Papers by Victoria Ungureanu
A cluster-based server consists of a front-end dispatcher and multiple back-end servers. The disp... more A cluster-based server consists of a front-end dispatcher and multiple back-end servers. The dispatcher receives incoming jobs, and then decides how to assign them to back-end servers, which in turn serve the jobs according to some discipline. Cluster-based servers have been broadly deployed as they combine good performance with low cost.
DIMACS TR: 2003-15 Towards an Efficient Cluster-based E-Commerce Server
Access control has traditionally assumed a single, mono-lithic authorization policy, generally ex... more Access control has traditionally assumed a single, mono-lithic authorization policy, generally expressed as an ac-cess matrix. We argue that this assumption does not fit e-commerce applications, which are governed by a potentially large set of independently stated, evolving contracts. In or-der to support this growing class of applications we propose an enforcement mechanism which uses certified-contracts as authorization policies. A certified-contract is obtained: (a) by expressing contract terms in a formal, interpretable language, and (b) by having it digitally signed by a trusted principal. We show that this approach would make dissemi-nation, revision, and annulment of contracts more manage-able and more efficient. We propose a language for stating contract terms, and present several formal examples of certified contracts. The paper describes the implementation of the enforcement mechanism, which can be used as an extension to a web server, or as a separate server with interfac...
Abstract. We consider the problem of coordination and control of large heterogeneous groups of ag... more Abstract. We consider the problem of coordination and control of large heterogeneous groups of agents distributed over the Internet in the con-text of Law-Governed Interaction (LGI) [2, 5]. LGI is a mode of interac-tion that allows a group of distributed heterogeneous agents to interact with each other with condence that an explicitly specied policy, called the law of the group, is complied with by everyone in the group. The original LGI model [5] supported only explicit groups, whose mem-bership is maintained and controlled by a central server. Such a central server is necessary for applications that require each member of the group to know about the membership of the entire group. However, in the case where members do not need to know the membership of the entire group, such a central server can become an unnecessary performance bottleneck, as group size increases, as well as a single point of failure. In this paper, we present an extension to LGI allowing it to support implicit g...
This paper proposes a new scheduling policy for cluster-based servers called DAS (Deferred Assign... more This paper proposes a new scheduling policy for cluster-based servers called DAS (Deferred Assign-ment Scheduling). The main idea in DAS is to defer scheduling as much as possible, in order to make better use of the accumulated information on job sizes. In broad outline, DAS operates as follows: (1) incoming jobs are held by the dispatcher in a buffer; (2) the dispatcher monitors the number of jobs being processed by each server; (3) when the number of jobs at a server queue drops below a prescribed threshold, the dispatcher sends to it the shortest job in its buffer. To gauge the efficacy of DAS, the paper presents simulation studies, using various data traces. The studies collected response times and slowdowns for two cluster configurations under multi-threaded and multi-process back-end server architectures. The experimental results show that in both archi-tectures, DAS outperforms the Round-Robin policy in all traffic regimes, and the JSQ (Join Shortest Queue) policy in medium a...
Regulating E-Commerce through Contract Certificates
Enforcing e-commerce contracts is difficult because an enterprise may be concurrently bound by a ... more Enforcing e-commerce contracts is difficult because an enterprise may be concurrently bound by a very large number of commercial agreements, and because these agreements are likely to change in time or to be annulled. We argue that it is not feasible to establish a dedicated server for each contract; nor it is possible to construct a composition of such commercial agreements. To deal with these problems we propose to embed contracts in certificates. We show that disseminating contracts as certificates facilitates deployment, annulment and revision of contracts. We propose a language for stating contract terms, and present several formal examples.
Scalable Regulation of Inter-Enterprise Electronic Commerce
In the current electronic-commerce literature, a commercial transaction is commonly viewed as an ... more In the current electronic-commerce literature, a commercial transaction is commonly viewed as an exchange between two autonomous principals operating under a contract between them--- which needs to be formalized and enforced. But the situation can be considerably more complex in the case of inter-enterprise (also called business-to-business, or B2B) commerce. The participants in a B2B transaction are generally not autonomous agents, since their commercial activities are subject to the policies of their respective enterprises.
E-commerce regulations are usually embedded in mutually agreed upon contracts. Generally, these c... more E-commerce regulations are usually embedded in mutually agreed upon contracts. Generally, these contracts enumerate agents authorized to participate in transactions, and spell out such things like rights and obligations of each partner, and terms and conditions of the trade. An enterprise may be concurrently bound by a set of different contracts that regulate the trading relations with its various clients and suppliers. This set is dynamic because new contracts are constantly being established, and previously established contracts end, are annulled or revised. We argue that existent access control mechanisms cannot adequately support the large number of regulations embedded in disparate, evolving contracts. To deal with this problem we propose to use certified policies. A certified policy (CP) is obtained by expressing contract terms regarding access and control regulations in a formal, interpretable language, and by having them digitally signed by a proper authority. In this framew...
Abstract: Cluster-based server architectures combine good performance and low cost, and are commo... more Abstract: Cluster-based server architectures combine good performance and low cost, and are commonly used for applications that generate heavy loads. Essentially, a cluster-based server consists of a front-end dispatcher and several back-end servers. The dispatcher receives incoming requests, and then assigns them to back-end servers, which are responsible for request processing. The many benets of cluster-based servers make them a good choice for e-commerce applications as well. However, applying this type of architecture to e-commerce applications is hindered by the fact that e-commerce clusters have the additional task of verifying that requests comply with contract terms. The problem is further complicated by the fact that contract terms may be expressed as functions of dynamic, mutable states. We have proposed a policy, called TDA (Type Dependent Assignment), which is designed to balance load among back-end servers and to that request validation is done in a an ecient manner. I...
Current research on electronic commerce focuses mainly on fair and efficient transfer of money an... more Current research on electronic commerce focuses mainly on fair and efficient transfer of money and goods between a client and a vendor. Inter-enterprise electronic commerce, though, bestows a more complex setting on the trade by adding a new dimension to the individual-merchant frame. The parties involved in a purchase are no longer autonomous entities, but are members of an organization whose rules of doing business they have to obey. We propose a flexible approach towards regulating agent involvement in inter-enterprise electronic commerce. The method is based on the concept of law-governed interaction (LGI) which makes a strict separation between a declarative, formal statement of a policy and its enforcement. 1. Introduction Current research on electronic commerce focuses mainly on fair and efficient transfer of money and goods between a client and a vendor [10, 2, 7]. Inter-enterprise electronic commerce, though, bestows a more complex setting on the trade by adding a new dimen...
Conventional mechanisms for electronic commerce provide strong means for securing transfer of fun... more Conventional mechanisms for electronic commerce provide strong means for securing transfer of funds, and for ensuring such things as authenticity and non-repudiation. But they generally do not attempt to regulate the activities of the participants in an e-commerce transaction, treating them, implicitly, as autonomous agents. This is adequate for most cases of client-to-vendor commerce, but is quite unsatisfactory for inter-enterprise electronic commerce. The participants in this kind of e-commerce are not autonomous agents, since their commercial activities are subject to the business rules of their respective enterprises, and to the preexisting agreements and contracts between the enterprises involved. These policies are likely to be independently developed, and may be quite heterogeneous. Yet, they have to interoperate, and be brought to bear in regulating each e-commerce transaction. This paper presents a mechanism that allows such interoperation between policies, and thus provides for inter-enterprise electronic commerce. 1 Introduction Commercial activities need to be regulated in order to enhance the confidence of people that partake in them, and in order to ensure compliance with the various rules and regulations that govern these activities. Conventional mechanisms for electronic commerce provide strong means for securing transfer of funds, and for ensuring such things as authenticity and non-repudiation. But they generally do not attempt to regulate the activities of the participants in an e-commerce transaction, treating them, implicitly, as autonomous agents. This is adequate for most cases of client-to-vendor commerce, but is quite unsatisfactory for the potentially more important inter-enterprise (also called business-to-business or B2B) electronic commerce 1. The participants in this kind of e-commerce are not autonomous agents, since their commercial activities are subject to the business rules of their respective enterprises, and to the preexisting agreements and contracts between the enterprises involved. The nature of this situation can be illustrated by the following example.
Deferred Assignment Scheduling in Clustered Web Servers
This paper proposes new scheduling policies for clustered servers, which are based on job size. T... more This paper proposes new scheduling policies for clustered servers, which are based on job size. The proposed algorithms are shown to be efficient, simple and easy to implement. They differ from traditional methods in the way jobs are assigned to back-end servers. The main idea is to defer scheduling as much as possible in order to make better use of the accumulated information on job sizes. Furthermore, the proposed algorithms are designed to work effectively with the class of job-size distributions often encountered on the Internet. To gauge the efficacy of the proposed algorithms, the paper presents an empirical case study that shows these algorithms perform well on input from real-life trace data measured at Internet clustered servers.
Towards an Efficient Cluster-based E-Commerce Server ∗
Cluster-based server architectures combine good performance and low cost, and are commonly used f... more Cluster-based server architectures combine good performance and low cost, and are commonly used for applications that generate heavy loads. Essentially, a cluster-based server consists of a front-end dispatcher and several back-end servers. The dispatcher receives incoming requests, and then assigns them to back-end servers, which are responsible for request processing. The many benefits of cluster-based servers make them a good choice for e-commerce applications as well. However, applying this type of architecture to e-commerce applications is hindered by the fact that e-commerce clusters have the additional task of verifying that requests comply with contract terms. The problem is further complicated by the fact that contract terms may be expressed as functions of dynamic, mutable states. The problem addressed in this paper is the effective assignment of e-commerce requests, such that the load is balanced among back-end servers and request validation is efficient. To this end, we ...
Current Web technologies use access control lists (ACLs) for enforcing regulations and practices ... more Current Web technologies use access control lists (ACLs) for enforcing regulations and practices governing businesses today. Having the policy hard-coded into ACLs causes management and security problems which have prevented so far Intranets to achieve their full potential.
This paper proposes a new scheduling policy for cluster-based servers called DAS (Deferred Assign... more This paper proposes a new scheduling policy for cluster-based servers called DAS (Deferred Assignment Scheduling). The main idea in DAS is to defer scheduling as much as possible, in order to make better use of the accumulated information on job sizes. In broad outline, DAS operates as follows: (1) incoming jobs are held by the dispatcher in a buffer; (2) the dispatcher monitors the number of jobs being processed by each server; (3) when the number of jobs at a server queue drops below a prescribed threshold, the dispatcher sends to it the shortest job in its buffer. To gauge the efficacy of DAS, the paper presents simulation studies, using various data traces. The studies collected response times and slowdowns for two cluster configurations under multi-threaded and multi-process back-end server architectures. The experimental results show that in both architectures, DAS outperforms the Round-Robin policy in all traffic regimes, and the JSQ (Join Shortest Queue) policy in medium and heavy traffic regimes.
DIMACS Technical Report 2002-03 January 2002 Regulating E-Commerce through Contract Certificates
Enforcing e-commerce contracts is difficult because an enterprise may be concurrently bound by a ... more Enforcing e-commerce contracts is difficult because an enterprise may be concurrently bound by a very large number of commercial agreements, and because these agreements are likely to change in time or to be annulled. We argue that it is not feasible to establish a dedicated server for each contract; nor it is possible to construct a composition of such commercial agreements. To deal with these problems we propose to embed contracts in certificates. We show that disseminating contracts as certificates facilitates deployment, annulment and revision of contracts. We propose a language for stating contract terms, and present several formal examples. We describe here our implementation, which can be used as an extension to a web server, or as a separate server with interface to application. The proposed model does not require any modification of the current certificate infrastructure, and only minor modifications to servers.
The conventional approach to distributed access-control (AC) tends to be servercentric. Under thi... more The conventional approach to distributed access-control (AC) tends to be servercentric. Under this approach, each server establishes its own policy regarding the use of its resources and services by its clients. The choice of this policy, and its implementation, are generally considered the prerogative of each individual server. This approach to access-control may be appropriate for many current client-server applications, where the server is an autonomous agent, in complete charge of its resources. But it is not suitable for the growing class of applications where a group of servers, and sometimes their clients, belong to a single enterprise, and are subject to the enterprise-wide policy governing them all. One may not be able to entrust such an enterprise-wide policy to the individual servers, for two reasons: First, it is hard to ensure that an heterogeneous set of servers implement exactly the same policy. Second, as we will argue, an AC policy can have aspects that cannot, in p...
Deferred Assignment Scheduling in Clustered Web Servers
This paper proposes new scheduling policies for clustered servers, which are based on job size. T... more This paper proposes new scheduling policies for clustered servers, which are based on job size. The proposed algorithms are shown to be efficient, simple and easy to implement. They differ from traditional methods in the way jobs are assigned to back-end servers. The main idea is to defer scheduling as much as possible in order to make better use of the accumulated information on job sizes. Furthermore, the proposed algorithms are designed to work effectively with the class of job-size distributions often encountered on the Internet. To gauge the efficacy of the proposed algorithms, the paper presents an empirical case study that shows these algorithms perform well on input from real-life trace data measured at Internet clustered servers.
A mechanism for establishing policies for electronic commerce
A Mechanism for Establishing Policies for Electronic Commerce Naftaly H. Minsky* Victoria Ungurea... more A Mechanism for Establishing Policies for Electronic Commerce Naftaly H. Minsky* Victoria Ungureanu* ... order specs,fee,eCash,gp , where specs speci es the required merchandise, fee is the sum the client is willing to pay for the mer-chandise, eCash is the digital certi cate for ...
An agreement centric access control mechanism for business to business e-commerce
Proceedings of the 2002 Acm Symposium on Applied Computing, 2002
We argue that matrix-based models are inadequate for regulating business to business (or B2B, for... more We argue that matrix-based models are inadequate for regulating business to business (or B2B, for short) e-commerce due to the diversity, complexity and potential large number of commercial agreements that have to be supported. To deal with these issues, we propose in this paper an agreement-centric access control model. The paper introduces the concept of communication agreement (CAR) as a
Uploads
Papers by Victoria Ungureanu