm. In the scheme, we provide a new management script describing policies and how their life-cycle should be managed, and execute the script on the managed system with enough computation resources. The scheme can make the current policy-based management more scalable by reducing management traffic, more reliable by distributing management tasks to the managed systems, and more promising by relieving of the operators' burden. We implement a prototype system based on the scheme taking Differentiated Services as a policy enforcement mechanism, and evaluate the scheme from the following viewpoints: 1) the reliability, 2) relievability, and 3) scalability. The first two will be shown with a policy adaptation scenario in an operational network. The last one will be investigated in terms of the management traffic reduction by a management script, the management traffic required for the management of a management script, and the load on a managed system to execute management scripts. As deployment consideration of the proposed scheme besides technical aspects, we also discuss how the prototype system could be integrated with managed systems compliant to the standards emerging in the marketplace.