F. Tang, M. Guo, Minglu Li, Zhijun Wang, Zixue Cheng
Routing is an important issue in any type of networks. Multiple-hop based routing in sensor networks suffer performance downgrade from too many hops with the increase of the size of sensor nodes, as well as various attacks. A number of approaches have been proposed for routing in sensor networks, but they lack of sufficient support for secure routing in large-scale sensor networks. In this paper, we propose a scalable and secure routing protocol that can work energy-efficiently and resist most of attacks. By hierarchical and long-distance mesh routing, our protocol significantly reduces average number of hops for data transmission. Lightweight security mechanism enables the routing protocol to survive from most attacks against sensor networks.
{"title":"Scalable and Secure Routing for Large-Scale Sensor Networks","authors":"F. Tang, M. Guo, Minglu Li, Zhijun Wang, Zixue Cheng","doi":"10.1109/EUC.2008.47","DOIUrl":"https://doi.org/10.1109/EUC.2008.47","url":null,"abstract":"Routing is an important issue in any type of networks. Multiple-hop based routing in sensor networks suffer performance downgrade from too many hops with the increase of the size of sensor nodes, as well as various attacks. A number of approaches have been proposed for routing in sensor networks, but they lack of sufficient support for secure routing in large-scale sensor networks. In this paper, we propose a scalable and secure routing protocol that can work energy-efficiently and resist most of attacks. By hierarchical and long-distance mesh routing, our protocol significantly reduces average number of hops for data transmission. Lightweight security mechanism enables the routing protocol to survive from most attacks against sensor networks.","PeriodicalId":430277,"journal":{"name":"2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":"126 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128856178","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A mobile device that a user carries around usually contains data private to the user but has restricted human-device interaction capabilities. There is, however, no lack of stationary computers, or kiosks, with rich computing and user interaction resources in a userpsilas typical surrounding environment. Security is a concern when integrating a mobile device with an environment kiosk. In particular, the mobile user needs to be assured that the environment kiosk that he is using does not contain malicious code that may exploit his sensitive data on device, and that such sensitive data will not be left on the kiosk for attackers to exploit. In this paper, we present an OS-agnostic approach for trustworthy and secure kiosk computing. Our approach supports secure user session initiation, strong session isolation and quick session startup, and mitigates a number of security threats such as man-in-the-middle attack, session stealing attack, and keyboard tampering attack.
{"title":"Towards Trustworthy and Secure Kiosk Computing for Mobile Users","authors":"Dong Zhou, H. Inamura","doi":"10.1109/EUC.2008.170","DOIUrl":"https://doi.org/10.1109/EUC.2008.170","url":null,"abstract":"A mobile device that a user carries around usually contains data private to the user but has restricted human-device interaction capabilities. There is, however, no lack of stationary computers, or kiosks, with rich computing and user interaction resources in a userpsilas typical surrounding environment. Security is a concern when integrating a mobile device with an environment kiosk. In particular, the mobile user needs to be assured that the environment kiosk that he is using does not contain malicious code that may exploit his sensitive data on device, and that such sensitive data will not be left on the kiosk for attackers to exploit. In this paper, we present an OS-agnostic approach for trustworthy and secure kiosk computing. Our approach supports secure user session initiation, strong session isolation and quick session startup, and mitigates a number of security threats such as man-in-the-middle attack, session stealing attack, and keyboard tampering attack.","PeriodicalId":430277,"journal":{"name":"2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126338823","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In DHT based P2P networks, the heterogeneity of node capacity and the skewness in query pattern could result in lookup load imbalance. Indegree adjustment is an effective, light-weighted and heterogeneity-aware approach to balance lookup traffic in local area, but not globally. In this paper we present a hybrid algorithm combining in degree adjustment and virtual server (VS) approaches to address both local and global lookup imbalance in DHT networks. We divide local nodes into zones, and select strong nodes to form a virtual server group (VSG). Hot zones can apply for virtual servers from VSG in order to distribute load in system wide. Nodes and VSs in the zones use indegree adjustment to maintain zone balance. We can therefore significantly improve the load balancing of traffic in these systems, and consequently their performance.Results from experimental evaluation demonstrate the effectiveness of our approach.
{"title":"Adaptive Load Balancing for Lookups in Heterogeneous DHT","authors":"Zhi Chen, Guowei Huang, Jingdong Xu, Yang Yang","doi":"10.1109/EUC.2008.153","DOIUrl":"https://doi.org/10.1109/EUC.2008.153","url":null,"abstract":"In DHT based P2P networks, the heterogeneity of node capacity and the skewness in query pattern could result in lookup load imbalance. Indegree adjustment is an effective, light-weighted and heterogeneity-aware approach to balance lookup traffic in local area, but not globally. In this paper we present a hybrid algorithm combining in degree adjustment and virtual server (VS) approaches to address both local and global lookup imbalance in DHT networks. We divide local nodes into zones, and select strong nodes to form a virtual server group (VSG). Hot zones can apply for virtual servers from VSG in order to distribute load in system wide. Nodes and VSs in the zones use indegree adjustment to maintain zone balance. We can therefore significantly improve the load balancing of traffic in these systems, and consequently their performance.Results from experimental evaluation demonstrate the effectiveness of our approach.","PeriodicalId":430277,"journal":{"name":"2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126861788","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A generalized dynamic energy performance scaling (DEPS) framework is proposed for exploring application-specific energy-saving potential in hard real-time embedded systems. This software-centric framework focuses on system-wide energy reduction and takes advantage of possible power control mechanisms to trade off performance for energy savings. Three existing technologies, i.e., dynamic hardware resource configuration (DHRC), dynamic voltage frequency scaling (DVFS), and dynamic power management (DPM) have been employed in this framework to achieve the maximal energy savings. Static and dynamic schemes of DEPS are proposed to deal with stable or variable workload in the embedded systems. Through a case study, its effectiveness has been validated.
