Carnegie Mellon University

Displaying 241-280 of 468 results

  • White Papers // Jan 2011

    Efficient Security Mechanisms for Routing Protocols

    As the economy and critical infrastructure increasingly rely on the Internet, securing routing protocols becomes of critical importance. In this paper, the authors present four new mechanisms as tools for securing distance vector and path vector routing protocols. For securing distance vector protocols, the hash tree chain mechanism forces a...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Performance Analysis of IPSec and IKE for Mobile IP on Wireless Environments

    The Mobile IP protocol enables a node to change its point of attachment to an internet without changing its IP address. Mobile users are likely to take advantage of this protocol to obtain the services as if they were connected to their home network. In many cases these users will...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Enforcing Context-Sensitive Policies in Collaborative Business Environments

    As enterprises seek to engage in increasingly rich and agile forms of collaboration, they are turning towards service-oriented architectures that enable them to selectively expose different levels of functionality to both existing and prospective business partners. This includes enforcing access control policies whose elements are tied to changing contractual relationships...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Understanding Route Redistribution

    Route Redistribution (RR) has become an integral part of IP network design as the result of a growing need for disseminating certain routes across routing protocol boundaries. While RR is widely used and resembles BGP in several nontrivial aspects, surprisingly, the safety of RR has not been systematically studied by...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    On Static Reachability Analysis of IP Networks

    The primary purpose of a network is to provide reachability between applications running on end hosts. This paper describes how to compute the reachability a network provides from a snapshot of the configuration state from each of the routers. The primary contribution is the precise definition of the potential reachability...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    SAAR: A Shared Control Plane for Overlay Multicast

    Many cooperative overlay multicast systems of diverse designs have been implemented and deployed. In this paper, the authors explore a new architecture for overlay multicast: they factor out the control plane into a separate overlay that provides a single primitive: a configurable anycast for peer selection. This separation of control...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    On the Benefits of Work Stealing in Shared-Memory Multiprocessors

    Load balancing is one of the key techniques exploited to improve the performance of parallel programs. However, load balancing is a difficult task for the programmer. Work stealing is an architectural mechanism that provides improved performance by instantaneously balancing the load among processors in a multiprocessor system. In this work,...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Self-Management in Chaotic Wireless Deployments

    Over the past few years, wireless networking technologies have made vast forays into the daily lives. Today, one can find 802.11 hardware and other personal wireless technology employed at homes, shopping malls, coffee shops and airports. Present-day wireless network deployments bear two important properties: they are unplanned, with most Access...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Early Experience With an Internet Broadcast System Based on Overlay Multicast

    In this paper, the authors report on experience in building and deploying an operational Internet broadcast system based on Overlay Multicast. In over a year, the system has been providing a cost-effective alternative for Internet broadcast, used by over 3600 users spread across multiple continents in home, academic and commercial...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Voice Over Sensor Networks

    Wireless sensor networks have traditionally focused on low duty-cycle applications where sensor data are reported periodically in the order of seconds or even longer. This is due to typically slow changes in physical variables, the need to keep node costs low and the goal of extending battery lifetime. However, there...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    XIA: An Architecture for an Evolvable and Trustworthy Internet

    Motivated by limitations in today's host-based IP network architecture, recent studies have proposed clean-slate network architectures centered around alternate first-class principals, such as content, services, or users. However, much like the host-centric IP design, elevating one principal type above others hinders communication between other principals and inhibits the network's capability...

    Provided By Carnegie Mellon University

  • Webcasts // Jan 2011

    Capability Maturity Model Integration V1.3 and Architecture-Centric Engineering

    Architecture modeling is an established practice for the realization of high-quality software. A significant change to the CMMI V1.3 models is the new emphasis on the role of architecture in the design process. This webinar will address the basics of architecture-centric engineering, and where and how these practices are now...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Self-Tuned Remote Execution for Pervasive Computing

    Pervasive computing creates environments saturated with computing and communication capability, yet gracefully integrated with human users. Remote execution has a natural role to play in such environments, since it lets applications simultaneously leverage the mobility of small devices and the greater resources of large devices. In this paper, the authors...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Feasibility, Efficiency, and Effectiveness of Self-Optimizing Storage Systems

