A Generalized Temporal Role Based Access Control (GTRBAC) model that captures an exhaustive set of temporal constraint needs for access control has recently been proposed. GTRBAC’s language constructs allow one to specify various temporal constraints on role, user-role assignments and role-permission assignments. In this paper, we identify various time-constrained cardinality, control flow dependency and separation of duty constraints (SoDs). Such constraints allow specification of dynamically changing access control requirements that are typical in today’s large systems. In addition to allowing specification of time, the constraints introduced here also allow expressing access control policies at a finer granularity. The inclusion of control flow dependency constraints allows defining much stricter dependency requirements that are typical in workflow types of applications.

How does one best go about building actual gossip-based protocols? Trying to answer this question has brought us to address two preliminary questions, namely (1) what the intrinsics of such systems or protocols are, and (2) what kind of applications would in the end be built on top of such protocols. We address the first question by arguing that gossip-based protocols are all built following one and the same pattern, and describing three building blocks which we claim are used to support this recurrent pattern—-most notably a source of randomness. We validate these claims by devising simplified versions of well-known protocols, in a layered fashion, on top of a conceptual interface describing these basic services. The second question is addressed by arguing that gossip-based protocols exhibit some probabilistic or imperfect flavor (e.g., probabilistic or partial completion), and by proposing to take such probabilistic behavior into account when devising interfaces for applications building on top of gossip-based protocols. We argue for inherent support for these probabilities in the programming model.

The proxy abstraction has a longlasting tradition in object settings. From design pattern to inherent language support, from remote method invocations to simple forms of behavioral reflection - incarnations as well as applications of proxies are innumerable.Since version 1.3, Java supports the concept of dynamic proxy. Such an object conforms to a set of types specified by the program and can be used wherever an expression of any of these types is expected, yet reifies invocations performed on it. Dynamic proxies have been applied to implement paradigms as diverse as behavioral reflection, structural conformance, or multi-methods. Alas, these proxies are only available “for interfaces”. The case of creating dynamic proxies for a set of types including a class type has not been considered, meaning that it is currently not possible to create a dynamic proxy mimicking an instance of a given class. This weakness strongly limits any application of dynamic proxies.In this paper we unfold the current support for dynamic proxies in Java, assessing it in the light of a set of generic criteria for proxy implementations. We present an approach to supporting dynamic proxies “for classes” in Java, consisting in transformations performed on classes at load-time, including a generic scheme for enforcing encapsulation upon field accesses. These transformations seemlessly extend the scope of the current support for dynamic proxies. We discuss the precise benefits and costs of our extension in terms of the criteria introduced, and illustrate the usefulness of uniformly available proxies by implementing future method invocations both safely and transparently.

Through AspectJ, aspect-oriented programming (AOP) is becoming of increasing interest and availability to Java programmers as it matures as a methodology for improved software modularity via the separation of cross-cutting concerns. AOP proponents often advocate a development strategy where Java programmers write the main application, ignoring cross-cutting concerns, and then AspectJ programmers, domain experts in their specific concerns, weave in the logic for these more specialized cross-cutting concerns. However, several authors have recently debated the merits of this strategy by empirically showing certain drawbacks. The proposed solutions paint a different development strategy where base code and aspect programmers are aware of each other (to varying degrees) and interactions between cross-cutting concerns are planned for early on.

Herein we explore new possibilities in the language design space that open up when the base code is aware of cross-cutting aspects. Using our insights from this exploration we concretize these new possibilities by extending AspectJ with concise yet powerful constructs, while maintaining full backwards compatibility. These new constructs allow base code and aspects to cooperate in ways that were previously not possible: arbitrary blocks of code can be advised, advice can be explicitly parameterized, base code can guide aspects in where to apply advice, and aspects can statically enforce new constraints upon the base code that they advise. These new techniques allow aspect modularity and program safety to increase. We illustrate the value of our extensions through an example based on transactions.

Subtyping tests are essential in typed publish/subscribe infrastructures, especially when the underlying programming language supports subtype conformance, as in Java or C#. These tests are particularly challenging when the publish/-subscribe infrastructure is distributed, because processes have diverging views and new types may be added in a decentralized manner. Maybe surprisingly, subtyping tests for such distributed systems have been devoted only little attention so far; they are usually strongly intertwined with serialization and code transfer mechanisms.

This paper presents an efficient subtype testing method for event objects received through the wire, requiring neither the download of a full description of the types or classes of these objects nor their deserialization. We use a slicing technique that encodes a multiple subtyping hierarchy with as little memory as the best known centralized type encoding, but allows for the dynamic addition of event types without re-computing the encoding.

We convey the practicality of our approach through performance measures obtained with standard Java libraries in a publish/subscribe system. Our approach performs between 3 and 12 times faster than a code transfer approach without adding overhead to object deserialization, and requires the same testing time as a straightforward string-based type encoding while reducing the encoding length by a factor of 50.

A continuously increasing number of interconnected computer devices makes the requirement for programming abstractions for remote one-to-many interaction yet more stringent. The publish/subscribe paradigm has been advocated as a candidate abstraction for such one-to-many interaction at large scale. Common practices in publish/subscribe, however, include low-level abstractions which hardly leverage type safety, and provide only poor support for object encapsulation. This tends to put additional burden on software developers; guarantees such as the aforementioned type safety and object encapsulation become of increasing importance with an accrued number of software components, which modern applications also involve, besides an increasing number of hardware components.Type-based publish/subscribe (TPS) is a high-level variant of the publish/subscribe paradigm which aims precisely at providing guarantees such as type safety and encapsulation. We present the rationale and principles underlying TPS, as well as two implementations in Java: the first based on a specific extension of the Java language, and a second novel implementation making use of recent general-purpose features of Java, such as generics and behavioral reflection. We compare the two approaches, thereby evaluating the aforementioned features—-as well as additional features which have been included in the most recent Java 1.5 release—-in the context of distributed and concurrent programming. We discuss the benefits of alternative programming languages and features for implementing TPS. By revisiting alternative abstractions for distributed programming, including “classic” and recent ones, we extend our investigations to programming language support for distributed programming in general, pointing out that overall, the support in current mainstream programming languages is still insufficient.

Creating an experimental infrastructure for developing next-generation information security technologies.

Denial-of-service (DoS) research community lacks accurate metrics to evaluate an attack’s impact on network services, its severity and the effectiveness of a potential defense. We propose several DoS impact metrics that measure the quality of service experienced by end users during an attack, and compare these measurements to application-specific thresholds. Our metrics are ideal for testbed experimentation, since necessary traffic parameters are extracted from packet traces gathered during an experiment.

We investigate the impact of power control on latency in wireless ad-hoc networks. If transmission power is increased, interference increases, thus reducing network capacity. A node sending/relaying delay-sensitive real-time application traffic can, however, use a higher power level to reduce latency, if it considers information about load and channel contention at its neighboring nodes. Based on this observation, we formulate a new distributed power control protocol, Load-Aware Power Control (LAPC), that heuristically considers low end-to-end latency when selecting power levels. We study the performance of LAPC via simulations, varying the network density, node dispersion patterns, and traffic load. Our simulation results demonstrate that LAPC achieves an average end-to-end latency improvement of 54\% over the case when nodes are transmitting at the highest power possible, and an average end-to-end latency improvement of 33\% over the case when nodes are transmitting using the lowest power possible, for uniformly dispersed nodes in a lightly loaded network.

Although mobile computers are becoming more and more powerful, the intrinsic features of wireless communications: poor quality, limited bandwidth, continuous disconnections, expensive communications, still limit the performance delivered to mobile users. The authors present the Locker Rent Service that allows mobile users to rent a dedicated disk space, located in the fixed network, where they can store and access their data. Besides increasing the storage capacity of mobile devices, the Locker Rent Service offers to mobile users data protection, battery power savings and various communication optimizations. The service is supported by a middleware architecture that incorporates this and other services with the general goal of increasing mobile computer capabilities and performance. The architecture is based on mobile agents and offers flexibility and adaptability with a low overhead as shown by our preliminary performance results.

This paper introduces a new approach to realize video databases. The approach consists of a VideoText data model based on free text annotations associated with logical video segments and a corresponding query language. Traditional database techniques are inadequate for exploiting queries on unstructured data such as video, supporting temporal queries, and ranking query results according to their relevance to the query. In this paper, we propose to use information retrieval techniques to provide such features and to extend the query language to accommodate interval queries that are particularly suited to video data. Algorithms are provided to show how user queries are evaluated. Finally, a generic and modular video database architecture which is based on VideoText data model is described.

This paper reports a tracking-based moving object extraction algorithm, where the object location and tracking is achieved by using a template matching scheme. The structural regions of the moving objects are first detected by using a thresholding-based segmentation technique and represented coarsely on block resolution, then the interest regions of the moving objects are further formed by iterative region merging according to the spatiotemporal similarity measure and the meaningful moving objects are finally located by the temporal tracking procedure. The experimental results have confirmed that this proposed algorithm can provide more meaningful moving objects because both the spatial homogeneity of the grey levels and the temporal coherence of the motion fields are jointly exploited. This algorithm can also detect the appearance of new objects as well as the disappearance of existing objects efficiently because the relationships of the moving objects among frames are also established by the temporal tracking procedure

In this article, several practical algorithms are proposed to support content-based video analysis, modeling, representation, summarization, indexing, and access. First, a multilevel video database model is given. One advantage of this model is that it provides a reasonable approach to bridging the gap between low-level representative features and high-level semantic concepts from a human point of view. Second, several model-based video analysis techniques are proposed. In order to detect the video shots, we present a novel technique, which can adapt the threshold for scene cut detection to the activities of variant videos or even different video shots. A seeded region aggregation and temporal tracking technique is proposed for generating the semantic video objects. The semantic video scenes can then be generated from these extracted video access units (e.g., shots and objects) according to some domain knowledge. Third, in order to categorize video contents into a set of semantic clusters, an integrated video classification technique is developed to support more efficient multilevel video representation, summarization, indexing, and access techniques.

We propose a new automatic image segmentation method. Color edges in an image are first obtained automatically by combining an improved isotropic edge detector and a fast entropic thresholding technique. After the obtained color edges have provided the major geometric structures in an image, the centroids between these adjacent edge regions are taken as the initial seeds for seeded region growing (SRG). These seeds are then replaced by the centroids of the generated homogeneous image regions by incorporating the required additional pixels step by step. Moreover, the results of color-edge extraction and SRG are integrated to provide homogeneous image regions with accurate and closed boundaries. We also discuss the application of our image segmentation method to automatic face detection. Furthermore, semantic human objects are generated by a seeded region aggregation procedure which takes the detected faces as object seeds