Pub Date : 2014-11-11DOI: 10.4108/eai.21-12-2015.150819
Carlos E. Rubio-Medrano, Gail-Joon Ahn, K. Sohr
Modern software applications are commonly built by leveraging pre-fabricated modules, e.g. application programming interfaces (APIs), which are essential to implement the desired functionalities of software applications, helping reduce the overall development costs and time. When APIs deal with security-related functionality, it is critical to ensure they comply with their design requirements since otherwise unexpected flaws and vulnerabilities may be consequently occurred. Often, such APIs may lack sufficient specification details, or may implement a semantically-different version of a desired security model to enforce, thus possibly complicating the runtime enforcement of security properties and making it harder to minimize the existence of serious vulnerabilities. This paper proposes a novel approach to address such a critical challenge by leveraging the notion of software assertions. We focus on security requirements in role-based access control models and show how proper verification at the source-code level can be performed with our proposed approach as well as with automated state-of-the-art assertion-based techniques.
{"title":"Achieving security assurance with assertion-based application construction","authors":"Carlos E. Rubio-Medrano, Gail-Joon Ahn, K. Sohr","doi":"10.4108/eai.21-12-2015.150819","DOIUrl":"https://doi.org/10.4108/eai.21-12-2015.150819","url":null,"abstract":"Modern software applications are commonly built by leveraging pre-fabricated modules, e.g. application programming interfaces (APIs), which are essential to implement the desired functionalities of software applications, helping reduce the overall development costs and time. When APIs deal with security-related functionality, it is critical to ensure they comply with their design requirements since otherwise unexpected flaws and vulnerabilities may be consequently occurred. Often, such APIs may lack sufficient specification details, or may implement a semantically-different version of a desired security model to enforce, thus possibly complicating the runtime enforcement of security properties and making it harder to minimize the existence of serious vulnerabilities. This paper proposes a novel approach to address such a critical challenge by leveraging the notion of software assertions. We focus on security requirements in role-based access control models and show how proper verification at the source-code level can be performed with our proposed approach as well as with automated state-of-the-art assertion-based techniques.","PeriodicalId":432345,"journal":{"name":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"7 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114122464","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-11DOI: 10.4108/ICST.COLLABORATECOM.2014.257265
Preeti Arunapuram, Jacob W. Bartel, P. Dewan
The sending of a message raises two important questions about its response: When will the first response arrive? When will the first acceptable response arrive? These questions can be partly or completely answered by identifying distributions of response times, correlating features with response times, and/or predicting the actual response times. We address distribution, correlation and prediction of response times in Stack Overflow. We analyzed response times of over two million question-answer threads. We found no strong correlation between response times and features studied in other messaging domains: (a) use of various kinds of pronouns and punctuations, and (b) the time of day, and day of week when messages were sent. We found that title lengths show a quadratic relationship with median response time and that mean response times vary according to the tags used in a post. We explored a large design space of prediction algorithms based on the distributions of response times. These approaches predicted ranges of time that were automatically determined using a clustering algorithm. The best results were given by an approach that combines, using an index-base weighted-average algorithm introduced here, the most frequent time-ranges in the distributions for the tags in the posts.
{"title":"Distribution, correlation and prediction of response times in Stack Overflow","authors":"Preeti Arunapuram, Jacob W. Bartel, P. Dewan","doi":"10.4108/ICST.COLLABORATECOM.2014.257265","DOIUrl":"https://doi.org/10.4108/ICST.COLLABORATECOM.2014.257265","url":null,"abstract":"The sending of a message raises two important questions about its response: When will the first response arrive? When will the first acceptable response arrive? These questions can be partly or completely answered by identifying distributions of response times, correlating features with response times, and/or predicting the actual response times. We address distribution, correlation and prediction of response times in Stack Overflow. We analyzed response times of over two million question-answer threads. We found no strong correlation between response times and features studied in other messaging domains: (a) use of various kinds of pronouns and punctuations, and (b) the time of day, and day of week when messages were sent. We found that title lengths show a quadratic relationship with median response time and that mean response times vary according to the tags used in a post. We explored a large design space of prediction algorithms based on the distributions of response times. These approaches predicted ranges of time that were automatically determined using a clustering algorithm. The best results were given by an approach that combines, using an index-base weighted-average algorithm introduced here, the most frequent time-ranges in the distributions for the tags in the posts.","PeriodicalId":432345,"journal":{"name":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"179 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114439806","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-11DOI: 10.4108/ICST.COLLABORATECOM.2014.257289
Tommy Szalapski, S. Madria
Wireless sensor networks possess significant limitations in storage, bandwidth, and power. This has led to the development of several compression algorithms designed for sensor networks. Many of these methods exploit the correlation often present between the data on different sensor nodes in the network; however, correlation can also exist between different sensing modules on the same sensor node. Exploiting this correlation can improve compression ratios and reduce energy consumption without the cost of increased traffic in the network. We investigate and analyze approaches for compression utilizing collaboration between separate sensing modules on the same sensor node. The compression can be lossless or lossy with a parameter for maximum tolerable error. Performance evaluations over real world sensor data show increased energy efficiency and bandwidth utilization with a decrease in latency compared to some recent approaches for both lossless and loss tolerant compression.
{"title":"Toward energy efficient multistream collaborative compression in wireless sensor networks","authors":"Tommy Szalapski, S. Madria","doi":"10.4108/ICST.COLLABORATECOM.2014.257289","DOIUrl":"https://doi.org/10.4108/ICST.COLLABORATECOM.2014.257289","url":null,"abstract":"Wireless sensor networks possess significant limitations in storage, bandwidth, and power. This has led to the development of several compression algorithms designed for sensor networks. Many of these methods exploit the correlation often present between the data on different sensor nodes in the network; however, correlation can also exist between different sensing modules on the same sensor node. Exploiting this correlation can improve compression ratios and reduce energy consumption without the cost of increased traffic in the network. We investigate and analyze approaches for compression utilizing collaboration between separate sensing modules on the same sensor node. The compression can be lossless or lossy with a parameter for maximum tolerable error. Performance evaluations over real world sensor data show increased energy efficiency and bandwidth utilization with a decrease in latency compared to some recent approaches for both lossless and loss tolerant compression.","PeriodicalId":432345,"journal":{"name":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134496812","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-11DOI: 10.4108/ICST.COLLABORATECOM.2014.257327
Amerah A. Alabrah, M. Bassiouni
Session hijacking attacks of social network websites are one of the commonly experienced cyber threats in today's Internet especially with the unprecedented proliferation of wireless networks and mobile applications. To address this problem, we propose a cache supported hybrid two-dimensional one-way hash construction to handle social networks' user sessions authentication in collaborative applications efficiently. The solution, which presents a major redesign from [18], is based on utilizing two-dimensional OHC chains equipped with sparse caching capabilities to carry out authentication during social networks users' sessions. We analyze the proposed hybrid scheme mathematically to determine the cost of authentication and develop a quartic equation to check the optimal configuration of the two dimensions. We also evaluate the hybrid scheme with simulation experiments of different configurations and scenarios. The results of the simulation experiments show that the hybrid scheme improves performance of the OHC tremendously while efficiently and securely handling authentication.
{"title":"Preventing session hijacking in collaborative applications with hybrid cache-supported one-way hash chains","authors":"Amerah A. Alabrah, M. Bassiouni","doi":"10.4108/ICST.COLLABORATECOM.2014.257327","DOIUrl":"https://doi.org/10.4108/ICST.COLLABORATECOM.2014.257327","url":null,"abstract":"Session hijacking attacks of social network websites are one of the commonly experienced cyber threats in today's Internet especially with the unprecedented proliferation of wireless networks and mobile applications. To address this problem, we propose a cache supported hybrid two-dimensional one-way hash construction to handle social networks' user sessions authentication in collaborative applications efficiently. The solution, which presents a major redesign from [18], is based on utilizing two-dimensional OHC chains equipped with sparse caching capabilities to carry out authentication during social networks users' sessions. We analyze the proposed hybrid scheme mathematically to determine the cost of authentication and develop a quartic equation to check the optimal configuration of the two dimensions. We also evaluate the hybrid scheme with simulation experiments of different configurations and scenarios. The results of the simulation experiments show that the hybrid scheme improves performance of the OHC tremendously while efficiently and securely handling authentication.","PeriodicalId":432345,"journal":{"name":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127129357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-11DOI: 10.4108/ICST.COLLABORATECOM.2014.257749
Manoj Cherukuri, Srinivas Mukkamala, Dongwan Shin
Malware distribution using drive-by download attacks has become the most prominent threat for organizations and individuals. Compromised web services and web applications hosted on the cloud act as the delivery medium for the exploits. The exploits included often target the vulnerabilities within the plugins of the web browsers. Implementing security controls to counter the exploits within the browsers for ensuring end point security has become a challenge. In this paper, a set of features is proposed and is extracted by monitoring the communications between the browser and the plugins during the rendering of webpages. The Support Vector Machines are trained using the defined features and the performance of the trained classifier is evaluated using a dataset with both malicious and benign use cases of the plugins. The dataset included 10,239 malicious use cases and 37,369 benign use cases. To compensate the imbalance in the distribution of the dataset, experiments were performed using weighted costs and oversampling. Our analysis shows that the Support Vector Machines trained by using the proposed set of features classified with an average accuracy of about 99.4%. On integrating the proposed approach as an inline defense, an average performance overhead of 5.14% was observed.