{"title":"A Generalized Framework for System-Wide Energy Savings in Hard Real-Time Embedded Systems","authors":"Gang Zeng, H. Tomiyama, H. Takada, T. Ishihara","doi":"10.1109/EUC.2008.101","DOIUrl":"https://doi.org/10.1109/EUC.2008.101","url":null,"abstract":"A generalized dynamic energy performance scaling (DEPS) framework is proposed for exploring application-specific energy-saving potential in hard real-time embedded systems. This software-centric framework focuses on system-wide energy reduction and takes advantage of possible power control mechanisms to trade off performance for energy savings. Three existing technologies, i.e., dynamic hardware resource configuration (DHRC), dynamic voltage frequency scaling (DVFS), and dynamic power management (DPM) have been employed in this framework to achieve the maximal energy savings. Static and dynamic schemes of DEPS are proposed to deal with stable or variable workload in the embedded systems. Through a case study, its effectiveness has been validated.","PeriodicalId":430277,"journal":{"name":"2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129226085","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The integration of heterogeneous intellectual property hardware (IP) into existing hardware platforms is often only considered with respect to IP cores that provide bus interfaces to their environment. This paper will show that there is a need for, and an advantage to be gained from, incorporating non-bus interface IP so that they can be used by software running on the platformpsilas processor(s). This paper presents a grammar with which services of non-bus interface cores can be described. The paper will show how this description can be used to generate adapters to integrate the IP as well as device drivers to use the IP. Experiments show how the use of this description can reduce the integration effort of non-bus interface cores.
{"title":"Automatic Integration of Non-Bus Hardware IP into SoC-Platforms for Use by Software","authors":"Robert Günzel","doi":"10.1109/EUC.2008.140","DOIUrl":"https://doi.org/10.1109/EUC.2008.140","url":null,"abstract":"The integration of heterogeneous intellectual property hardware (IP) into existing hardware platforms is often only considered with respect to IP cores that provide bus interfaces to their environment. This paper will show that there is a need for, and an advantage to be gained from, incorporating non-bus interface IP so that they can be used by software running on the platformpsilas processor(s). This paper presents a grammar with which services of non-bus interface cores can be described. The paper will show how this description can be used to generate adapters to integrate the IP as well as device drivers to use the IP. Experiments show how the use of this description can reduce the integration effort of non-bus interface cores.","PeriodicalId":430277,"journal":{"name":"2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113979015","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
To formally and precisely capture the security properties that access control should adhere to, access control models are usually written to bridge the rather wide gap in abstraction between policies and mechanisms. In this paper, we propose a new general approach for property verification for access control models. The approach defines a standardized structure for access control models, providing for both property verification and automated generation of test cases. The approach expresses access control models in the specification language of a model checker and expresses generic access control properties in the property language. Then the approach uses the model checker to verify these properties for the access control models and generates test cases via combinatorial covering array for the system implementations of the models.
{"title":"Property Verification for Generic Access Control Models","authors":"Vincent C. Hu, D. R. Kuhn, Tao Xie","doi":"10.1109/EUC.2008.22","DOIUrl":"https://doi.org/10.1109/EUC.2008.22","url":null,"abstract":"To formally and precisely capture the security properties that access control should adhere to, access control models are usually written to bridge the rather wide gap in abstraction between policies and mechanisms. In this paper, we propose a new general approach for property verification for access control models. The approach defines a standardized structure for access control models, providing for both property verification and automated generation of test cases. The approach expresses access control models in the specification language of a model checker and expresses generic access control properties in the property language. Then the approach uses the model checker to verify these properties for the access control models and generates test cases via combinatorial covering array for the system implementations of the models.","PeriodicalId":430277,"journal":{"name":"2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124054991","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In a real-time Linux system, the critical sections are known as the main factor delaying the execution of real-time tasks. Traditional approaches to overcoming this issue have given less consideration to both real-time and non-real-time tasks. In this paper, we propose a new lock management mechanism to improve the real-time performance with a small penalty for non-real-time tasks. Using this mechanism, we guarantee the deadlines of real-time tasks while keeping the penalties accruing for non-real-time tasks small. We implemented a prototype system in Linux 2.6.20. Experimental results showed that the worst-case OS latency of real-time task is reduced to 19% of the original one, while the penalty for a non-real-time task is 10.1% of the original. The results also showed that the lock management mechanism proposed in this paper is efficient and useful for a future real-time Linux system.
{"title":"A Light Lock Management Mechanism for Optimizing Real-Time and Non-Real-Time Performance in Embedded Linux","authors":"Maobing Dai, T. Matsui, Y. Ishikawa","doi":"10.1109/EUC.2008.56","DOIUrl":"https://doi.org/10.1109/EUC.2008.56","url":null,"abstract":"In a real-time Linux system, the critical sections are known as the main factor delaying the execution of real-time tasks. Traditional approaches to overcoming this issue have given less consideration to both real-time and non-real-time tasks. In this paper, we propose a new lock management mechanism to improve the real-time performance with a small penalty for non-real-time tasks. Using this mechanism, we guarantee the deadlines of real-time tasks while keeping the penalties accruing for non-real-time tasks small. We implemented a prototype system in Linux 2.6.20. Experimental results showed that the worst-case OS latency of real-time task is reduced to 19% of the original one, while the penalty for a non-real-time task is 10.1% of the original. The results also showed that the lock management mechanism proposed in this paper is efficient and useful for a future real-time Linux system.","PeriodicalId":430277,"journal":{"name":"2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121389925","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Virtualization technology becomes more and more important in area of compute science, such as data center and server consolidation. A large number of hypervisors are available to manage the virtualization either on bare hardware or on host operating systems. One of the important task for the designer is to measure and compare the performance overhead of given virtual machines. In this paper, we provide an analytic framework for the performance analyzing either without running a system or in a runnable real system. Meanwhile, analytic performance models that are based on the queue network theory are developed to study the designs of virtual machines. At the end, a case study of the mathematical models is given to illustrate the performance evaluation.
{"title":"A Framework to Evaluate and Predict Performances in Virtual Machines Environment","authors":"Deshi Ye, Qinming He, Hua Chen, Jianhua Che","doi":"10.1109/EUC.2008.42","DOIUrl":"https://doi.org/10.1109/EUC.2008.42","url":null,"abstract":"Virtualization technology becomes more and more important in area of compute science, such as data center and server consolidation. A large number of hypervisors are available to manage the virtualization either on bare hardware or on host operating systems. One of the important task for the designer is to measure and compare the performance overhead of given virtual machines. In this paper, we provide an analytic framework for the performance analyzing either without running a system or in a runnable real system. Meanwhile, analytic performance models that are based on the queue network theory are developed to study the designs of virtual machines. At the end, a case study of the mathematical models is given to illustrate the performance evaluation.","PeriodicalId":430277,"journal":{"name":"2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":"120 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116889667","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Virtual servers provide an abstraction layer to exploit the heterogeneity of peers (or nodes) that participate in a peer-to-peer (P2P) network based on the distributed hash table (DHT). In this paper, we present a load-balanced DHT network based on virtual servers. In our proposal, participating peers accept loads proportional to their capacities. By sampling the capacities of peers and workloads of virtual servers in the system, our design approximates the probability distributions for the capacities and workloads. Each node is based on the probability distributions to match their local virtual servers and other peers. Our proposal is developed through rigorous performance analysis, and is evaluated in extensive simulations.
{"title":"Load Balancing in Peer-to-Peer Networks Based on Sampling System States","authors":"Hung-Chang Hsiao, I-Ta Lin, Hao Liao","doi":"10.1109/EUC.2008.12","DOIUrl":"https://doi.org/10.1109/EUC.2008.12","url":null,"abstract":"Virtual servers provide an abstraction layer to exploit the heterogeneity of peers (or nodes) that participate in a peer-to-peer (P2P) network based on the distributed hash table (DHT). In this paper, we present a load-balanced DHT network based on virtual servers. In our proposal, participating peers accept loads proportional to their capacities. By sampling the capacities of peers and workloads of virtual servers in the system, our design approximates the probability distributions for the capacities and workloads. Each node is based on the probability distributions to match their local virtual servers and other peers. Our proposal is developed through rigorous performance analysis, and is evaluated in extensive simulations.","PeriodicalId":430277,"journal":{"name":"2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117300639","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Workflows in the physical world are implemented based on forms printed on paper and signed by the involved people. In contrast workflows in service oriented architectures require a central entity for execution that results in an inflexible system design that is not suitable for ambient environments. Based on an ambient environment example a security approach for decentralized workflows is presented providing authenticity, confidentiality, and non-repudiation for distributed workflow execution.
{"title":"Securing Decentralized Workflows in Ambient Environments","authors":"N. Kuntze, J. Schütte","doi":"10.1109/EUC.2008.86","DOIUrl":"https://doi.org/10.1109/EUC.2008.86","url":null,"abstract":"Workflows in the physical world are implemented based on forms printed on paper and signed by the involved people. In contrast workflows in service oriented architectures require a central entity for execution that results in an inflexible system design that is not suitable for ambient environments. Based on an ambient environment example a security approach for decentralized workflows is presented providing authenticity, confidentiality, and non-repudiation for distributed workflow execution.","PeriodicalId":430277,"journal":{"name":"2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116269641","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: