Daniel Andrade, T. Kristoffersen, I. Rummelhoff, Alex Gerdov, J. Silva
Android applications are subject to repackaging attacks, where popular applications are modified, often by inserting malicious logic, re-signed, and then uploaded to an online store to be later on downloaded and installed by unsuspicious users. This paper presents a set of protocols for increasing trust in special-purpose Android applications, termed secured trusted applications, during communication with a trustworthy external hardware device for storing sensitive end user data, termed secured personal device. The proposed approach requires neither operating system modification nor root privileges. The evaluation of our solution shows that the authenticity and integrity of applications, and the confidentiality and integrity of communication, is ensured as long as Android operates correctly.
{"title":"Thwarting Data Exfiltration by Repackaged Applications","authors":"Daniel Andrade, T. Kristoffersen, I. Rummelhoff, Alex Gerdov, J. Silva","doi":"10.1109/SRDSW.2016.18","DOIUrl":"https://doi.org/10.1109/SRDSW.2016.18","url":null,"abstract":"Android applications are subject to repackaging attacks, where popular applications are modified, often by inserting malicious logic, re-signed, and then uploaded to an online store to be later on downloaded and installed by unsuspicious users. This paper presents a set of protocols for increasing trust in special-purpose Android applications, termed secured trusted applications, during communication with a trustworthy external hardware device for storing sensitive end user data, termed secured personal device. The proposed approach requires neither operating system modification nor root privileges. The evaluation of our solution shows that the authenticity and integrity of applications, and the confidentiality and integrity of communication, is ensured as long as Android operates correctly.","PeriodicalId":401182,"journal":{"name":"2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134124811","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We present ErasureBench, an open-source framework to test and benchmark erasure coding implementations for distributed storage systems under realistic conditions. ErasureBench automatically instantiates and scales a cluster of storage nodes, and can seamlessly leverage existing failure traces. As a first example, we use ErasureBench to compare three coding implementations: a (10,4) Reed-Solomon (RS) code, a (10,6,5) locally repairable code (LRC), and a partition of the data source in ten pieces without error-correction. Our experiments show that LRC and RS codes require the same repair throughput when used with small storage nodes, since cluster and network management traffic dominate at this regime. With large storage nodes, read and write traffic increases and our experiments confirm the theoretical and practical tradeoffs between the storage overhead and repair bandwidth of RS and LRC codes.
{"title":"Have a Seat on the ErasureBench: Easy Evaluation of Erasure Coding Libraries for Distributed Storage Systems","authors":"Sébastien Vaucher, H. Mercier, V. Schiavoni","doi":"10.1109/SRDSW.2016.20","DOIUrl":"https://doi.org/10.1109/SRDSW.2016.20","url":null,"abstract":"We present ErasureBench, an open-source framework to test and benchmark erasure coding implementations for distributed storage systems under realistic conditions. ErasureBench automatically instantiates and scales a cluster of storage nodes, and can seamlessly leverage existing failure traces. As a first example, we use ErasureBench to compare three coding implementations: a (10,4) Reed-Solomon (RS) code, a (10,6,5) locally repairable code (LRC), and a partition of the data source in ten pieces without error-correction. Our experiments show that LRC and RS codes require the same repair throughput when used with small storage nodes, since cluster and network management traffic dominate at this regime. With large storage nodes, read and write traffic increases and our experiments confirm the theoretical and practical tradeoffs between the storage overhead and repair bandwidth of RS and LRC codes.","PeriodicalId":401182,"journal":{"name":"2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127733117","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Belén Ríos-Sánchez, Miguel Viana-Matesanz, C. S. Ávila, Maria Jose Melcon De Giles
This work presents a configurable multibiometricsystem oriented to mobile devices which combines face, handand in-air signature biometrics to provide three different levelsof security. The number of traits involved in the authenticationincreases with the security strength, allowing the balance betweencomfort and accuracy according to the security requirements ofthe final application. In addition, the security of the system isenhanced by incorporating anti-coercion and aliveness detectionmechanisms. To decide which biometric mode should be requestedat each security level, an evaluation of the biometrics has beenperformed in terms of performance and users acceptability.