{"title":"Detection of plugin misuse drive-by download attacks using kernel machines","authors":"Manoj Cherukuri, Srinivas Mukkamala, Dongwan Shin","doi":"10.4108/ICST.COLLABORATECOM.2014.257749","DOIUrl":"https://doi.org/10.4108/ICST.COLLABORATECOM.2014.257749","url":null,"abstract":"Malware distribution using drive-by download attacks has become the most prominent threat for organizations and individuals. Compromised web services and web applications hosted on the cloud act as the delivery medium for the exploits. The exploits included often target the vulnerabilities within the plugins of the web browsers. Implementing security controls to counter the exploits within the browsers for ensuring end point security has become a challenge. In this paper, a set of features is proposed and is extracted by monitoring the communications between the browser and the plugins during the rendering of webpages. The Support Vector Machines are trained using the defined features and the performance of the trained classifier is evaluated using a dataset with both malicious and benign use cases of the plugins. The dataset included 10,239 malicious use cases and 37,369 benign use cases. To compensate the imbalance in the distribution of the dataset, experiments were performed using weighted costs and oversampling. Our analysis shows that the Support Vector Machines trained by using the proposed set of features classified with an average accuracy of about 99.4%. On integrating the proposed approach as an inline defense, an average performance overhead of 5.14% was observed.","PeriodicalId":432345,"journal":{"name":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128832970","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-11DOI: 10.4108/ICST.COLLABORATECOM.2014.257336
Riham S. Elhabyan, M. Yagoub
Clustering is an efficient topology control approach for maximizing the lifetime and scalability of Wireless Sensor Networks (WSNs). Many cluster-based routing techniques have been proposed in the literature. However, in most of the proposed protocols, the communication between a sensor node and its designated cluster head (CH) is assumed to be single-hop. Multi-hop communication can be used when the communication range of the sensor nodes is limited or the number of sensor nodes is very large in a network. Moreover, they used a predetermined percentage of CHs regardless of the network density or the number of live nodes. Clustering is known to be non-deterministic polynomial (NP)-hard problems for a WSN. Particle Swarm Optimization (PSO) is a swarm intelligent approach that can be applied for finding fast and efficient solutions of such problems. In this paper, we propose a novel centralized PSO protocol for Hierarchical Clustering (PSO-HC) in WSNs. Our objective is to maximize the network lifetime by minimizing the number of active CHs and to maximize the network scalability by using two-hop communication between the sensor nodes and their respective CHs. The effect of using a realistic network and energy consumption model in cluster-based communication for WSN was investigated. Extensive simulations show that PSO-HC outperforms the well-known cluster-based sensor network protocols in terms of average consumed energy and throughput.
{"title":"PSO-HC: Particle swarm optimization protocol for hierarchical clustering in Wireless Sensor Networks","authors":"Riham S. Elhabyan, M. Yagoub","doi":"10.4108/ICST.COLLABORATECOM.2014.257336","DOIUrl":"https://doi.org/10.4108/ICST.COLLABORATECOM.2014.257336","url":null,"abstract":"Clustering is an efficient topology control approach for maximizing the lifetime and scalability of Wireless Sensor Networks (WSNs). Many cluster-based routing techniques have been proposed in the literature. However, in most of the proposed protocols, the communication between a sensor node and its designated cluster head (CH) is assumed to be single-hop. Multi-hop communication can be used when the communication range of the sensor nodes is limited or the number of sensor nodes is very large in a network. Moreover, they used a predetermined percentage of CHs regardless of the network density or the number of live nodes. Clustering is known to be non-deterministic polynomial (NP)-hard problems for a WSN. Particle Swarm Optimization (PSO) is a swarm intelligent approach that can be applied for finding fast and efficient solutions of such problems. In this paper, we propose a novel centralized PSO protocol for Hierarchical Clustering (PSO-HC) in WSNs. Our objective is to maximize the network lifetime by minimizing the number of active CHs and to maximize the network scalability by using two-hop communication between the sensor nodes and their respective CHs. The effect of using a realistic network and energy consumption model in cluster-based communication for WSN was investigated. Extensive simulations show that PSO-HC outperforms the well-known cluster-based sensor network protocols in terms of average consumed energy and throughput.","PeriodicalId":432345,"journal":{"name":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123010203","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-11DOI: 10.4108/ICST.COLLABORATECOM.2014.257551
Seokho Son, Dong-Jae Kang, Jin-Mee Kim
Cloud broker concept is considered as one of solutions for federating distributed multi-Cloud. In order to design and realize a Cloud brokerage system, we need to devise establishment and management of SLA (Service Level Agreement). Whereas a SLA negotiation in a Cloud is assumed to be a basic functionality to establish a SLA, there has been some lack of efforts to apply, configure, and design SLA negotiation mechanism for a Cloud broker, which arbitrates multiple Cloud providers. In this paper, therefore, we design a multi-Cloud broker and reveal design considerations to realize an automated SLA negotiation in a multi-Cloud broker. Briefly, the decision issues to realize a SLA negotiation are as follows: 1) Negotiation lifecycles according to types of Cloud broker, 2) negotiation protocol, 3) negotiable SLA issues, 4) multi-issue negotiation support, and 5) deployment position of negotiation agents.
