Charles C. Palmer

An approach to a problem in network design using genetic algorithms

In the work of communications network design there are several recurring themes: maximizing flows, finding circuits, and finding shortest paths or minimal cost spanning trees, among others. Some of these problems appear to be harder than others. For some, effective algorithms exist for solving them, for others, tight bounds are known, and for still others, researchers have few clues towards a good approach. One of these latter, nastier problems arises in the design of communications networks: the Optimal Communication Spanning Tree Problem (OCSTP). First posed by Hu in 1974, this problem has been shown to be in the family of NP-complete problems. So far, a good, general-purpose approximation algorithm for it has proven elusive. This thesis describes the design of a genetic algorithm for finding reliably good solutions to the OCSTP. The genetic algorithm approach was thought to be an appropriate choice since they are computationally simple, provide a powerful parallel search capability, and have the ability to move around in the solution space without a dependence upon structure or locality. As an added benefit, well-designed genetic algorithms adapt very well to changes in the problem definition, without suffering changes to the genetic algorithm itself. This adaptability can be used to provide hints to the designer of a new algorithm to what good solutions look like. It can also be applied in cases when an existing algorithm is faced with a change in the problem parameters and its effectiveness under those changes is not known. The selection of a genetic algorithm approach spawned a prerequisite area of investigation: genetic algorithm researchers have never found a good scheme for efficiently representing and evolving populations of solutions to tree problems. Because of this fact, the design of such a representation became a major part of this research. Trials of the genetic algorithm showed that it reliably produced results comparable to or better than other approaches, such as heuristics and simulated annealing. It adapted extremely well to changes in the problem description ranging from varying traffic requirements to producing solutions to an entirely different tree-related network design problem.

Representing trees in genetic algorithms

We consider the problem of representing trees (undirected, cycle-free graphs) in genetic algorithms. This problem arises, among other places, in the solution of network design problems. After comparing several commonly used representations based on their usefulness in genetic algorithms, we describe a new representation and show it to be superior in almost all respects to the others. In particular, we show that our representation covers the entire space of solutions, produces only viable offspring, and possesses locality, all necessary features for the effective use of a genetic algorithm. We also show that the representation will reliably produce very good, if not optimal, solutions even when the problem definition is changed.<<ETX>>

Security in an autonomic computing environment

System and network security are vital parts of any autonomic computing solution. The ability of a system to react consistently and correctly to situations ranging from benign but unusual events to outright attacks is key to the achievement of the goals of self-protection, self-healing, and self-optimization. Because they are often built around the interconnection of elements from different administrative domains, autonomic systems raise additional security challenges, including the establishment of a trustworthy system identity, automatically handling changes in system configuration and interconnections, and greatly increased configuration complexity. On the other hand, the techniques of autonomic computing offer the promise of making systems more secure, by effectively and automatically enforcing high-level security policies. In this paper, we discuss these and other security and privacy challenges posed by autonomic systems and provide some recommendations for how these challenges may be met.

Technical challenges of network anonymity

The Internet promises an ever-increasing variety of services available anytime, almost anywhere, to anyone of just about any experience level. Thus, in many respects, the virtual world has become a viable alternative to our real world, where we can buy anything from a dishwasher to personal services, or publish any information we choose on a personal web site. With all of the convenience and freely available information that this virtual world provides, it has one major problem: in the real world people can nearly always exert some control over their privacy. If they choose, they can study in absolute solitude or meet with others in private rooms, or they can anonymously buy a magazine. However, on the Internet, users have few controls, if any, over the privacy of their actions. Each communication leaves trails here or there and there is always someone who can follow these trails back to the user. Thus, should we just forget about having privacy in the Internet as others have proclaimed? The one path towards enabling true network privacy is to provide anonymity. Anonymity services can allow users to carry out their activities anonymously and unobservably on the Internet. In this work, we investigate the following technical questions: what is network anonymity, what are the various techniques for reliably achieving anonymity, and what are their associated impacts on network performance and user experience. Our emphasis is on deployable systems for the Internet that provide strong anonymity against a strong attacker model. We present the network anonymity techniques (algorithms) suggested in the past and the ones currently in use, and then we discuss possible anonymity techniques of the future. We present the accepted terminology for discussing anonymity, and the definition and different measures of anonymity. However, throughout our discussions we pay particular attention to the analysis of network performance in the presence of anonymity mechanisms.

Helping You Protect You

Guest editors M. Angela Sasse and Charles C. Palmer speak with security practitioners about what companies are doing to keep customers secure, and what users can do to stay safe.

Guest Editors' Introduction: Managing Organizational Security

In this special issue, we focus on the challenges of managing organizational security, examining some of the nontechnical aspects of security that assure that the technology is chosen, implemented, and used appropriately and well.

Process Control System Security: Bootstrapping a Legacy

Internet connectivity is just one of the concerns that has led to an increased focus on improving cyber security protection in process or industrial control systems. In this special issue, a vendor reviews the concerns and researchers provide recommendations that can lead to improved security.