David Moreland

Packet Pacing in Short Buffer Optical Packet Switched Networks

In the absence of a cost-effective technology for storing optical signals, emerging optical packet switched (OPS) networks are expected to have severely limited buffering capability. This paper investigates the resulting impact on end-to-end loss and throughput, and proposes that the optical edge switches “pace” packets into the OPS core to improve performance without adversely affecting end-to-end delays. In this context, our contributions are three-fold. We first evaluate the impact of short buffers on the performance of real-time and TCP traffic. This helps us identify short-time-scale burstiness as the major contributor to performance degradation, so we propose that the optical edge switches pace the transmission of packets into the OPS core while respecting their delay-constraints. Our second contribution develops algorithms of poly-logarithmic complexity that can perform optimal real-time pacing of high data rate traffic. Lastly, we show via simulations of a realistic network carrying real-time traffic that pacing can significantly reduce losses at the expense of a bounded increase in end-to-end delay. The loss-delay trade-off mechanism provided by pacing can help achieve desired OPS network performance.

Trust extension device: providing mobility and portability of trust in cooperative information systems

One method for establishing a trust relationship between a server and its clients in a co-operative information system is to use a digital certificate. The use of digital certificates bound to a particular machine works well under the assumption that the underlying computing and networking infrastructure is managed by a single enterprise. Furthermore, managed infrastructures are assumed to have a controlled operational environment, including execution of a standard set of applications and operating system. These assumptions are also valid for recent proposals on establishing trust using hardware-supported systems based on a Trusted Computing Module (TPM) cryptographic microcontroller. However, these assumptions do not hold in todays cooperative information systems. Clients are mobile and work using network connections that go beyond the administrative boundaries of the enterprise. In this paper, we propose a novel technology, called Trust Extension Device (TED), which enables mobility and portability of trust in cooperative information systems that works in a heterogeneous environment. The paper provides an overview of the technology by describing its design, a conceptual implementation and its use in an application scenario.

A novel delay-bounded traffic conditioner for optical edge switches

Optical packet switched (OPS) networks provide very limited contention resolution resources such as fibre delay lines (FDLs) and wavelength converters. Effective use of these resources in minimising contention losses within the all-optical core requires conditioning of traffic aggregates by the optical edge switches. Traditional rate-based shapers such as the leaky-bucket fail to provide acceptable delay performance for real-time traffic aggregates: this paper therefore explores novel conditioning mechanisms for OPS networks transporting traffic aggregates with time constraints. Using as a theoretical basis a known off-line optimum smoother for stored video traffic, we develop an on-line variable-rate conditioner that approximates the off-line optimum, and requires O(1) amortised computation per packet arrival, making it amenable to efficient hardware implementation at the high data rates required by optical edge switches. We also demonstrate via simulation of short and long range dependent traffic that our conditioner allows losses in the optical core to be reduced by orders of magnitude at the expense of a bounded and relatively low increase in end-to-end delays. We believe that our conditioner can deliver significant performance benefits when employed at the edge of an all-optical network.

Yet Another Performance Testing Framework

Performance testing is one of the vital activities spanning the whole life cycle of software engineering. While there are a considerable number of performance testing products and open source tools available, they are either too expensive and complicated for small projects, or too specific and simple for diverse performance tests. This paper presents a general-purpose testing framework for both simple and small, and complicated and large-scale performance testing. Our framework proposes an abstraction to facilitate performance testing by separating the application logic from the common performance testing functionalities. This leads to a set of general-purpose data models and components, which form the core of the framework. The framework has been prototyped on both .NET and Java platforms and was used for a number of performance-related projects.

A snapshot of trusted personal devices applicable to transaction processing

In recent years, a clear trend has emerged where businesses need to provide flexible access to its services so as to increase their usage by a much wider cross-section of users operating over public infrastructures but still within a trusted environment. This trusted environment must be established between all participating users and service provider entities before any transactions are carried out. To meet the challenge of enabling mobile users to work within a trusted environment on any untrusted machine, the notion of a trusted personal device (TPD) has emerged. This paper provides a survey giving a snapshot of the growing body of work ongoing in the area of TPDs and the services they support.

A Service-Oriented Architecture to enable virtual storage services: a dynamic collaboration context

A dynamic collaboration, formed by business partners, requires self-contained, secure and reliable storage for sharing data among collaborating participants. As such this paper presents a virtual storage services architecture that utilises a Simple Distributed Storage Interface for virtualisation of different physical storage technologies and capabilities into a pool of logical storage for collaboration data. An e-health case study, with implementation and performance evaluation, shows the storage interface and architecture within the context of a Secure Storage Service, a key management service and a global backup service. The performance evaluation uses various experimental configurations and several commonly used data transport protocols.

Virtual Storage Services for Dynamic Collaborations

Dynamic coalitions formed by business partners who may be competitors but yet still need to co-operate with each other require independent, secure and reliable storage for exchanging and sharing data among its members. This paper presents a virtual storage services architecture that addresses these requirements by abstracting physical storage space in order to provide a pool of logical storage space using virtualisation technique. The abstraction of a variety of physical storage technologies and their capabilities is achieved by designing an XML-based simple distributed storage interface (SDSI). This paper also presents a case study of a secure distributed storage service to demonstrate how our architecture offers secure data storing and sharing for dynamic coalitions. We present a summary of our implementation, a Web Services-based prototype storage system using SDSI, and evaluated its performance against a number of alternative distributed storage technologies and data transport protocols.

Secure and Conditional Resource Coordination for Successful Collaborations

Successful completion of collaborations is necessary for collaborating participants to achieve their prescribed collaboration purposes. In this paper, we address the problem of successful completion of collaborations under a new model, called collaborative resource model. This model is graph-based, allowing participants to describe different ways to contribute and require resources for collaborations and the dependency relations among these resources. Resources in this model are protected by access control policies declared not only by resource providers but also by resource requestors. The requestors policies state how they will redistribute the acquired resources and thus increase the confidence of the providers to share resources. Except access control policies, resources are also constrained by usage conditions to reflect the fact, for instance, that a resource might be available only at some time. Based on this model, we present a coordination mechanism. Successful coordination means that all participants can get the necessary resources to complete their collaborations.