{"title":"Design considerations to realize automated SLA negotiations in a multi-Cloud brokerage system","authors":"Seokho Son, Dong-Jae Kang, Jin-Mee Kim","doi":"10.4108/ICST.COLLABORATECOM.2014.257551","DOIUrl":"https://doi.org/10.4108/ICST.COLLABORATECOM.2014.257551","url":null,"abstract":"Cloud broker concept is considered as one of solutions for federating distributed multi-Cloud. In order to design and realize a Cloud brokerage system, we need to devise establishment and management of SLA (Service Level Agreement). Whereas a SLA negotiation in a Cloud is assumed to be a basic functionality to establish a SLA, there has been some lack of efforts to apply, configure, and design SLA negotiation mechanism for a Cloud broker, which arbitrates multiple Cloud providers. In this paper, therefore, we design a multi-Cloud broker and reveal design considerations to realize an automated SLA negotiation in a multi-Cloud broker. Briefly, the decision issues to realize a SLA negotiation are as follows: 1) Negotiation lifecycles according to types of Cloud broker, 2) negotiation protocol, 3) negotiable SLA issues, 4) multi-issue negotiation support, and 5) deployment position of negotiation agents.","PeriodicalId":432345,"journal":{"name":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124021090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-11DOI: 10.4108/ICST.COLLABORATECOM.2014.257298
Julian Jarrett, Iman Saleh, M. Blake, Rohan Malcolm, Sean S. E. Thorpe, Tyrone Grandison
Crowd computing leverages human input in order to execute tasks that are computationally expensive, due to complexity and/or scale. Combined with automation, crowd computing can help solve problems efficiently and effectively. In this work, we introduce an elasticity framework that adaptively optimizes the use of human and automated software resources in order to maximize overall performance. This framework includes a quantitative model that supports elasticity when performing complex tasks. Our model defines a task complexity index and an elasticity index that is used to aid in decision support for assigning tasks to respective computing elements. Experiments demonstrate that the framework can effectively optimize the use of human and machine computing elements simultaneously. Also, as a consequence, overall performance is significantly enhanced.
{"title":"Combining human and machine computing elements for analysis via crowdsourcing","authors":"Julian Jarrett, Iman Saleh, M. Blake, Rohan Malcolm, Sean S. E. Thorpe, Tyrone Grandison","doi":"10.4108/ICST.COLLABORATECOM.2014.257298","DOIUrl":"https://doi.org/10.4108/ICST.COLLABORATECOM.2014.257298","url":null,"abstract":"Crowd computing leverages human input in order to execute tasks that are computationally expensive, due to complexity and/or scale. Combined with automation, crowd computing can help solve problems efficiently and effectively. In this work, we introduce an elasticity framework that adaptively optimizes the use of human and automated software resources in order to maximize overall performance. This framework includes a quantitative model that supports elasticity when performing complex tasks. Our model defines a task complexity index and an elasticity index that is used to aid in decision support for assigning tasks to respective computing elements. Experiments demonstrate that the framework can effectively optimize the use of human and machine computing elements simultaneously. Also, as a consequence, overall performance is significantly enhanced.","PeriodicalId":432345,"journal":{"name":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123183524","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
NoSQL (Not only SQL) data stores become a vital component in many big data computing platforms due to its inherent horizontal scalability. HBase is an open-source distributed NoSQL store that is widely used by many Internet enterprises to handle their big data computing applications (e.g. Facebook handles millions of messages each day with HBase). Optimizations that can enhance the performance of HBase are of paramount interests for big data applications that use HBase or Big Table like key-value stores. In this paper we study the problems inherent in misconfiguration of HBase clusters, including scenarios where the HBase default configurations can lead to poor performance. We develop HConfig, a semi-automated configuration manager for optimizing HBase system performance from multiple dimensions. Due to the space constraint, this paper will focus on how to improve the performance of HBase data loader using HConfig. Through this case study we will highlight the importance of resource adaptive and workload aware auto-configuration management and the design principles of HConfig. Our experiments show that the HConfig enhanced bulk loading can significantly improve the performance of HBase bulk loading jobs compared to the HBase default configuration, and achieve 2~3.7× speedup in throughput under different client threads while maintaining linear horizontal scalability.
