k-anonymization techniques are a key component of any comprehensive solution to data privacy and have been the focus of intense research in the last few years. An important requirement for such techniques is to ensure anonymization of data while at the same time minimizing the information loss resulting from data modifications such as generalization and suppression. Current solutions, however, suffer from one or more of the following limitations: reliance on pre-defined generalization hierarchies; generation of anonymized data with high information loss and with high classification errors; and the inference channel arising from lack of diversity in the sensitive information. In this paper we propose an approach that addresses these limitations. Our approach uses the idea of clustering to minimize information loss and thus ensure good data quality. The key observation here is that data records that are naturally close with respect to each other should be part of the same equivalence class. Current clustering techniques, however, are not directly applicable in this context because they do not consider the requirement that each cluster should contain at least k records. We thus formulate a specific clustering problem, referred to as k-member clustering problem. We prove that this problem is NP-hard and present a greedy algorithm, the complexity of which is in O(n^2). As part of our approach we develop a suitable metric to estimate the information loss introduced by generalizations, which works for both numeric and categorical data. We also present extensions to our proposed algorithm that minimize classification errors in the anonymized data and eliminate the inference channel arising from lack of diversity in the sensitive attributes.

Hierarchies arise in the context of access control whenever the user population can be modeled as a set of partially ordered classes (represented as a directed graph). A user with access privileges for a class obtains access to objects stored at that class and all descendant classes in the hierarchy. The problem of key management for such hierarchies then consists in assigning a key to each class in the hierarchy so that keys for descendant classes can be obtained via an efficient key derivation process.

We propose a solution to this problem with the following properties: (i) the space complexity of the public information is the same as that of storing the hierarchy; (ii) the private information at a class consists of a single key associated with that class; (iii) updates (i.e., revocations and additions) are handled locally in the hierarchy; (iv) the scheme is provably secure against collusion; and (v) each node can derive the key of any of its descendant with a number of symmetric-key operations bounded by the length of the path between the nodes. Whereas many previous schemes had some of these properties, ours is the first that satisfies all of them. The security of our scheme is based on pseudo-random functions, without reliance on the Random Oracle Model.

Another substantial contribution of this work is that for trees, we achieve a worst- and average-case key-derivation time that is exponentially better than the depth of a balanced hierarchy (double-exponentially better if the hierarchy is unbalanced, i.e., “tall and skinny”). This is obtained at the cost of only a constant factor in the space to store the hierarchy. We also show how to extend our techniques to more general hierarchies.

Finally, by making simple modifications to our scheme, we show how to handle extensions proposed by Crampton [2003] of the standard hierarchies to “limited depth” and reverse inheritance.

This study reports on the findings of a Task Force established by the Association for Computer Machinery (ACM) to look at the issues surrounding the migration of jobs worldwide within the computing and information technolog field and industry.

Decentralization of computing systems has several attractions: performance enhancements due to increased parallelism; resource sharing; and the increased reliability and availability of data due to redundant copies of the data.  Providing these characteristics in a decentralized system requires proper organization of the system.  With respect to increasing the reliability of the system, one model which has proven successful is the object/action model, where tasks performed by the system are organized as sequences of atomic operations.  The system can determine which operations have been performed by the system are organized as sequences of atomic operations.  The system can determine which operations have been performed completely and so maintain the system in a consistent state.  This dissertation describes the design and a prototype implementation of a storage management system for an object-oriented, action-based decentralized kernel.  The storage manager is responsible for providing reliable secondary storage structures.  First the dissertation shows how the object model is supported at the lowest levels in the kernel by the storage manager.  It also describes how storage management facilities are integrated into the virtual memory management provided by the kernel to support the mapping of objects into virtual memory.  All input and output to secondary storage is done via virtual memory management.  This dissertation discusses the role of the storage management system in locating objects, and a technique intended to short circuit searches whenever possible by avoiding unnecessary secondary storage queries at each site.  It also presents a series of algorithms which support two-phase commit of atomic actions and then argues that these algorithms do indeed provide consistent recovery of object data.  These algorithms make use of virtual memory management information to provide recovery, and relieve the action management system of the maintenance of the stable storage.

Decentralization of computing systems has several attractions: performance enhancements due to increased parallelism; resource sharing; and the increased reliability and availability of data due to redundant copies of the data.  Providing these characteristics in a decentralized system requires proper organization of the system.  With respect to increasing the reliability of a system, one model which has proven successful is the object/action model, where tasks performed by the system are organized as sequences of atomic operations.  The system can determine which operations have been performed completely and so maintain the system in a consistent state.  This dissertation describes the design and a prototype implementation of a storage management system for an object-oriented, action-based decentralized kernel.  The storage manager is responsible for providing reliable secondary storage structures.  First, the dissertation shows how the object model is supported at the lowest levels in the kernel by the storage manager.  It also describes how storage managemet facilities are integrated into the virtual memory management provided by the kernel to support the mapping of objects into virtual memory.  All input and output to secondary storage is done via virtual memory management.  This disserttion discusses the role of the storage management system in locating objects, and a technique intended to short circuit searches whenever possible by avoiding unnecessary secondary storage queries at each site.  It also presents a series of algorithms which support two-phase commit of atomic actions and then argues that these algorithms do indeed provide consistent recovery of object data.  These algorightms make use of virtual memory management information to provide recovery, and relieve the action management system of the maintenance of the stable storage.

The goal of the Clouds project at Georgia Tech is the implementation of a fault-tolerant distributed operating system based on the notions of objects, actions, and processes, to provide an environment for the construction of reliable applications.  The Aeolus programming language developed from the need for an implementation language for those portions of the Clouds system above the kernel level.  Aeolus has evolved with these purposes:
  *to provide the power needed for systems programming without sacrificing readability or maintainability; *to provide abstractions of the Clouds notions of objects, actions, and processes as features within the language; *to provide access to the recoverability and synchronization features of the Clouds system; and *to serve as a testbed for the study of programming methodologies for action-object systems such as Clouds.

In this paper, the features provided by the language for the support of readability and maintainability in systems programming are described briefly, as is the rationale underlying their design.  Considerably more detail is devoted to features provided for support of object and action programming.  Finally , an example making use of advanced fatures for action programming is presented, and the current status of the langauge and its use in the Clouds project is described.

This paper is intended to be an introduction to the internal structurs of the Clouds kernel. We will be constructing an experimental Clouds system during the next few years using dedicated minicomputers and personal computers. Further description of the Clouds kernel will be done as this experimental system continues to be designed and constructed.

The goal of the Clouds project at Georgia Tech is the implementation of a fault-tolerant distributed operating system based on the notions of objects, actions, and processes, which will provide an environment for the construction of reliable applications.  The Aeolus programming language developed from the need for an implementation language for those portions of the Clouds system above the kernel level.  Aeolus has evolved with these purposes:

*to provide the power needed for systems programming without sacrificing readabiliy or maintainability; *to provide abstractions of the Clouds notions of objects, actions, and processes as features within the language; *to provide access to the recoverability and synchronization features of the Clouds system; and *to serve as a testbed for the study of programming methodologies for action-object systems such as Clouds

Thus the main interest of Aeolus lies not in the language itself, but in what may be done with the language.  We have avoided providing high-level features for programming actions with the intention of evolving designs for such features out of our experience with programming in Aeolus.  These features will then be incorporated into an application language for the Clouds system.

The Clouds project is research directed towards producing a reliable distributed computing system.  The initial goal of the project is to produce a kernel which provides a reliable environment with which a distributed operating system can be built.  The Clouds kernel consists of a set of replicated sub-kernals, each of which runs on a machine in the Clouds system.  Each sub-kernel is responsible for the management of resources on its machine; the sub-kernal components communicate to provide the cooperation necessary to meld the various machines into one kernel.

The goal of the Clouds project at Georgia Tech is the implementation of a fault-tolerant distributed operating system based on the notions of objects and actions, which will provide an environment for the construction of reliable applications. As part of the Clouds project, we are designing and implementing a high-level language in which those levels of the Clouds system above the kernel level will be implemented. The Aeolus langauge provides access to synchronization and recovery features of Clouds. It also provides a framework with which to study programming methodologies suitable for action-object systems such as Clouds. This paper provides a brief introduction to the features of the Clouds system which provide support for programming of objects and actions, and how these features are made available in the Aeolus language. We also present an example of Aeolus objec from our initial studies in programming methodologies for Clouds which demonstrates the use of these features for programming recoverable objects.

Clouds is a native operating system for a distributed environment.  In this paper we give an overview of the main ideas behind Clouds as well as some of te reasons that prompted us to design a new Clouds kernal.  The new kernal, called Ra, builds on the experience obtained from the first Clouds kernal and provides a general framework for implementing a variety of distributed operating systems.  We describe the new kernal in detail and show how Clouds can be build from the RA primitives.