We design and evaluate a simple and scalable system to verify quality of service (QoS) in a differentiated services domain. The system uses a distributed edge-to-edge monitoring approach with measurement agents collecting information about delays, losses and throughput, and reporting to a service level agreement monitor (SLAM). The SLAM detects potential service violations, bandwidth theft, denial of service attacks, and flags the need to re-dimension the network domain or limit its users. Measurements may be performed entirely edge-to-edge, or the core routers may participate in logging packet drop information. We compare the core-assisted and edge-to-edge schemes, and we extend network tomography-based loss inference mechanisms to cope with different drop precedences in a QoS network. We also develop a load-based service monitoring scheme which probes the appropriate edge routers for loss and throughput on demand. Simulation results indicate that the system detects attacks with reasonable accuracy, and is useful for damage control in both QoS-enabled and best effort network domains.

This paper reports a service learning project of an information security risk assessment in a K12 school corporation. The project team constructed a customized risk assessment process in the selected school corporation. The team evaluated the information technology systems’ implementations, related policies and regulations surrounding the technology and implementations, as well as common procedures adopted for the school corporation’s information technology operations. Although the technical aspect of this project focused on one asset of the school corporation’s information systems: the student database, the school corporation can extend the applied process to other assets as well. This report mainly discusses how threats and vulnerabilities of the systems and the systems’ implementations can be determined, how risks can be quantified, and how recommendations on areas of improvement can be derived. Following the customized risk assessment process, K12 Schools and corporations could conduct the regular risk assessment on their own.

We present an adaptive controlled scheduler for heterogeneous applications running on general purpose computers. Our scheduler can effectively support diverse application requirements. It employs uniform rate-based sharing.  Application heterogeneity is satisfied by partitioning CPU capacity into service classes, each with a different criterion for admission control. As a result, we are able to provide at once guaranteed performance, flexible allocation of rates with excellent scalability and intermediate service classes offering tradeoffs between reserved rate utilization and the strength of guarantees. Our scheduler has been implemented in Solaris 2.5.1. It runs existing applications without modifications. We present experimental results showing the scalability, efficiency, guaranteed performance, and overload performance aspects of our scheduler. We demonstrate the importance of priority inheritance implemented in our scheduler for stable system performance.

In this paper, we explore the teaching of ethics in computing related fields. The article intends to share ideas on moral development and the nature of morality, specifically as it relates to changes that educators may be trying to elicit within students when teaching ethics. The paper then addresses educational theories that are better suited to enabling moral development with suggestions on how these theories might shape classroom climate and instructional approaches.

A major bottleneck in using the web for accessing data and executing transactions for e-commerce is the performance. It can take 500–1400 ms to set up the connection and download a web page. Several hundred milliseconds are taken to transmit a multimedia web image. A simple web transaction may have a response time of 2–5 s. The consistency control mechanisms can double this time. A typical electronic trading transaction may take close to 2 min. I assert that the performance is unacceptable and the main cause is the communication system. The communication delays under a variety of scenarios and their causes and remedies are the focus of this study. Mechanisms have been developed for studying the performance of the web transaction processing on the Internet. Experimental studies have been conducted to analyze and understand the behavior of web based transactions and to measure the communication delays. The developed mechanisms have been used to perform a series of experiments around the world. Experiments were conducted to measure the communication delays for different steps which includes web page downloading, access to digital library data and transaction processing. This paper presents the experimental results for a variety of cases. It concludes by suggesting directions for decreasing the communication latency and improving the performance of web transactions.

Current peer-to-peer file-sharing systems mostly work on wired networks. Mobile ad hoc network is characterized as multi-hop wireless communications between moblie devices. In this paper, five routing approaches with different complexity ar propsed to enable peer-to-peer file-sharing over mobile ad hoc networks.  The complexity of the proposed approaches is evaluated and compared.  It is concluded that the cross-layer protocols perform better than simply overlaying peer-to-peer searching protocol on mobile ad hoc networks.

Preserving privacy during Web transactions is a major concern for individuals and organizations. One of the solutions proposed in the literature is to maintain anonymity through group cooperation during Web transactions. The lack of understanding of incentives for encouraging group cooperation is a major drawback in such systems. We propose an anonymizing club mechanism, and sequential economic strategy for trusted collaboration. We model the individual transactions as a Prisoners’ Dilemma, where two players either cooperate or defect while maintaining each other’s anonymity. The activities of the participants over a series of transactions can be modeled as a sequential repeated game. We determine conditions to ensure cooperation among the participants in the sequential repeated game, even if defecting is a dominant strategy in each individual Prisoners’ Dilemma game. Our results show that by adopting an appropriate initiation fee and adequate fine for malicious behavior, both enforced through a trusted central authority, we can sustain cooperation in the proposed anonymizing club mechanism.

Group communication has become an important component in wireless networks. In this paper, we focus on the environments in which multiple groups coexist in the system, and both intra and inter group multicast traffic must be protected by secret keys. We propose a mechanism that integrates polynomials with flat tables to achieve personal key share distribution and efficient key refreshment during group changes. The proposed mechanism distributes keys via true broadcast. The contributions of the research include: (1) By switching from asymmetric algorithms to symmetric encryption methods, the proposed mechanism avoids heavy computation, and improves the processing efficiency of multicast traffic and the power usage at the wireless nodes. The group managers do not have to generate public-private key pairs when the group member changes. (2) It becomes more difficult for an attacker to impersonate another node since personal key shares are adopted. The additional storage overhead at the wireless nodes and the increased broadcast traffic during key refreshment are justified. In addition, we describe techniques to improve the robustness of the proposed mechanism under the complicated scenarios such as collusive attacks and batch group member changes.

Mobile clients retrieve and update databases at servers. They use transactions in order to ensure the consistency of shared data in the presence of concurrent accesses. Transaction processing at mobile clients faces new challenges to accommodate the limitations of mobile environments, such as frequent disconnections and low bandwidth. Caching of frequently accessed data in a mobile computer can be an effective approach to continue transactions in the presence of disconnections or other reasons for losing messages. It can help to reduce contentions on the narrow bandwidths of wireless channels. Concurrency control schemes using caching ensure consistency among data items from the server and from the client caches. We present a scheme that can increase the autonomy of mobile clients for validating transactions, using caching and pull-based data delivery. In the scheme, mobile clients can decide to commit read-only transactions locally,  without interaction with the server and can detect transaction aborts earlier. The clients receive from the server dependency information, from which they build partial serialization graphs. De-  pendency information is based on the notion of i-order dependency introduced in the paper. We study the performance of the proposed protocol by means of simulation experiments.

An error resilient architecture for video transmission over mobile wireless networks is presented. Radio link layer, transport layer, and application layer are combined to deal with high error rate in wireless environments. The algorithms for both sender and receiver are given. An adaptive algorithm is presented to automatically adjust parity data length in error control. The performance of the proposed algorithm is analyzed through experimental studies.

We propose a new model for on-demand media streaming centered around the peer-to-peer (P2P) paradigm. The proposed P2P model can support a large number of clientswith a low overall system cost. The P2P model allows for peers to share some of their resources with the system and in return, they get some incentives or rewards. We describe how to realize (or deploy) the proposed model. In addition, we present a new dispersion algorithm (for disseminating the media files into the system) and a searching algorithm (for locating peers with the required objects).We demonstrate the potential of the P2P model as an infrastructure for a large-scale on-demand media streaming service through an extensive simulation study on large, Internet-like, topologies. Starting with a limited streaming capacity (hence, low cost), the simulation shows that the capacity is rapidly increased and many clients can be served even if they come according to different arrival patterns such as constant rate arrivals, flash crowd arrivals, and Poisson arrivals.

This paper compares the security properties of Ad Hoc On-demand Distance Vector (AODV) and Destination Sequence Distance Vector (DSDV) protocols, especially the difference caused by on-demand and proactive route queries. The on-demand route query enables the malicious host to conduct real time attacks on AODV. The communication overhead of attacks on DSDV is independent of the attack methods and the width of attack targets. A single false route propagates slower in AODV than in DSDV. The detection of false destination sequence in AODV heavily depends on the mobility of hosts. False distance vector and false destination sequence attacks are studied by simulation. The delivery ratio, communication overhead, and the propagation of false routes are measured by varying the traffic load and the maximum speed of host movement. The anomalous patterns of sequence numbers detected by destination hosts can be applied to detect the false destination sequence attacks.

Developing

A good direction towards building secure systems that operate efficiently in large-scale environments (like the World Wide Web) is the deployment of Role Based Access Control Methods (RBAC). RBAC architectures do not deal with each user separately, but with discrete roles that users can acquire in the system. The goal of this paper is to present a classification algorithm that during its training phase, classifies roles of the users in clusters. The behavior of each user that enters the system holding a specific role is traced via audit trails and any misbehavior is detected and reported (classification phase). This algorithm will be incorporated in the Role Server architecture, currently under development, enhancing its ability to dynamically adjust the amount of trust of each user and update the corresponding role assignments.