{"title":"HConfig: Resource adaptive fast bulk loading in HBase","authors":"Xianqiang Bao, Ling Liu, Nong Xiao, Fang Liu, Qi Zhang, T. Zhu","doi":"10.4108/ICST.COLLABORATECOM.2014.257304","DOIUrl":"https://doi.org/10.4108/ICST.COLLABORATECOM.2014.257304","url":null,"abstract":"NoSQL (Not only SQL) data stores become a vital component in many big data computing platforms due to its inherent horizontal scalability. HBase is an open-source distributed NoSQL store that is widely used by many Internet enterprises to handle their big data computing applications (e.g. Facebook handles millions of messages each day with HBase). Optimizations that can enhance the performance of HBase are of paramount interests for big data applications that use HBase or Big Table like key-value stores. In this paper we study the problems inherent in misconfiguration of HBase clusters, including scenarios where the HBase default configurations can lead to poor performance. We develop HConfig, a semi-automated configuration manager for optimizing HBase system performance from multiple dimensions. Due to the space constraint, this paper will focus on how to improve the performance of HBase data loader using HConfig. Through this case study we will highlight the importance of resource adaptive and workload aware auto-configuration management and the design principles of HConfig. Our experiments show that the HConfig enhanced bulk loading can significantly improve the performance of HBase bulk loading jobs compared to the HBase default configuration, and achieve 2~3.7× speedup in throughput under different client threads while maintaining linear horizontal scalability.","PeriodicalId":432345,"journal":{"name":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123541175","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-11DOI: 10.4108/ICST.COLLABORATECOM.2014.257687
E. Bertino, B. Samanthula
Data is one of the most valuable assets for organization. It can facilitate users or organizations to meet their diverse goals, ranging from scientific advances to business intelligence. Due to the tremendous growth of data, the notion of big data has certainly gained momentum in recent years. Cloud computing is a key technology for storing, managing and analyzing big data. However, such large, complex, and growing data, typically collected from various data sources, such as sensors and social media, can often contain personally identifiable information (PII) and thus the organizations collecting the big data may want to protect their outsourced data from the cloud. In this paper, we survey our research towards development of efficient and effective privacy-enhancing (PE) techniques for management and analysis of big data in cloud computing.We propose our initial approaches to address two important PE applications: (i) privacy-preserving data management and (ii) privacy-preserving data analysis under the cloud environment. Additionally, we point out research issues that still need to be addressed to develop comprehensive solutions to the problem of effective and efficient privacy-preserving use of data.
{"title":"Security with privacy - A research agenda","authors":"E. Bertino, B. Samanthula","doi":"10.4108/ICST.COLLABORATECOM.2014.257687","DOIUrl":"https://doi.org/10.4108/ICST.COLLABORATECOM.2014.257687","url":null,"abstract":"Data is one of the most valuable assets for organization. It can facilitate users or organizations to meet their diverse goals, ranging from scientific advances to business intelligence. Due to the tremendous growth of data, the notion of big data has certainly gained momentum in recent years. Cloud computing is a key technology for storing, managing and analyzing big data. However, such large, complex, and growing data, typically collected from various data sources, such as sensors and social media, can often contain personally identifiable information (PII) and thus the organizations collecting the big data may want to protect their outsourced data from the cloud. In this paper, we survey our research towards development of efficient and effective privacy-enhancing (PE) techniques for management and analysis of big data in cloud computing.We propose our initial approaches to address two important PE applications: (i) privacy-preserving data management and (ii) privacy-preserving data analysis under the cloud environment. Additionally, we point out research issues that still need to be addressed to develop comprehensive solutions to the problem of effective and efficient privacy-preserving use of data.","PeriodicalId":432345,"journal":{"name":"10th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115251994","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: