Andreas Gampe

Facilitating Remote Laboratory Deployments Using a Relay Gateway Server Architecture

Hands-on experiments prepare students to deal with real-world problems and help to efficiently digest theoretical concepts and relate those to practical tasks. However, shortage of equipment, high costs, and the lack of human resources for laboratory maintenance and assistance decrease the implementation capacity of the hands-on training laboratories. At the same time, the Internet has become a common networking medium and is increasingly used to enhance education and training. In addition, experimental equipment at many sites is typically underutilized. Thus, remote laboratories accessible through the Internet can resolve cost and access constraints as they can be used at flexible times and from various locations. While many solutions have been proposed so far, this paper addresses an important issue of facilitating remote lab deployments by providing remote connectivity services to lab providers using a Relay Gateway Server architecture. A proof-of-concept solution is described which also includes other previously reported useful features. The system has been tested in engineering labs and student assessment is provided.

Privacy promises that can be kept: a policy analysis method with application to the HIPAA privacy rule

Organizations collect personal information from individuals to carry out their business functions. Federal privacy regulations, such as the Health Insurance Portability and Accountability Act (HIPAA), mandate how this collected information can be shared by the organizations. It is thus incumbent upon the organizations to have means to check compliance with the applicable regulations. Prior work by Barth et. al. introduces two notions of compliance, weak compliance (WC) and strong compliance (SC). WC ensures that present requirements of the policy can be met whereas SC also ensures obligations can be met. An action is compliant with a privacy policy if it is both weakly and strongly compliant. However, their definitions of compliance are restricted to only propositional linear temporal logic (pLTL), which cannot feasibly specify HIPAA. To this end, we present a policy specification language based on a restricted subset of first order temporal logic (FOTL) which can capture the privacy requirements of HIPAA. We then formally specify WC and SC for policies of our form. We prove that checking WC is feasible whereas checking SC is undecidable. We then formally specify the property WC entails SC, denoted by Δ, which requires that each weakly compliant action is also strongly compliant. To check whether an action is compliant with such a policy, it is sufficient to only check whether the action is weakly compliant with that policy. We also prove that when a policy ℘ has the Δ-property, the present requirements of the policy reduce to the safety requirements imposed by ℘. We then develop a sound, semi-automated technique for checking whether practical policies have the Δ-property. We finally use HIPAA as a case study to demonstrate the efficacy of our policy analysis technique.

An Assessment of Remote Laboratory Experiments in Radio Communication

Todays electrical and computer engineering graduates need marketable skills to work with electronic devices. Hands-on experiments prepare students to deal with real-world problems and help them to comprehend theoretical concepts and relate these to practical tasks. However, shortage of equipment, high costs, and a lack of human resources for laboratory maintenance and assistance decrease the implementation capacity of hands-on training laboratories. At the same time, the Internet has become a common networking medium and is increasingly used to enhance education. In addition, at many sites, existing experimental systems are typically underutilized. These cost and efficient exploitation constraints can be resolved by the use of remote laboratories accessible through the Internet that can be shared and used at flexible times and from various locations. This paper is a description of a systematic assessment effort of the efficiency of remote laboratories in radio communication. The labs are offered to graduate and undergraduate students, and hands-on and remote experiences are compared. A dedicated remote experimentation system, eComLab, was developed to support the effort.

A Verifiable, Control Flow Aware Constraint Analyzer for Bounds Check Elimination

The Java platform requires that out-of-bounds array accesses produce runtime exceptions. In general, this requires a dynamic bounds check each time an array element is accessed. However, if it can be proven that the array index is within the bounds of the array, the check can be eliminated. We present a new algorithm based on extended Static Single Assignment (eSSA) form that builds a constraint system representing control flow qualified, linear constraints among program variables derived from program statements. Our system then derives relationships among variables, and provides a verifiable proof of its conclusions. This proof can be verified by a runtime system to minimize the analysiss performance impact. Our system simultaneously considers both control flow and data flow when analyzing the constraint system, handles general linear inequalities instead of simple difference constraints, and provides verifiable proofs for its claims. We present experimental results demonstrating that this method eliminates more bounds checks, and when combined with runtime verification, results in a lower runtime cost than prior work. Our algorithm improves benchmark performance by up to nearly 10% over the baseline SafeTSA system.

Speculative improvements to verifiable bounds check elimination

As a safety measure, the Java programming language requires bounds checking of array accesses. This usually translates to dynamic checks each time an array element is accessed. Static analysis can help eliminate some of those checks by proving them to be redundant, reducing the runtime overhead. Compilation of Java programs is usually method-based, and dynamic dispatch complicates interprocedural analysis. The result is a severely restricted static analysis. This paper presents a novel combination of two techniques to alleviate this problem. By assuming constraints that cannot safely be inferred from the program, the amount of provable safe bounds can be greatly extended. These constraints, called speculations, can be derived automatically from the program code by an analyzer, which assumes that there will be no violation of the array bounds. To ensure that the speculations hold at runtime, additional checks have to be injected into the code. Finding good speculations that benefit the runtime performance can be expensive. This paper shows that the speculation technique can be combined with a verifiable annotation framework, allowing most of the work to be shifted to compile-time. Experimental results show that this combination of techniques increases the number of eliminated bounds checks and can result in speedups that approach unconditional bounds check removal.

Safe, multiphase bounds check elimination in Java

As part of its type‐safety regime, Javas semantics require precise exceptions at runtime when programs attempt out‐of‐bound array accesses. This paper describes a Java implementation that utilizes a multiphase approach to identifying safe array accesses. This approach reduces runtime overhead by spreading the out‐of‐bounds checking effort across multiple phases of compilation and execution: production of mobile code from source code, just‐in‐time (JIT) compilation in the virtual machine, application method invocations, and the execution of individual array accesses. The code producer uses multiple passes (including common subexpression elimination, load elimination, induction variable substitution, speculation of dynamically verified invariants, and inequality constraint analysis) to identify unnecessary bounds checks and prove their redundancy. During class‐loading and JIT compilation, the virtual machine verifies the proofs, inserts code to dynamically validate speculated invariants, and generates code specialized under the assumption that the speculated invariants hold. During each runtime method invocation, the method parameters and other inputs are checked against the speculated invariants, and execution reverts to unoptimized code if the speculated invariants do not hold. The combined effect of the multiple phases is to shift the effort associated with bounds‐checking array access to phases that are executed earlier and less frequently, thus, reducing runtime overhead. Experimental results show that this approach is able to eliminate more bounds checks than prior approaches with minimal overhead during JIT compilation. These results also show the contribution of each of the passes to the overall elimination. Furthermore, this approach increased the speed at which the benchmarks executed by up to 16%. Copyright

The privacy in the time of the internet: secrecy vs transparency

In the current time of the Internet, specifically with the emergence of social networking, people are sharing both sensitive and non-sensitive information among each other without understanding its consequences. Federal regulations exist to mandate how sensitive information (e.g., SSN, health records, etc.) of a person can be shared (or, used) by organizations. However, there are no established norms or practices regarding how information that is deemed to be not sensitive may be used or shared. Furthermore, for the sake of transparency, different organizations reveal small amounts of non-sensitive information (i.e., photos, salaries, work hours, size of the houses, etc.) about their clients or employees. Although such information seems insignificant, the aggregation of it can be used to create a partial profile of a person which can later be used by malicious parties for robbery, extortion, kidnapping, etc. The goal of this work is to create awareness by demonstrating that it is plausible to create such a partial profile of a person just by crawling the Internet. For this, we have developed an open source framework that generates batch crawlers to create partial profiles of individuals. We also show empirical comparisons of the amount of information that can be gathered by using free and also paid websites.

Efficient incremental information flow control with nested control regions

Mobile application platforms like cell phones are ubiquitous today. Even on limited devices, users expect well-performing applications that also respect the privacy of the users stored data, such as messages, addresses and calendar items. Existing techniques, however, do not provide an adequate solution: Dynamic algorithms incur a significant space and time overhead. Static approaches help a developer in creating secure programs, but previous work requires a whole-program verification. This paper proposes a novel intermediate representation that is designed to be easily analyzed and verified by clients as well as support incremental verification. The IR can be verified with a single-pass, linear time algorithm. The resulting reduction of memory requirements is particularly important for limited mobile devices. Metadata, including security properties, can be reliably transmitted through annotatable type systems, as demonstrated by the adoption of a practical security-enhanced programming language as an input for our intermediate representation. A simplified imperative language with incremental loading is formally proved safe as a foundation for the practical implementation.