    Recent work has proposed making intelligent use of data access patterns for building self-optimizing storage systems. However, despite the continued increase in the CPU-I/O performance gap, such systems are far from wide adoption. The authors argue that the key reason for the lack of real systems adopting this novel idea...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Athena: A New Efficient Automatic Checker for Security Protocol Analysis

    The authors propose an efficient automatic checking algorithm, Athena, for analyzing security protocols. Athena incorporates a logic that can express security properties including authentication, secrecy and properties related to electronic commerce. They have developed an automatic procedure for evaluating well-formed formulae in this logic. For a well-formed formula, if the...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Random Key Predistribution Schemes for Sensor Networks

    Wide-spread deployment of sensor networks is on the horizon. Networks of thousands of sensors may present an economical solution to some of the challenging problems: real-time traffic monitoring, building safety monitoring (structural, fire, and physical security monitoring), military sensing and tracking, distributed measurement of seismic activity, real-time pollution monitoring, wildlife...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software

    Software vulnerabilities have had a devastating effect on the Internet. Worms such as Code Red and Slammer can compromise hundreds of thousands of hosts within hours or even minutes, and cause millions of dollars of damage. To successfully combat these fast automatic Internet attacks, one needs fast automatic attack detection...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Athena: A Novel Approach to Efficient Automatic Security Protocol Analysis

    The authors propose a new efficient automatic verification technique, Athena, for security protocol analysis. It uses a new efficient representation - the extension to the Strand Space Model, and utilizes techniques from both model checking and theorem proving approaches. Athena is fully automatic and is able to prove the correctness...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    New Streaming Algorithms for Fast Detection of Super spreaders

    High-speed monitoring of Internet traffic is an important and challenging problem, with applications to real time attack detection and mitigation, traffic engineering, etc. However, packet-level monitoring requires fast streaming algorithms that use very little memory and little communication among collaborating network monitoring points. In this paper, the authors consider the...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Improving Web Availability for Clients With MONET

    Despite the increasing degree of multi-homing, path and data redundancy, and capacity available in the Internet, today's clients experience outage rates of a few percent when accessing Web sites. MONET ("Multi-homed Overlay NETwork), is a new system that improves client availability to Web sites using a combination of link multi-homing...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    A Statistical Approach to Contention Modeling for High-Level Heterogeneous Multiprocessor Simulation

    Single chip systems featuring multiple heterogeneous processors and a variety of communication and memory architectures have emerged to satisfy the demand for networking, handheld computing, and other custom devices. The complex interactions between applications, schedulers, and processor resources, along with the resulting contention delays for shared busses and memories, are...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Evaluation of Task Assignment Policies for Supercomputing Servers: The Case for Load Unbalancing and Fairness

    While the MPP is still the most common architecture in supercomputer centers today, a simpler and cheaper machine configuration is growing increasingly common. This alternative setup may be described simply as a collection of multiprocessors or a distributed server system. This collection of multiprocessors is fed by a single common...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Size-Based Scheduling to Improve Web Performance

    Is it possible to reduce the expected response time of every request at a web server, simply by changing the order in which people schedule the requests? That is the question the authors ask in this paper. This paper proposes a method for improving the performance of web servers servicing...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Efcient Mechanisms to Provide Convoy Member and Vehicle Sequence Authentication in VANETs

    Vehicular Ad hoc NETworks (VANETs) are on the verge of deployment. In the near future, wireless vehicle-to-vehicle and vehicle-to-infrastructure communication will enable numerous safety, convenience, and business applications. Security is a necessary pre-requisite for adoption of these technologies. As the authors demonstrate in this paper, VANETs require two new security...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Challenges and Opportunities for Efficient Computing With FAWN

    This paper presents the architecture and motivation for a cluster-based, many-core computing architecture for energy-efficient, data-intensive computing. FAWN, a Fast Array of Wimpy Nodes, consists of a large number of slower but efficient nodes coupled with low-power storage. The authors present the computing trends that motivate a FAWN-like approach, for...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Automation Without Predictability Is a Recipe for Failure

    Automated management seems a must, as distributed systems and datacenters continue to grow in scale and complexity. But, automation of performance problem diagnosis and tuning relies upon predictability, which in turn relies upon low variance - most automation tools aren't effective when variance is regularly high. This paper argues that,...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    SCI-FI: Domain-Based Scalability, Control and Isolation for the Future Internet

    This paper presents the first Internet architecture designed for control and isolation. The authors of this paper propose to separate ASes into groups of independent routing sub-planes which then in-terconnect to form complete routes. The architecture, SCI-FI, provides superior resilience and security proper-ties as an intrinsic consequence of good design...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    On Adversary Models and Compositional Security

    The authors present a representative development in the science of security that includes a generic model of computer systems, their security properties and adversaries who actively interfere with such systems. They describe logic-based methods to reason about security properties of a system as a composition of properties of its components,...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    CHIPPER: A Low-Complexity Bufferless Deflection Router

    As Chip Multi-Processors (CMPs) scale to tens or hundreds of nodes, the interconnect becomes a significant factor in cost, energy consumption and performance. Recent work has explored many design tradeoffs for Networks-on-Chip (NoCs) with novel router architectures to reduce hardware cost. In particular, recent work proposes bufferless deflection routing to...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    Cuckoo Directory: A Scalable Directory for Many-Core Systems

    Growing core counts have highlighted the need for scalable on-chip coherence mechanisms. The increase in the number of on-chip cores exposes the energy and area costs of scaling the directories. Duplicate-tag based directories require highly associative structures that grow with core count, precluding scalability due to prohibitive power consumption. Sparse...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    Thread Cluster Memory Scheduling: Exploiting Differences in Memory Access Behavior

    In a modern Chip Multi-Processor (CMP) system, memory is a shared resource among multiple concurrently executing threads. The memory scheduling algorithm should resolve memory contention by arbitrating memory access in such a way that competing threads progress at a relatively fast and even pace, resulting in high system throughput and...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    TIE: Principled Reverse Engineering of Types in Binary Programs

    A recurring problem in security is reverse engineering binary code to recover high-level language data abstractions and types. High-level programming languages have data abstractions such as buffers, structures, and local variables that all help programmers and program analyses reason about programs in a scalable manner. During compilation, these abstractions are...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    Adaptive Flow Control for Enabling Quality of Service in Tactical Ad Hoc Wireless Networks

    Many visions for the future involve pervasive computing technology that links people and devices together to solve complex problems. The Global Information Grid (GIG), for example, as well as the TeraGrid and the Smart Grid, are large-scale endeavors in which computing resources are increasingly interconnected by wired, high bandwidth networks....

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    Source Code Analysis Laboratory (SCALe) for Energy Delivery Systems

    The Source Code Analysis Laboratory (SCALe) is an operational capability that tests software applications for conformance to one of the CERT secure coding standards. CERT secure coding standards provide a detailed enumeration of coding errors that have resulted in vulnerabilities for commonly used software development languages. The SCALe team at...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    The CERT Approach to Cybersecurity Workforce Development

    For a cybersecurity workforce to be effective, its members must possess the knowledge, skills, and experience required to perform their job duties. Proficiency and relevance are key factors in determining the effectiveness of each of these components. Proficiency refers to how well someone understands a subject matter or can apply...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    Combining Architecture-Centric Engineering With the Team Software Process

    This paper contains a description of an architecture-centric life-cycle model that uses the Carnegie Mellon Software Engineering Institute's Architecture-Centric Engineering (ACE) methods embedded in a Team Software Process (TSP) framework and of the experience in piloting the approach in an actual development effort. Combining ACE and TSP provides an iterative...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    A Taxonomy of Operational Cyber Security Risks

    This paper presents a taxonomy of operational cyber security risks that attempts to identify and organize the sources of operational cyber security risk into four classes: actions of people, systems and technology failures, failed internal processes, and external events. Each class is broken down into subclasses, which are described by...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    DTA++: Dynamic Taint Analysis With Targeted Control-Flow Propagation

    Dynamic Taint Analysis (DTA) is a powerful technique for, among other things, tracking the flow of sensitive information. However, it is vulnerable to false negative errors caused by implicit flows, situations in which tainted data values affect control flow, which in turn affects other data. The authors propose DTA++, an...

    Provided By Carnegie Mellon University

  • White Papers // Nov 2010

    An Experiment Towards Adaptive Quality of Service in Mobile Ad Hoc Wireless Networks

    In high criticality crisis scenarios, such as disaster management, mobile ad hoc wireless networks are quickly assembled in the field to support decision makers through situational awareness using messaging-, voice-, and video-based applications. These applications cannot afford the luxury of stalling or failing due to overwhelming bandwidth demand on these...

    Provided By Carnegie Mellon University

  • White Papers // Nov 2010

    Sensor Selection for Event Detection in Wireless Sensor Networks

    The authors consider the problem of sensor selection for event detection in Wireless Sensor Networks (WSNs). They want to choose a subset of p out of n sensors that yields the best detection performance. As the sensor selection optimality criteria, they propose the Kullback-Leibler and Chernoff distances between the distributions...

    Provided By Carnegie Mellon University

  • White Papers // Jul 2010

    Challenges in Access Right Assignment for Secure Home Networks

    The proliferation of advanced technologies has been altering the peoples lifestyle and social interactions - the next frontier is the digital home. Although the future of smart homes is promising, many technical challenges must be addressed to achieve convenience and security. In this paper, the authors delineate the unique combination...

    Provided By Carnegie Mellon University

  • White Papers // Jul 2010

    More is Less: Denial-of-Service Attacks and Solutions in Many-Core On-Chip Networks

    A many-core system is expected to outperform a traditional single-core system by enabling multiple applications to be executed on separate cores in parallel, given the generous assumption that the execution of an application on one core does not interfere with an application on other cores. Regrettably, this optimistic belief about...

    Provided By Carnegie Mellon University

  • White Papers // Mar 2010

    Round-Efficient Broadcast Authentication Protocols for Fixed Topology Classes

    The authors consider resource-constrained broadcast authentication for n receivers in a static, known network topology. There are only two known broadcast authentication protocols that do not use asymmetric cryptography, one-time signatures, multi-receiver MACs, or time synchronization,. Both these protocols require three passes of a message front traversing the network. They...

    Provided By Carnegie Mellon University

  • White Papers // Mar 2010

    TrustVisor: Efficient TCB Reduction and Attestation

    An important security challenge is to protect the execution of security-sensitive code on legacy systems from malware that may infect the OS, applications, or system devices. Prior work experienced a tradeoff between the level of security achieved and efficiency. In this paper, the authors leverage the features of modern processors...

    Provided By Carnegie Mellon University

  • White Papers // Jun 2010

    Bootstrapping Trust in Commodity Computers

    Trusting a computer for a security-sensitive task (such as checking email or banking online) requires the user to know something about the computer's state. The authors examine research on securely capturing a computer's state, and consider the utility of this information both for improving security on the local computer (e.g.,...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2009

    Privacy-Preserving Relationship Path Discovery in Social Networks

    As social networks sites continue to proliferate and are being used for an increasing variety of purposes, the privacy risks raised by the full access of social networking sites over user data become uncomfortable. A decentralized social network would help alleviate this problem, but offering the functionalities of social networking...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2009

    A Study of User-Friendly Hash Comparison Schemes

    Several security protocols require a human to compare two hash values to ensure successful completion. When the hash values are represented as long sequences of numbers, humans may make a mistake or require significant time and patience to accurately compare the hash values. To improve usability during comparison, a number...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Efcient Mechanisms to Provide Convoy Member and Vehicle Sequence Authentication in VANETs

    Vehicular Ad hoc NETworks (VANETs) are on the verge of deployment. In the near future, wireless vehicle-to-vehicle and vehicle-to-infrastructure communication will enable numerous safety, convenience, and business applications. Security is a necessary pre-requisite for adoption of these technologies. As the authors demonstrate in this paper, VANETs require two new security...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2009

    A Language for Large Ensembles of Independently Executing Nodes

    The authors address how to write programs for distributed computing systems in which the network topology can change dynamically. Examples of such systems, which they call ensembles, include programmable sensor networks (where the network topology can change due to failures in the nodes or links) and modular robotics systems (whose...

    Provided By Carnegie Mellon University

  • White Papers // Apr 2011

    The Case for VOS: The Vector Operating System

    Operating systems research for many-core systems has recently focused its efforts on supporting the scalability of OS-intensive applications running on increasingly parallel hardware. Lost amidst the march towards this parallel future is efficiency: perfectly parallel software may saturate the parallel capabilities of the host system, but in doing so can...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Challenges and Opportunities for Efficient Computing With FAWN

    This paper presents the architecture and motivation for a cluster-based, many-core computing architecture for energy-efficient, data-intensive computing. FAWN, a Fast Array of Wimpy Nodes, consists of a large number of slower but efficient nodes coupled with low-power storage. The authors present the computing trends that motivate a FAWN-like approach, for...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Exact Pattern Matching With Feed-Forward Bloom Filters

    This paper presents a new, memory efficient and cache-optimized algorithm for simultaneously searching for a large number of patterns in a very large corpus. This algorithm builds upon the Rabin-Karp string search algorithm and incorporates a new type of Bloom filter that the authors call a feed-forward Bloom filter. While...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2009

    Efficient Similarity Estimation for Systems Exploiting Data Redundancy

    Many modern systems exploit data redundancy to improve efficiency. These systems split data into chunks, generate identifiers for each of them, and compare the identifiers among other data items to identify duplicate chunks. As a result, chunk size becomes a critical parameter for the efficiency of these systems: it trades...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2012

    On Configuring BGP Route Reflectors

    The Border Gateway Protocol (BGP) is the standard protocol for exchanging routing information between border routers of Autonomous Systems (ASes) in today's Internet. Within an AS, border routers exchange externally-learned BGP route advertisements via Internal-BGP (I-BGP) peerings. Naive solutions for these I-BGP peering sessions (e.g., based on full-mesh topologies) simply...

    Provided By Carnegie Mellon University

  • White Papers // Oct 2011

    Clearing the Clouds: A Study of Emerging Workloads on Modern Hardware

    Emerging scale-out cloud applications need extensive amounts of computational resources. However, data centers using modern server hardware face physical constraints in space and power, limiting further expansion and calling for improvements in the computational density per server and in the per-operation energy use. Therefore, continuing to improve the computational resources...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2010

    DTA++: Dynamic Taint Analysis With Targeted Control-Flow Propagation

    Dynamic Taint Analysis (DTA) is a powerful technique for, among other things, tracking the flow of sensitive information. However, it is vulnerable to false negative errors caused by implicit flows, situations in which tainted data values affect control flow, which in turn affects other data. The authors propose DTA++, an...

    Provided By Carnegie Mellon University

  • White Papers // Apr 2010

    Insights From the Inside: A View of Botnet Management From Infiltration

    Recent work has leveraged botnet infiltration techniques to track the activities of bots over time, particularly with regard to spam campaigns. Building the authors' previous success in reverse-engineering C&C protocols, they have conducted a 4-month infiltration of the MegaD botnet, beginning in October 2009. Their infiltration provides one with constant...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2010

    Binary Code Extraction and Interface Identification for Security Applications

    Binary code reuse is the process of automatically identifying the interface and extracting the instructions and data dependencies of a code fragment from an executable program, so that it is self-contained and can be reused by external code. Binary code reuse is useful for a number of security applications, including...

    Provided By Carnegie Mellon University

  • White Papers // Jul 2010

    Higher-Order Representation of Substructural Logics

    The authors present a technique for higher-order representation of sub-structural logics such as linear or modal logic. They show that such logics can be encoded in the (ordinary) Logical Framework, without any linear or modal extensions. Using this encoding, meta-theoretic proofs about such logics can easily be developed in the...

    Provided By Carnegie Mellon University

  • White Papers // Jun 2010

    Scheduling in Wireless Networks Under Uncertainties: A Greedy Primal-Dual Approach

    This paper proposes a dynamic primal-dual type algorithm to solve the optimal scheduling problem in wireless networks subject to uncertain parameters, which are generated by stochastic network processes such as random packet arrivals, channel fading, and node mobilities. The algorithm is a generalization of the well-known max-weight scheduling algorithm proposed...

    Provided By Carnegie Mellon University

  • White Papers // Jun 2010

    An Access Network Architecture for Neighborhood-scale Multimedia Delivery

    Internet Service Providers (ISPs) are in a constant race to meet the bandwidth demands of their subscribers. Access link upgrades, however, are expensive and take years to deploy. Many ISPs are looking for alternative solutions to reduce the need for continuous and expensive infrastructure expansion. This paper shows that there...

    Provided By Carnegie Mellon University

  • White Papers // Jun 2010

    Network-Wide Deployment of Intrusion Detection and Prevention Systems

    Traditional research efforts for scaling NIDS and NIPS systems using parallelization and hardware-assisted acceleration have largely focused on a single-vantage-point view. In this chapter, the authors explore a different design alternative that exploits spatial, network-wide opportunities for distributing NIDS and NIPS functions throughout a network. They present systematic models that...

    Provided By Carnegie Mellon University

  • White Papers // May 2010

    Locally Distributed Predicates: A Technique for Distributed Programming

    New research in wireless networks, sensor networks, and modular robotics has spurred renewed interest in distributed programming techniques. Distributed programming is inherently more difficult than its single-threaded equivalent, due to the need for an executing thread of a distributed program located at one computation node to access state located at...

    Provided By Carnegie Mellon University

  • White Papers // Mar 2010

    Pocket ISR: Virtual Machines Anywhere

    The Internet Suspend/Resume system provides access to a user's computing state anytime and anywhere - so long as there's an ISR client handy. The authors introduce Pocket ISR, a Linux distribution which can be installed on a USB key and booted on any borrowed PC to quickly provide a complete...

    Provided By Carnegie Mellon University

  • White Papers // Aug 2010

    The Manna Plug-In Architecture for Content-Based Search of VM Clouds

    As cloud computing becomes more popular, collections of Virtual Machine (VM) images are growing in size. Management of VM collections requires the ability to inspect and search data stored within VM images. The authors present a plug-in-based architecture, called Manna, for efficiently searching state within VM images through both index...

    Provided By Carnegie Mellon University

  • White Papers // Mar 2010

    Energy-Efficient Dynamic Capacity Provisioning in Server Farms

    A central question in designing server farms today is how to efficiently provision the number of servers to handle unpredictable demand patterns, so as to extract the best performance while not wasting energy. While one would like to turn servers off when they become idle to save energy, the large...

    Provided By Carnegie Mellon University

  • White Papers // Dec 2009

    Coding Without Your Crystal Ball: Unanticipated Object-Oriented Reuse

    In many ways, existing languages place unrealistic expectations on library and framework designers, allowing some varieties of client reuse only if it is explicitly - sometimes manually - supported. Instead, the authors should aim for the ideal: a language design that reduces the amount of prognostication that is required on...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2009

    Formal Methods for Privacy

    Privacy means something different to everyone. Against a vast and rich canvas of diverse types of privacy rights and violations, the authors argue technology's dual role in privacy: new technologies raise new threats to privacy rights and new technologies can help preserve privacy. Formal methods, as just one class of...

    Provided By Carnegie Mellon University

  • White Papers // Mar 2010

    Understanding Route Aggregation

    Route aggregation, the method to supersede a set of routes by a single, more general route, is a universal mechanism that is either explicitly included in a routing protocol specification or added by router vendors as a configuration option. Widely deployed for both intra-domain and inter-domain routing purposes, Route Aggregation...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    XIA: An Architecture for an Evolvable and Trustworthy Internet

    Motivated by limitations in today's host-based IP network architecture, recent studies have proposed clean-slate network architectures centered around alternate first-class principals, such as content, services, or users. However, much like the host-centric IP design, elevating one principal type above others hinders communication between other principals and inhibits the network's capability...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2009

    Authenticated Communication and Computation in Known-Topology Networks With a Trusted Authority

    The authors show that two distinguishing properties of sensor networks, i.e., the presence of a trusted base station, and the pre-knowledge of the fixed network topology, can yield security protocols that are both communication-efficient and highly general. They show new protocols for broadcast authentication, credential dissemination and node-to-node signatures. For...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2009

    Hyrax: Cloud Computing on Mobile Devices Using MapReduce

    Today's smartphones operate independently of each other, using only local computing, sensing, networking, and storage capabilities and functions provided by remote Internet services. It is generally difficult or expensive for one smartphone to share data and computing resources with another. Data is shared through centralized services, requiring expensive uploads and...

    Provided By Carnegie Mellon University

  • White Papers // Feb 2011

    Distributed Throughput-Optimal Scheduling in Ad Hoc Wireless Networks

    In this paper, the authors propose a distributed throughput optimal ad hoc wireless network scheduling algorithm, which is motivated by the celebrated simplex algorithm for solving Linear Programming (LP) problems. The scheduler stores a sparse set of basic schedules, and chooses the max-weight basic schedule for transmission in each time...

    Provided By Carnegie Mellon University

  • White Papers // Sep 2009

    Distributed Consensus Algorithms in Sensor Networks: Quantized Data and Random Link Failures

    The paper studies the problem of distributed average consensus in sensor networks with quantized data and random link failures. To achieve consensus, dither (small noise) is added to the sensor states before quantization. When the quantizer range is unbounded (countable number of quantizer levels), stochastic approximation shows that consensus is...

    Provided By Carnegie Mellon University

  • White Papers // Oct 2009

    Access Control for Home Data Sharing: Attitudes, Needs and Practices

    As digital content becomes more prevalent in the home, nontechnical users are increasingly interested in sharing that content with others and accessing it from multiple devices. Not much is known about how these users think about controlling access to this data. To better understand this, the authors conducted semi-structured, in-situ...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Self-Management in Chaotic Wireless Deployments

    Over the past few years, wireless networking technologies have made vast forays into the daily lives. Today, one can find 802.11 hardware and other personal wireless technology employed at homes, shopping malls, coffee shops and airports. Present-day wireless network deployments bear two important properties: they are unplanned, with most Access...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Athena: A New Efficient Automatic Checker for Security Protocol Analysis

    The authors propose an efficient automatic checking algorithm, Athena, for analyzing security protocols. Athena incorporates a logic that can express security properties including authentication, secrecy and properties related to electronic commerce. They have developed an automatic procedure for evaluating well-formed formulae in this logic. For a well-formed formula, if the...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Random Key Predistribution Schemes for Sensor Networks

    Wide-spread deployment of sensor networks is on the horizon. Networks of thousands of sensors may present an economical solution to some of the challenging problems: real-time traffic monitoring, building safety monitoring (structural, fire, and physical security monitoring), military sensing and tracking, distributed measurement of seismic activity, real-time pollution monitoring, wildlife...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Vulnerability-Specific Execution Filtering for Exploit Prevention on Commodity Software

    Software vulnerabilities have had a devastating effect on the Internet. Worms such as Code Red and Slammer can compromise hundreds of thousands of hosts within hours or even minutes, and cause millions of dollars of damage. To successfully combat these fast automatic Internet attacks, one needs fast automatic attack detection...

    Provided By Carnegie Mellon University

  • White Papers // Jan 2011

    Athena: A Novel Approach to Efficient Automatic Security Protocol Analysis

    The authors propose a new efficient automatic verification technique, Athena, for security protocol analysis. It uses a new efficient representation - the extension to the Strand Space Model, and utilizes techniques from both model checking and theorem proving approaches. Athena is fully automatic and is able to prove the correctness...

    Provided By Carnegie Mellon University