{"title":"A Configurable Multibiometric System for Authentication at Different Security Levels Using Mobile Devices","authors":"Belén Ríos-Sánchez, Miguel Viana-Matesanz, C. S. Ávila, Maria Jose Melcon De Giles","doi":"10.1109/SRDSW.2016.14","DOIUrl":"https://doi.org/10.1109/SRDSW.2016.14","url":null,"abstract":"This work presents a configurable multibiometricsystem oriented to mobile devices which combines face, handand in-air signature biometrics to provide three different levelsof security. The number of traits involved in the authenticationincreases with the security strength, allowing the balance betweencomfort and accuracy according to the security requirements ofthe final application. In addition, the security of the system isenhanced by incorporating anti-coercion and aliveness detectionmechanisms. To decide which biometric mode should be requestedat each security level, an evaluation of the biometrics has beenperformed in terms of performance and users acceptability.","PeriodicalId":401182,"journal":{"name":"2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114831084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Nowadays, offloading storage and processing capacity to cloud servers is a growing trend. This happens because high storage capacity and powerful processors are expensive, whilst cloud services provide a cheaper, ongoing, and reliable solution. The problem with cloud-based solutions is that servers are highly accessible through the Internet and therefore considerably exposed to hackers and malware. In this paper, we design and implement Darkroom, a secure image processing service for the cloud leveraging ARM TrustZone technology. Our system enables users to securely process image data in a secure environment that prevents exposure of sensitive data to the operating system. We evaluate our system and observe that our solution adds a small overhead to image processing when compared to computer platforms that require the entire operating system to be trusted.
{"title":"ARM TrustZone for Secure Image Processing on the Cloud","authors":"Tiago Brito, N. Duarte, Nuno Santos","doi":"10.1109/SRDSW.2016.17","DOIUrl":"https://doi.org/10.1109/SRDSW.2016.17","url":null,"abstract":"Nowadays, offloading storage and processing capacity to cloud servers is a growing trend. This happens because high storage capacity and powerful processors are expensive, whilst cloud services provide a cheaper, ongoing, and reliable solution. The problem with cloud-based solutions is that servers are highly accessible through the Internet and therefore considerably exposed to hackers and malware. In this paper, we design and implement Darkroom, a secure image processing service for the cloud leveraging ARM TrustZone technology. Our system enables users to securely process image data in a secure environment that prevents exposure of sensitive data to the operating system. We evaluate our system and observe that our solution adds a small overhead to image processing when compared to computer platforms that require the entire operating system to be trusted.","PeriodicalId":401182,"journal":{"name":"2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW)","volume":"114 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134443930","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Chang-Ting Lin, Chunming Wu, Min Huang, Z. Wen, Qiumei Cheng
IP address mutation is a proactive defense method that is used to reduce the risk of network attacks, especially to deal with the worm propagation attacks. However, previous work did not give much consideration to the negative effects that IP address mutation could bring to network performance. To be specific, there is a trade-off between network performance and security, which implies that when a security mechanism is reinforced, network performance would be impaired and vice versa. Therefore, in order to achieve the optimal balance between performance and security, an optimal solution should be provided. In this paper, we propose an adaptive IP mutation defense method which is based on temporal-dimension, to dynamically control the mutation interval according to real-time measurable metrics, assurance and avoidance. This method leverages a genetic algorithm to achieve the optimization of performance-security trade-off. We then evaluate our method in a simulated computer cluster environment, including 1024 hosts, and demonstrate that our method can successfully find the optimal solution according to the experimental results. For example, it can reduce the worm propagation significantly, while maintaining the network performance in a predefined level.
{"title":"Adaptive IP Mutation: A Proactive Approach for Defending against Worm Propagation","authors":"Chang-Ting Lin, Chunming Wu, Min Huang, Z. Wen, Qiumei Cheng","doi":"10.1109/SRDSW.2016.21","DOIUrl":"https://doi.org/10.1109/SRDSW.2016.21","url":null,"abstract":"IP address mutation is a proactive defense method that is used to reduce the risk of network attacks, especially to deal with the worm propagation attacks. However, previous work did not give much consideration to the negative effects that IP address mutation could bring to network performance. To be specific, there is a trade-off between network performance and security, which implies that when a security mechanism is reinforced, network performance would be impaired and vice versa. Therefore, in order to achieve the optimal balance between performance and security, an optimal solution should be provided. In this paper, we propose an adaptive IP mutation defense method which is based on temporal-dimension, to dynamically control the mutation interval according to real-time measurable metrics, assurance and avoidance. This method leverages a genetic algorithm to achieve the optimization of performance-security trade-off. We then evaluate our method in a simulated computer cluster environment, including 1024 hosts, and demonstrate that our method can successfully find the optimal solution according to the experimental results. For example, it can reduce the worm propagation significantly, while maintaining the network performance in a predefined level.","PeriodicalId":401182,"journal":{"name":"2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW)","volume":"464 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116582483","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
J. Casanova, Belén Ríos-Sánchez, Miguel Viana-Matesanz, G. Bailador, C. S. Ávila, Maria Jose Melcon De Giles
Comfort and security perception are two key factorsto provide an adequate biometric solution. This article presentsthe results of an online survey about these characteristics in fourdifferent biometric modes implemented in mobile phones withwidespread sensors. Additionally, it presents the main concernsthat the use of these biometric modes generates in people, whichprovides a roadmap of additional issues that should be improvedto create satisfactory biometric techniques.
{"title":"Comfort and Security Perception of Biometrics in Mobile Phones with Widespread Sensors","authors":"J. Casanova, Belén Ríos-Sánchez, Miguel Viana-Matesanz, G. Bailador, C. S. Ávila, Maria Jose Melcon De Giles","doi":"10.1109/SRDSW.2016.13","DOIUrl":"https://doi.org/10.1109/SRDSW.2016.13","url":null,"abstract":"Comfort and security perception are two key factorsto provide an adequate biometric solution. This article presentsthe results of an online survey about these characteristics in fourdifferent biometric modes implemented in mobile phones withwidespread sensors. Additionally, it presents the main concernsthat the use of these biometric modes generates in people, whichprovides a roadmap of additional issues that should be improvedto create satisfactory biometric techniques.","PeriodicalId":401182,"journal":{"name":"2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123847593","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Rogério Pontes, Francisco Maia, J. Paulo, R. Vilaça
On-line applications and services are now a critical part of our everyday life. Using these services typically requires us to trust our personal or company's information to a large number of third-party entities. These entities enforce several security measures to avoid unauthorized accesses but data is still stored on common database systems that are designed without data privacy concerns in mind. As a result, data is vulnerable against anyone with direct access to the database, which may be external attackers, malicious insiders, spies or even subpoenas. Building strong data privacy mechanisms on top of common database systems is possible but has a significant impact on the system's resources, computational capabilities and performance. Notably, the amount of useful computation that may be done over strongly encrypted data is close to none, which defeats the purpose of offloading computation to third-party services. In this paper, we propose to shift the need to trust in the honesty and security of service providers to simply trust that they will not collude. This is reasonable as cloud providers, being competitors, do not share data among themselves. We focus on NoSQL databases and present SafeRegions, a novel prototype of a distributed and secure NoSQL database that is built on top of HBase and that guarantees strong data privacy while still providing most of HBase's query capabilities. Safe Regions relies on secret sharing and multi-party computation techniques to provide a NoSQL database built on top of multiple, non-colluding service providers that appear as a single one to the user. Strikingly, service providers, individually, cannot disclose any of the user's data but, together, are able to offer data storage and processing capabilities. Additionally, we evaluate SafeRegions exposing performance trade-offs imposed by security mechanisms and provide useful insights for future research on performance optimization.
