D. Scott Alexander

The price of safety in an active network

Security is a major challenge for “Active Networking,” as accessible programmability creates numerous opportunities for mischief. The point at which programmability is exposed, e.g., through the loading and execution of code in network elements, must therefore be carefully crafted to ensure security. The SwitchWare active networking research project has studied the architectural implications of various tradeoffs between performance and security. Namespace protection and type safety were achieved with a module loader for active networks, ALIEN, which carefully delineated boundaries for privilege and dynamic updates. ALIEN supports two extensions, the Secure Active Network Environment (SANE), and the Resource Controlled Active Network Environment (RCANE). SANE extends ALIENs node protection model into a distributed setting, and uses a secure bootstrap to guarantee integrity of the namespace protection system. RCANE provides resource isolation between active network node users, including separate heaps and robust time-division multiplexing of the node. The SANE and RCANE systems show that convincing active network security can be achieved. This paper contributes a measurement-based analysis of the costs of such security with an analysis of each system based on both execution traces and end-to-end behavior.

Programming the quantum future

The Quipper language offers a unified general-purpose programming framework for quantum computation.

The Architecture of ALIEN

The ALIEN architecture exposes all node-resident features to modification by a module loader, with the exception of the loader itself. As a structuring principle, ALIEN divides its loadable portions into a privileged loader-initiated Core Switchlet and an unprivileged collection of libraries which use the Core Switchlet and are loaded by it. The loader, Core Switchlet and libraries comprise the network-resident functionality of ALIEN.

The dynamic community of interest and its realization in ZODIAC

The ZODIAC project has been exploring a security first approach to networking based on a new idea, the dynamic community of interest, based on groups of users with a demonstrable need to know. ZODIAC uses the most challenging network setting (the mobile ad hoc network) as a target, since each node must incorporate functions of both hosts and routers. The realization of the DCoI is a work in progress, but initial implementation results have shown that DCoI concepts can be translated into working systems. The current system applies virtual machine containers, extensive use of cryptography and digital signatures, dispersity routing, DHT-based naming, and explicit rate control among other advanced techniques. Putting security to the forefront in the design has led to interesting consequences for naming, authorization, and connection setup. In particular, it has demanded a hierarchical structure for DCoIs that may initially appear somewhat alien to Internet users. Nonetheless, our implementation has illustrated that a highly available network that provides confidentiality and integrity can be constructed and made usable.

Concrete resource analysis of the quantum linear-system algorithm used to compute the electromagnetic scattering cross section of a 2D target

We provide a detailed estimate for the logical resource requirements of the quantum linear-system algorithm (Harrow et al. in Phys Rev Lett 103:150502, 2009) including the recently described elaborations and application to computing the electromagnetic scattering cross section of a metallic target (Clader et al. in Phys Rev Lett 110:250504, 2013). Our resource estimates are based on the standard quantum-circuit model of quantum computation; they comprise circuit width (related to parallelism), circuit depth (total number of steps), the number of qubits and ancilla qubits employed, and the overall number of elementary quantum gate operations as well as more specific gate counts for each elementary fault-tolerant gate from the standard set

Self Adaptive Robust Resource Allocation for Prioritized TCP Flows in Wireless Networks

\{ X, Y, Z, H, S, T, \text{ CNOT } \}

Active network encapsulation protocol (anep)

{X,Y,Z,H,S,T,CNOT}. In order to perform these estimates, we used an approach that combines manual analysis with automated estimates generated via the Quipper quantum programming language and compiler. Our estimates pertain to the explicit example problem size