In policy-based management, in addition to deliver and enforce policies in managed systems, it is inevitable to manage the policy life-cycle. We mean the policy life-cycle as cyclic iteration of processes involving monitoring to see if the enforced policies actually work at operators' will and their adaptation based on monitoring. Enabling such policy life-cycle management by the current centralized management paradigm such as SNMP may, however, result in poor scalability and reliability. This is typically due to much bandwidth consumption for monitoring and communication failure between a management system and a managed system. It may also impose a heavy burden on the operators in analyzing management information for the policy adaptation. For a solution to that, we propose a scalable and reliable policy-based management scheme enabling the policy life-cycle management based on distributed management paradigm. In the scheme, we provide a new management script describing policies and how their life-cycle should be managed, and execute the script on the managed system with enough computation resources. The scheme can make the current policy-based management more scalable by reducing management traffic, more reliable by distributing management tasks to the managed systems, and more promising by relieving of the operators' burden. We implement a prototype system based on the scheme taking Differentiated Services as a policy enforcement mechanism, and evaluate the scheme from the following viewpoints: 1) the reliability, 2) relievability, and 3) scalability. The first two will be shown with a policy adaptation scenario in an operational network. The last one will be investigated in terms of the management traffic reduction by a management script, the management traffic required for the management of a management script, and the load on a managed system to execute management scripts. As deployment consideration of the proposed scheme besides technical aspects, we also discuss how the prototype system could be integrated with managed systems compliant to the standards emerging in the marketplace.

This paper proposes a novel method of identifying the design parameters for a practical implementation of the fair queueing discipline, which is capable of class-level delay control. The notion of class weight is introduced at first, and then the session weights are determined. This two-phase approach is favorable in terms of the scalability;that is, the overall complexity is dependent upon the number of classes only. We propose a packet scheduler referred to as the DPS (Delay-centric Processor Sharing) scheme which employs those design parameters to deliver class-wise delay bound services. The associated admission policy for delay guarantee is also derived. System analysis and derivation of the parameters have their origins in the understanding of the so-called system equation, which describes the dynamics of the class-level service share. The proposed design parameters are QoS-aware in that they are consistently refined depending on the system status. Several numerical and simulation results show that the DPS scheme is advantageous over other ones in terms of both resource efficiency and the robustness. Concerning the scalability, we show that an alternative tagging process of the DPS scheme is implementable with O(1) complexity with no significant degradation in delay performance.

We propose a method for analyzing trade-off between an environment where a Java mobile code application is running and requirements for the application. In particular, we focus on the security-related problems that originate in low-level security policy of the code-centric style of the access control in Java runtime. As the result of this method, we get feasible requirements with respect to security issues of mobile codes. This method will help requirements analysts to compromise the differences between customers' goals and realizable solutions. Customers will agree to the results of the analysis by this method because they can clearly trace the reasons why some goals are achieved but others are not. We can clarify which functions can be performed under the environment systematically. We also clarify which functions in mobile codes are needed so as to meet the goals of users by goal oriented requirements analysis(GORA). By comparing functions derived from the environment and functions from the goals, we can find conflicts between the environments and the goals, and also find vagueness of the requirements. By resolving the conflicts and by clarifying the vagueness, we can develop bases for the requirements specification.

Proxy caches have been used for a very long time to enhance the performance of web access. Along with the recent development of CDN (Content Distribution Network), the web proxy caching has also been adopted in many main techniques. This paper presents a new viewpoint on the possible improvement to the cooperative proxy caching, which can reduce outbound traffic and therefore ideally result in better response time. We take notice to the regional total cost of cache objects for optimizing content distribution. By contrast to the regular removal policies based on single proxy server, we prefer to evaluate a retrieved web object based on the metrics gathered from multiply proxy caches regionally. We particularly introduce a concept called post-removal analysis, which is used in measuring the value of the removed objects. Finally, we use the real proxy cache Squid to implement our proposal and modify the well-known cache benchmarking tool Web Polygraph to test this cooperative prototype. The test results prove that the proposed scheme can bring noticeable improvement on the performance of proxy caching.