{"title":"SafeRegions: Performance Evaluation of Multi-party Protocols on HBase","authors":"Rogério Pontes, Francisco Maia, J. Paulo, R. Vilaça","doi":"10.1109/SRDSW.2016.16","DOIUrl":"https://doi.org/10.1109/SRDSW.2016.16","url":null,"abstract":"On-line applications and services are now a critical part of our everyday life. Using these services typically requires us to trust our personal or company's information to a large number of third-party entities. These entities enforce several security measures to avoid unauthorized accesses but data is still stored on common database systems that are designed without data privacy concerns in mind. As a result, data is vulnerable against anyone with direct access to the database, which may be external attackers, malicious insiders, spies or even subpoenas. Building strong data privacy mechanisms on top of common database systems is possible but has a significant impact on the system's resources, computational capabilities and performance. Notably, the amount of useful computation that may be done over strongly encrypted data is close to none, which defeats the purpose of offloading computation to third-party services. In this paper, we propose to shift the need to trust in the honesty and security of service providers to simply trust that they will not collude. This is reasonable as cloud providers, being competitors, do not share data among themselves. We focus on NoSQL databases and present SafeRegions, a novel prototype of a distributed and secure NoSQL database that is built on top of HBase and that guarantees strong data privacy while still providing most of HBase's query capabilities. Safe Regions relies on secret sharing and multi-party computation techniques to provide a NoSQL database built on top of multiple, non-colluding service providers that appear as a single one to the user. Strikingly, service providers, individually, cannot disclose any of the user's data but, together, are able to offer data storage and processing capabilities. Additionally, we evaluate SafeRegions exposing performance trade-offs imposed by security mechanisms and provide useful insights for future research on performance optimization.","PeriodicalId":401182,"journal":{"name":"2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127775736","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
S. Monfared, Daniel Andrade, L. Rodrigues, J. Silva
The authentication of users in legacy web sites via mobile devices is still a challenging problem. Users are required to provide passwords, introducing several vulnerabilities: since strong passwords are hard to memorize, users often use weak passwords that are easy to break, and passwords can be intercepted by malware and stolen. In this paper we propose a novel architecture, named BioALeg, to support secure biometric authentication on legacy websites. Our approach leverages the potential of a Secured Personal Device (SPD), a hardware add-on for mobile phones that is being developed in the context of the PCAS European project. The device offers biometric authentication and secure storage services. BioALeg uses this infrastructure, and a companion web site plugin, to support biometric authentication in legacy web sites that currently use username/password authentication. In order to perform authentication, the smartphone requests a One Time Password (OTP) to the service provider when the user tries to access the service using the SPD. Due to the architecture and implementation of the SPD, the OTP transfer only occurs after the owner of the phone and SPD is correctly authenticated using biometrics. The PCAS infrastructure guarantees that, after the biometric authentication, the user identity is valid and accepted by all components. BioALeg has been implemented as an Android service and integrated with legacy web sites.
通过移动设备对遗留网站中的用户进行身份验证仍然是一个具有挑战性的问题。用户需要提供密码,这带来了几个漏洞:由于强密码难以记忆,用户通常使用容易被破解的弱密码,密码可能被恶意软件截获和窃取。在本文中,我们提出了一种新的体系结构,称为BioALeg,以支持对遗留网站的安全生物识别认证。我们的方法利用了安全个人设备(SPD)的潜力,这是一种在PCAS欧洲项目背景下正在开发的移动电话硬件附加组件。该设备提供生物识别认证和安全存储服务。BioALeg使用这个基础设施和一个配套的网站插件,在当前使用用户名/密码身份验证的遗留网站中支持生物识别身份验证。当用户尝试使用SPD访问服务时,智能手机会向服务提供商请求OTP (One Time Password),以便进行身份验证。由于SPD的体系结构和实现,只有在使用生物识别技术对手机和SPD的所有者进行正确的身份验证后,才会进行OTP传输。PCAS基础结构保证,在生物识别身份验证之后,用户身份是有效的,并被所有组件接受。BioALeg已作为Android服务实现,并与传统网站集成。
{"title":"BioALeg - Enabling Biometric Authentication in Legacy Web Sites","authors":"S. Monfared, Daniel Andrade, L. Rodrigues, J. Silva","doi":"10.1109/SRDSW.2016.15","DOIUrl":"https://doi.org/10.1109/SRDSW.2016.15","url":null,"abstract":"The authentication of users in legacy web sites via mobile devices is still a challenging problem. Users are required to provide passwords, introducing several vulnerabilities: since strong passwords are hard to memorize, users often use weak passwords that are easy to break, and passwords can be intercepted by malware and stolen. In this paper we propose a novel architecture, named BioALeg, to support secure biometric authentication on legacy websites. Our approach leverages the potential of a Secured Personal Device (SPD), a hardware add-on for mobile phones that is being developed in the context of the PCAS European project. The device offers biometric authentication and secure storage services. BioALeg uses this infrastructure, and a companion web site plugin, to support biometric authentication in legacy web sites that currently use username/password authentication. In order to perform authentication, the smartphone requests a One Time Password (OTP) to the service provider when the user tries to access the service using the SPD. Due to the architecture and implementation of the SPD, the OTP transfer only occurs after the owner of the phone and SPD is correctly authenticated using biometrics. The PCAS infrastructure guarantees that, after the biometric authentication, the user identity is valid and accepted by all components. BioALeg has been implemented as an Android service and integrated with legacy web sites.","PeriodicalId":401182,"journal":{"name":"2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124003666","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper presents Emusphere, an integrated emulation platform for the efficient evaluation of planetary-scale distributed systems. It allows system developers and architects to assess their systems in an environment that is able to provision any desired computation infrastructure, mimic realistic environmental conditions, and carry out arbitrary usage scenarios. Unlike existing testbeds which suffer from technical complexity and high bootstrapping efforts, Emusphere is an easy-to-use and fully automated environment. This is achieved by reducing the complete configuration and execution efforts down to the definition of a single configuration file that defines the structure and course of the experiments. Those Experiment Descriptors are executed using Emusphere Executors which utilize resource providers to provision any specified virtual infrastructure, run the defined experiment steps, collect the results and finally tear down the whole environment. In this way experiments can be easily modified, reproduced, transferred and verified. We also provide an evaluation which shows that our approach surpasses existing solutions in terms of flexibility and usability while offering a high degree of scalability.
{"title":"Emusphere: Evaluating Planetary-Scale Distributed Systems in Automated Emulation Environments","authors":"Johannes Köstler, J. Seidemann, Hans P. Reiser","doi":"10.1109/SRDSW.2016.19","DOIUrl":"https://doi.org/10.1109/SRDSW.2016.19","url":null,"abstract":"This paper presents Emusphere, an integrated emulation platform for the efficient evaluation of planetary-scale distributed systems. It allows system developers and architects to assess their systems in an environment that is able to provision any desired computation infrastructure, mimic realistic environmental conditions, and carry out arbitrary usage scenarios. Unlike existing testbeds which suffer from technical complexity and high bootstrapping efforts, Emusphere is an easy-to-use and fully automated environment. This is achieved by reducing the complete configuration and execution efforts down to the definition of a single configuration file that defines the structure and course of the experiments. Those Experiment Descriptors are executed using Emusphere Executors which utilize resource providers to provision any specified virtual infrastructure, run the defined experiment steps, collect the results and finally tear down the whole environment. In this way experiments can be easily modified, reproduced, transferred and verified. We also provide an evaluation which shows that our approach surpasses existing solutions in terms of flexibility and usability while offering a high degree of scalability.","PeriodicalId":401182,"journal":{"name":"2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117215858","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Atomic multicast is a group communication primitive that allows disseminating messages to multiple distributed processes with strong ordering properties. As such, atomic multicast is a widely-employed tool to build large-scale systems, in particular when data is geo-distributed and/or replicated across multiple locations. However, all the most efficient atomic multicast algorithms suffer from a convoy effect that slows down the delivery of messages. In this paper, we study the impact of this phenomenon in detail. To this end, we first capture the convoy effect in the critical section problem with a timed automaton. We then extend this approach to the seminal atomic multicast solution of Skeen. Our analytical model shows that the convoy effect quickly degrades the latency of messages. We confirm this claim by fitting our model with empirical data from literature. To sidestep this performance degradation, we advocate the use of message semantics in atomic multicast. In particular, we present a simple protocol that reduces the convoy effect by a factor p, where p is the probability that two messages commute.
{"title":"The Convoy Effect in Atomic Multicast","authors":"Tarek Ahmed-Nacer, P. Sutra, D. Conan","doi":"10.1109/SRDSW.2016.22","DOIUrl":"https://doi.org/10.1109/SRDSW.2016.22","url":null,"abstract":"Atomic multicast is a group communication primitive that allows disseminating messages to multiple distributed processes with strong ordering properties. As such, atomic multicast is a widely-employed tool to build large-scale systems, in particular when data is geo-distributed and/or replicated across multiple locations. However, all the most efficient atomic multicast algorithms suffer from a convoy effect that slows down the delivery of messages. In this paper, we study the impact of this phenomenon in detail. To this end, we first capture the convoy effect in the critical section problem with a timed automaton. We then extend this approach to the seminal atomic multicast solution of Skeen. Our analytical model shows that the convoy effect quickly degrades the latency of messages. We confirm this claim by fitting our model with empirical data from literature. To sidestep this performance degradation, we advocate the use of message semantics in atomic multicast. In particular, we present a simple protocol that reduces the convoy effect by a factor p, where p is the probability that two messages commute.","PeriodicalId":401182,"journal":{"name":"2016 IEEE 35th Symposium on Reliable Distributed Systems Workshops (SRDSW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134123049","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: