By Topic

Open Architectures and Network Programming, 2003 IEEE Conference on

Date 4-5 April 2003

Filter Results

Displaying Results 1 - 14 of 14
  • 2003 IEEE Conference on Open Architecture and Network Programming Proceedings. OPENARCH 2003 (Cat. No.03TH8686)

    Publication Year: 2003
    Save to Project icon | Request Permissions | PDF file iconPDF (109 KB)  
    Freely Available from IEEE
  • Author index

    Publication Year: 2003 , Page(s): 131
    Save to Project icon | Request Permissions | PDF file iconPDF (24 KB)  
    Freely Available from IEEE
  • Run-time support for extensible protocol stacks

    Publication Year: 2003 , Page(s): 43 - 52
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (997 KB) |  | HTML iconHTML  

    By implementing an extensible network protocol stack in the AMP operating system, we have demonstrated support for fine-grained replacement of low-level network processing components. Furthermore, our compiler technology approach provides the means to support multiple hardware architectures and a framework for enforcing safety and security properties during runtime code generation. Our preliminary results indicate that our approach is feasible, has comparable per-packet processing costs to static code, and has acceptable per-module loading and code generation costs. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Controlling the XenoServer Open Platform

    Publication Year: 2003 , Page(s): 3 - 11
    Cited by:  Papers (5)  |  Patents (3)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (957 KB) |  | HTML iconHTML  

    This paper presents the design of the XenoServer Open Platform: a public infrastructure for wide-area computing, capable of hosting tasks that span the full spectrum of distributed programming. The platform integrates resource management, charging and auditing. We emphasize the control-plane aspects of the system, showing how it supports service deployment with a low cost of entry and how it forms a substrate over which other distributed computing platforms can be deployed. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • OPCA: robust interdomain policy routing and traffic control

    Publication Year: 2003 , Page(s): 55 - 64
    Cited by:  Papers (14)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1059 KB) |  | HTML iconHTML  

    An increasing number of ASes have been connecting to the Internet through the BGP inter-domain routing protocol. With increasing stress on the scale of this system and increasing reliance on Internet connectivity, more participants demand additional functionality from interdomain routing that BGP cannot handle. For example, we believe that the recent trend towards multihomed stub networks exhibits a likely intent to achieve fault tolerant and load balanced connectivity to the Internet. However, BGP today offers route fail-over times as long as 15 minutes, and very limited control over incoming traffic across multiple wide area paths. More research literature and news media are calling for stemming malicious or erroneous routing announcements. We propose a policy control architecture, OPCA, that runs as an overlay network on top of BGP. OPCA allows an AS to make route change requests at other, remote ASes to achieve faster route fail-over and provide capabilities to control traffic entering the local AS. The proposed architecture and protocol will co-exist and interact with the existing routing infrastructure and will allow for a scalable rollout of the protocol. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • User-specified adaptive scheduling in a streaming media network

    Publication Year: 2003 , Page(s): 87 - 96
    Cited by:  Papers (3)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1104 KB) |  | HTML iconHTML  

    In disaster and combat situations, mobile cameras and other sensors transmit real-time data, used by many operators or analysis tools. Unfortunately, in the face of limited, unreliable resources, and varying demands, not all users may be able to get the fidelity they require. This paper describes MediaNet, a distributed stream processing system designed with the above scenarios in mind. Unlike past approaches, MediaNet's users can intuitively specify how the system should adapt based on their individual needs. MediaNet uses both local and online global resource scheduling to improve user performance and network utilization, and adapts without requiring underlying support for resource reservations. Performance experiments show that our scheduling algorithm is reasonably fast, and that user performance and network utilization are both significantly improved. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Dynamic packet processors-a new abstraction for router extensibility

    Publication Year: 2003 , Page(s): 35 - 42
    Cited by:  Papers (3)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (978 KB) |  | HTML iconHTML  

    The history of the Internet is one of rapid change and adaptability. The simple IP service model and the informal standardization process have fostered rapid evolution of systems and services. However, as the Internet has transformed from an academic playground to an essential commercial infrastructure the service model and the standardization process have become more complex. While outsourcing and optimizations are driving services into the network, the IETF is increasingly the battleground of vendors. Consequently, introducing new services to the Internet has become increasingly complicated. Active and programmable networking is an effort to reclaim the flexibility of the early Internet and reduce the need for standardization. In this paper we introduce a new abstraction, packet processors, to evolve the lower layer router facilities and to extend the programmable interface in a type safe manner. We show how this abstraction is sufficient to capture all facilities commonly found in data-paths of commodity routers and how it gives the ability to introduce new types of packet processors. Packet processors can add type specific methods thereby extending the programmable interface while maintaining the semantic integrity of the Node OS and the execution environment. We discuss how paths can be constructed from a sequence of packet processors, and how these paths can cross the services/Node OS boundary, and cross hardware processor boundaries. Our measurements show that the added flexibility adds negligible overhead. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Code revocation for active networks

    Publication Year: 2003 , Page(s): 12 - 22
    Cited by:  Papers (1)  |  Patents (2)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1039 KB) |  | HTML iconHTML  

    Active networks are placed at considerable risk by running code that arrives over the network. Careful crafting of authorization policy and stringent enforcement provide considerable protection against such risks. However, there still might be reasons why a packet that is executing in accordance with the authorization policy might cause damage. For example, the code might have bugs or may have been improperly configured or the packet might have been unintentionally launched. For the safety of the network a mechanism is needed that would permit users and networks to find faulty, misconfigured, or misbehaving active code and revoke its ability to execute. This paper considers the important issues and features of providing for revocation of code and an architecture that will support it in a wide-scale active network. It describes the parameters that identify the entities that issue the revocation notice and the entities that are to be revoked. It also describes an approach for policy composition from multiple entities, which eventually decides whether a revocation notice is authorized to act on a particular piece of code. Finally, this paper presents an innovative approach towards revocation in traditional networks using active networking as the transporting mechanism. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An open service platform for deploying and managing services at network edges

    Publication Year: 2003 , Page(s): 77 - 86
    Cited by:  Papers (3)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1188 KB) |  | HTML iconHTML  

    Over the past several years, in response to demands from users that access to networked information and services be both customized and rapid, services and content have increasingly been 'pushed' towards network edges by providers. In turn, this has resulted in an increased need for a software framework that provides an open and systematic way for providers to deploy and manage such network edge services. We have implemented and tested such a framework in our Lab, called the Telcordia Edge Services Node. Inspired by the foundations built in the IETF OPES-related drafts, it is beneficial to Access, Service, and Content Providers alike. This paper reports on the design, implementation, and lessons-learned from our edge service node framework and management tools. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Transparent and scalable client-side server selection using Netlets

    Publication Year: 2003 , Page(s): 120 - 129
    Cited by:  Papers (19)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (981 KB) |  | HTML iconHTML  

    Replication of web content in the Internet has been found to improve service response time, performance and reliability offered by web services. When working with such distributed server systems, the location of servers with respect to client nodes is found to affect service response time perceived by clients in addition to server load conditions. This is due to the characteristics of the network path segments through which client requests get routed. Hence, a number of researchers have advocated making server selection decisions at the client-side of the network. In this paper, we present a transparent approach for client-side server selection in the Internet using Netlet services. Netlets are autonomous, nomadic mobile software components which persist and roam in the network independently, providing predefined network services. In this application, Netlet based services embedded with intelligence to support server selection are deployed by servers close to potential client communities to setup dynamic service decision points within the network. An anycast address is used to identify available distributed decision points in the network. Each service decision point transparently directs client requests to the best performing server based on its in-built intelligence supported by real-time measurements from probes sent by the Netlet to each server. It is shown that the resulting system provides a client-side server selection solution which is server-customisable, scalable and fault transparent. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Hybrid resource control of active extensions

    Publication Year: 2003 , Page(s): 23 - 31
    Cited by:  Patents (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1035 KB) |  | HTML iconHTML  

    The ability of active networks technology to allow customized router computation critically depends on having resource control techniques that prevent buggy, malicious, or greedy code from affecting the integrity or availability of node resources. It is hard to choose between static and dynamic checking for resource control. Dynamic checking has the advantage of basing its decisions on precise real-time information about what the extension is doing but causes runtime overhead and asynchronous termination. Static checking, on the other hand, has the advantage of avoiding asynchronous termination and runtime overhead, but is overly conservative. This paper presents a hybrid solution: static checking is used to reject extremely resource-greedy code from the kernel fast path, while dynamic checking is used to enforce overall resource control. This hybrid solution reduces runtime overhead and avoids the problem of asynchronous termination by delaying extension termination until times when no extension code is running, i.e., between processing of packets. This paper also presents the design and initial implementation of the key parts of a hybrid resource control technique, called RBClick. RBClick is an extension of the Click modular router, customized for active networking in Janos, an active network operating system. RBClick uses a modified version of Cyclone, a type-safe version of C, to allow users to download new router extensions directly into the Janos kernel. Our measurements of forwarding rates indicate that hybrid resource control can improve the performance of router extensions by up to a factor of two. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Bees: a secure, resource-controlled, Java-based execution environment

    Publication Year: 2003 , Page(s): 97 - 106
    Cited by:  Papers (2)  |  Patents (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1092 KB) |  | HTML iconHTML  

    Mobile code makes it possible for users to define the processing and protocols used to communicate with a remote node, while still allowing the remote administrator to set the terms of interaction with that node. However, mobile code cannot do anything useful without a rich execution environment, and no administrator would install a rich environment that did not also provide strict controls over the resources consumed and accessed by the mobile code. Based on our experience with ANTS, we have developed Bees, an execution environment that provides better security, fine-grained control over capsule propagation, simple composition of active protocols, and a more flexible mechanism for interacting with end-user programs. Bees' security comes from a flexible authentication and authorization mechanism, capability-based access to privileged resources, and integration with our custom virtual machine that provides isolation, termination, and resource control. The enhancements to the mobile code environment make it possible to compose a protocol with a number of "helper" protocols. In addition, mobile code can now interact naturally with end-user programs, making it possible to communicate with legacy applications. We believe that these features offer significant improvements over the ANTS execution environment and create a more viable platform for active applications. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Efficient programmable middleboxes for scaling large distributed applications

    Publication Year: 2003 , Page(s): 65 - 74
    Cited by:  Papers (1)
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1024 KB) |  | HTML iconHTML  

    A range of application classes is emerging in the Internet whose characteristics differ considerably from those of the point-to-point request/response protocols, which have dominated its recent past. Sensor applications, peer-to-peer systems, and massive multiplayer on-line games are multi-point applications that share both a need for the timely correlation of data generated by different participants in a session and a potentially unlimited number of session participants. We propose the use of middleboxes residing in the network to help in the scaling of these applications. As these emerging applications are not readily subject to standardization, we believe that a programmable model, in which a given middlebox can be instrumented to support various applications either simultaneously or over time, is desirable. We describe our work to date in building such a middlebox that makes use of hardware assists in its data path to maintain high performance. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • A generic set-formation service

    Publication Year: 2003 , Page(s): 109 - 119
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (1094 KB) |  | HTML iconHTML  

    Dynamic group formation and discovery is an important component of several emerging end system applications and network services including peer-to-peer and overlay systems, network storage/caching systems, and reliable multicast/distribution services. In our previous work, we proposed a programmable, scalable grouping service based on multicast and concast. In this paper, we present a generalized abstraction that subsumes the earlier service and can be implemented using other forms of network support in addition to (or apart from) multicast/concast. In designing the new grouping abstraction, we have attempted to separate the policies governing set formation from the network mechanisms (multicast, concast, distributed hash tables, etc.) used to implement those policies. In addition, we allow policies to be specified in terms of both application-specific criteria and network-based criteria. We describe how the service can be used to solve grouping problems from different application areas, and give an example showing how it can leverage different network support mechanisms, including ephemeral state processing. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.