To support UDP-based real-time multimedia applications over the Internet, it is necessary to provide a certain amount of bandwidth within the network so that the performance of the applications will not be seriously affected during periods of congestion. Since the flow rates of some of these applications do not back off during periods of congestion, it is also necessary to protect flow-controlled TCP flows from unresponsive or aggressive UDP flows. To achieve these goals, we propose a simple queue policy to support multimedia applications, called threshold-based queue management (TBQM). TBQM isolates UDP flows efficiently from TCP flows to protect TCP flows while supporting bandwidth requirements of UDP applications that require QoS. In addition, TBQM supports drop fairness between flows without maintaining per-flow state. We also present some experimental results to show that the proposed queue policy works well.

Distributed Denial of Service (DDoS) attacks are a pressing problem on the Internet as demonstrated by recent attacks on major e-commerce servers and ISPs. Since the attack is highly distributed, an effective solution must be formulated with a distributed approach. Recently, some solutions, in which intermediate network nodes filter or shape congested traffic, have been proposed. These solutions may decrease the congested traffic, but they still cause "collateral victims problem," that is, legitimate packets may be discarded mistakenly. In this paper, we propose Active Countermeasure Platform to minimize traffic congestion and to address the collateral victim problem using the Active Networks paradigm, which incorporates programmability into intermediate network nodes. Our platform can prevent overloading of the target and consuming the network bandwidth of both the backbone and the protected site autonomously. In addition, it can improve the collateral victim problem based on user policy. This paper shows the concept of our platform, system design and evaluation of the effectiveness using a prototype.

Quality of service (QoS) technology has been implemented and started to be applied to new applications on the next-generation Internet. However, as new applications have many kinds of features and requirements, some additional features should be added to current QoS control technology. For example, they require a definition of a single policy to operate QoS control in the management domain consistently and efficiently. Policy definition for transport layer in a domain and among domains is being discussed at IETF to set a standard process, however detailed policy corresponding to the application or contents information according to the application semantics has not been discussed. Therefore we developed QoS policy control mechanism using metadata which is defined as a structured data according to the application semantics. Though metadata and transport mechanism can be located into quite different positions in the concept of network layers, we made them successfully collaborated by defining meta policy. In this paper, we describe our approach to define a meta policy based on the requirements and information contents from the application as a high level layer concept to be able to classify the network behavior. Our approach enables to multiple QoS control and collaboration among domains. We also report of the activities in IETF and ITU-T.

This paper considers a software reliability model which allows for two types of imperfect debuggings at each failure of the software system. For one type of imperfect debugging, a fault that causes the failure is imperfectly debugged without altering the fault contents of the software system. For the other type of imperfect debugging, the fault is not only imperfectly debugged, but also a new fault is generated and introduced into the system. The probability of perfect debugging is assumed to be an increasing function of the number of debuggings performed prior to the current failure of the system. Based on the software reliability model presented, we consider three profit models to determine the optimal software release times which maximize the expected software profit. These models consider: (1) constant life cycle, (2) random life cycle, (3) random life cycle and penalty cost which is imposed when the software is delivered late. The optimal release times are shown to be finite and unique. Numerical examples are provided for illustrative purposes.

The Fundamental Law of Science and Technology and the Basic Plan of Science and Technology were established in Japan in 1995 and 1996, respectively and the second Basic Plan for Science and Technology R&D was established in April, 2001. In addition, as a part of Japanese government administrative reform, the Council for Science and Technology Policy was organized in the Cabinet Office and the most of the national research laboratories including the Communications Research Laboratory (CRL) have been restructured to the Independent Administrative Institution (IAI). This paper introduces first the relationship between the info-communications R&D and the national science and technology policy in Japan. Second, the R&D of CRL, IAI is introduced. Third, as a typical example of the wireless communications R&D, the research of wireless communication in CRL is shown in more detail in terms of terrestrial wireless/mobile communication system and satellite communication system. Finally the future prospect of such an R&D is shown briefly.

Under cutoff and threshold priority policies, we mathematically formulate a prioritized channel allocation problem which is combinatorial in nature. We then reduce that problem using the concept of pattern, and apply a simulated annealing approach to the reduced problem. Computational experiments show that our method works very well and the cutoff priority policy outperforms the non-prioritized complete sharing policy and the threshold priority policy.

At present, the global Internet consists of many ASes. Each AS pays a pre-determined connection fee to another AS for connecting its network with that AS's network. The connection fee type charging may be rational in case of transferring the best-effort type traffic. However, usage charging is necessary to transferring the resource guaranteed type traffic such as the Intserv traffic and the Diffserv traffic. In this case, each AS pays a per-flow fee to another AS every time it routes a flow into another AS. The per-flow fee paid by each AS becomes a part of the cost for that AS. Thus, each AS needs to select a route with the lowest price to improve its own profit. In this paper, we call such an inter-AS routing scheme a price-based inter-AS routing scheme. When each AS has a request to route an inter-AS flow, it can select an inter-AS route with the lowest price to improve its own profit by this routing scheme. Cost-dependent pricing scheme is suitable for the price-based inter-AS routing scheme because it can reduce frequency of price information exchange between ASes. However, in the cost-dependent pricing scheme, profit in each AS depends on the distribution of path costs in that AS. Generally, ASes with narrow ranges of path costs cannot obtain sufficient profits compared to ASes with wide ranges of path costs. Thus, we propose a routing policy for ASes with narrow ranges of path costs to improve their profits efficiently and evaluate its effect using a simple routing model.

Surging capacity demand triggered by the increasingly mobile-oriented and exponentially growing Internet has accelerated convergence of networking technologies. In the core network side, IP and photonics have been the two key driving factors of technical innovations. Amid this technical turmoil, Generalized MPLS (GMPLS) in IETF has recently attracted sizable attentions, as it offers potential for "Grand Unification Theory" for network technology convergence. Despite its prospects, however, the proposal is still missing comparable structures in management plane, which is in dire need for carrier-class, reliable operations. Among many industry proposals and standards, TINA vision on connection management architecture (CMA) is the one offering practical and deployable architecture for the converged photonic IP network. TINA IP Control and Management (IPCM) WG was established during TINA phase II (1998-2000), to study IP control and management issues using the architecture basis of TINA-CMA. Latest activities in TINA IPCM WG, compiling experience at Sprint, Telia, Telecom Italia Lab., and Fujitsu, have resulted in a specification for connectivity provider reference points, namely ConS, ConC, and FCon. Use of TINA CMA as building blocks for the IP photonic network convergence is illustrated. An overview of a ConS reference point specification for managed IP connectivity service, named ConS-IPCM, is explained.

In most access control systems, authorization is specified using binary decisions, "yes" or "no," to the access requests resulting in access being permitted or denied respectively. We argue that emerging Internet applications require that this binary decision be extended to "allow access provided some actions are taken. " We propose the notion of provisional actions that specifies the necessary actions to be performed in addition to the binary decision and introduce an access control model for it. We also provide an administrative model for policy management purpose.

Cellular Digital Packet Data (CDPD) provides wireless data communication services to mobile users by sharing unused RF channels with AMPS on a non-interfering basis. To prevent interference on the voice activities, CDPD makes forced hop to a channel stream when a voice request is about to use the RF channel occupied by the channel stream. The number of forced hops is affected by the voice channel selection policy. We propose analytic models to investigate the CDPD channel holding time for the the least-idle and random voice channel selection policies. Under various system parameters and voice channel selection policies, we provide guidelines to reduce the number of forced hops.

To provide a bounded-delay service with an end-to-end delay guarantee and utilize network efficiently, the admission control functions in a network require an adequate per-switch delay allocation policy to allocate end-to-end delay requirement to a set of local switches. This letter present an optimal delay allocation policy, according to a deterministic traffic model, and a rate-controlled scheduler. Empirical results indicate that the proposed policy perform better than EQ allocation policy, using the admission load region as index.

On the Internet, a Quality of Service (QoS) guaranteed services are increasingly being demanded, and the Internet Engineering Task Force (IETF) is developing the specification documents for the QoS services intensively. This overview details the technical rationales underlining the contents of the specification documents developed by the IETF for Differentiated Services (DiffServ)--to provide QoS guarantee services in the large IP networks-- and Policy Framework--to manage DiffServ compliant networks. The IP networks with DiffServ consist of boundary routers and interior routers. These routers are composed of packet classifiers and marker, shaper, and policing function. Many vendors have developed DiffServ-compliant routers with gigabit interfaces. An example of an implementation of a DiffServ-compliant router and a demonstration of a QoS service using this router are presented here. The Policy Framework is expected to be one of the promising management solutions to co-operate with and manage many DiffServ-compliant routers. An experiment that adopts the Policy Framework to a DiffServ compliant network is also outlined.

There are two distinct types of maintenance action, namely preventive one and corrective one. Preventive maintenance is performed at regular intervals and can contribute significantly towards the increase of reliability and availability. It must be scheduled carefully in order that the availability is maximized through optimizing regular interval. On the other hand, corrective maintenance is performed when the system fails, and so the occurrence of corrective maintenance action is a random variable that cannot be predicted beforehand. From these considerations, it is clear that time is the most important factor in maintainability, and therefore, we classify maintenance data into two groups, that is, scheduled maintenance data and unscheduled maintenance one. Next, based on these classified data, we propose the new availability model which modifies Policy II proposed by R. Barlow and L. Hunter. Finally, we show the usefulness of the new model proposed here by applying these theoretical results to real data of some power plant.

In a shared-memory multiprocessor, shared data are usually accessed in a critical section that is protected by a lock variable. Therefore, the order of accesses by multiple processors to the shared data corresponds to the order of acquiring the ownership of the lock variable. This paper presents a selective write-update protocol, where data modified in a critical section are stored in a write cache and, at a synchronization point, they are transferred only to the processor that will execute the critical section following the current processor. By using QOLB synchronization primitives, the next processor can be determined at the execution time. We prove that the selective write-update protocol ensures data coherency of parallel programs that comply with release consistency, and evaluate the performance of the protocol by analytical modeling and program-driven simulation. The simulation results show that our protocol can reduce the number of coherence misses in a critical section while avoiding the multicast of write-update requests on an interconnection network. In addition, we observe that synchronization latency can be decreased by reducing both the execution time of a critical section and the number of write-update requests. From the simulation results, it is shown that our protocol provides better performance than a write-invalidate protocol and a write-update protocol as the number of processors increases.

In the commonsense reasoning, priorities among rules are often required to be found out in order to derive the desired conclusion as a theorem of the reasoning. In this paper, first we present the bottom-up and top-down abduction procedures to compute skeptical explanations and secondly show that priorities of circumscription to infer a desired theorem can be abduced as a skeptical explanation in abduction. In our approach, the required priorities can be computed based on the procedure to compute skeptical explanations provided in this paper as well as Wakaki and Satoh's method of compiling circumscription into extended logic programs. The method, for example, enables us to automatically find the adequate priority w. r. t. the Yale Shooting Problem to express a human natural reasoning in the framework of circumscription.

The classical max-min policy has been suggested by the ATM Forum to support the available bit rate (ABR) service class. However, there are several drawbacks in adopting the max-min rate allocation policy. In particular, the max-min policy is not able to support the minimum cell rate (MCR) requirement and the peak cell rate (PCR) constraint for each ABR connection. Furthermore, the max-min policy does not offer flexible options for network providers wishing to establish a usage-based pricing criterion. In this paper, we present a generic weight-based rate allocation policy, which generalizes the classical max-min policy by supporting the MCR/PCR for each connection. Our rate allocation policy offers a flexible usage-based pricing strategy to network providers. A centralized algorithm is presented to compute network-wide bandwidth allocation to achieve this policy. Furthermore, a simple switch algorithm using ABR flow control protocol is developed with the aim of achieving our rate allocation policy in a distributed networking environment. The effectiveness of our distributed algorithm in a local area environment is substantiated by simulation results based on the benchmark network configurations suggested by the ATM Forum.