Douglas S. Kerr

Performance Evaluation of a Database System in Multiple Backend Configurations

The aim of this performance evaluation is twofold: (1) to devise benchmarking strategies for and apply benchmarking methodologies to the measurement of a prototyped database system in multiple backend configurations, and (2) to verify the performance claims as projected or predicted by the designer and implementor of the mufti-backend database system known as MBDS.

A microprogrammed keyword transformation unit for a database computer

The design of a microprogrammable microprocessor-based keyword transformation unit for a database computer(DBC) is described. The DBC, a specialized back-end computer capable of managing 109 - 1010 bytes of data, consists of two loops of memories and processors, the structure loop and the data loop, connected through a database command and control processor (DBCCP). The structure loop is used to retrieve and update the large amount (107 - 109 bytes) of structural information about the database from a structure memory (SM) at a rate commensurate with the database operations performed on the mass memory of the data loop. A keyword transformation unit (KXU) is therefore required to enhance the performance of the structure memory. The KXU encodes variable-length keywords into a fixed-length form by hashing. By managing a library of carefully designed hashing algorithms and by dynamically loading the algorithms in a writable control store for execution, the KXU allows the efficient storage of keywords and their associated information and minimizes subsequent accesses to the SM.

Performance measurement methodologies for database systems

In this paper we present performance measurement methodologies for database systems. The methodologies are used to instrument a database system for t,esting and measurement. There are two types of testing and measurements. External performance measurement is used to test the database system from a macroscopic point of view. Thus, in the external performance measurement methodology we investigate how the database system can be instrumented for measuring the response times of various requests (or transactions) on different databases. Internal performance measurement is used to test the database system from a microscopic point of view. Thus, in the internal performance measurement methodology we investigate how the database system can be instrumented to provide timing data that represents the time spent in the various components of the database system. In both methodologies, we focus primarily on the instrumentation issues involved such as the placement of checkpoints within the database syst,em to collect timing data. We also examine the software tools that can be used to aid in the measurement of a database system. Finally, we show how these two methodologies can be used together to receive overhead-free test dat,a and can be applied to an experimental multi-backend database system, known as MBDS.

Database Access Control in the Presence of Context Dependent Protection Requirements

Data items in a database are semantically related. Thus, the access control mechanism of a database system must be concerned with the possibility that access to one item may violate a denied access to another item. This study concentrates on two basic semantic relations for protection requirements. By utilizing a graph-theoretic approach, some of the fundamental properties of the protection relations can be readily identified. These properties can then be used as a basis for understanding more general context dependent protection requirements. Two fundamental properties of the two protection relations are found. The first property addresses the question: given a database with a set of protection relations, is it possible to find a maximal subset of the database such that access to one item of the subset will not lead to any violation of a denied access to another item? The second property addresses the question: given a database with a set of protection relations, is it possible to find a sequence of accesses such that the protection requirement is enforced with no violation?

Development of a multifacetted undergraduate program in Computer and Information Science

Computer and Information Science Departments are usually organized, as was the one at The Ohio State University, by combining already existing courses in computer programming and applications from other departments into one department and adding a few extra courses. This paper is a report concerning how this was done at Ohio State and how the Department has developed since. Suggestions are also included for the organization of new departments at other schools. The report has been arranged in four main sections: a description of the development of the department at Ohio State, a unifying philosophy of the field, a description of the Ohio State undergraduate curriculum in Computer and Information Science, and suggestions for new curricula at other schools.

The bachelor's and master's computer science graduate

This paper deals with a survey of the bachelors and masters degree graduates from the Department of Computer and Information Science at The Ohio State University conducted during 1975. The purpose of the survey was (1) to determine what positions the graduates held, (2) to determine how effective the curricula had been, (3) to obtain an evaluation of these curricula, (4) to determine possible improvements, and (5) to see if there were distinctions between bachelors and masters degree recipients. Some of the results about the bachelors degree graduates have already been reported in Kalmey [74]. As of August 1974, the Department had conferred about 600 Bachelors, 280 Masters and 17 Ph.D. degrees.

Programming and algorithms II: A second course in computer science

Ohio States school year is divided into four quarters, each ten weeks long. It is possible to schedule classes to meet three, four, or five hours per week. (The latter with 50 class meetings is similar to a three semester hour course.) Most students attend classes for three of the four quarters. Because the amount of material covered in a programming class is proportional to the number and quality of programs completed, we have chosen a two quarter sequence, each course meeting three days a week. The students receive four quarter hours credit (one hour of laboratory credit) for each course. The students in this sequence are mostly computer and information science majors, but there are also many mathematics and some science and engineering majors. There are other courses for administrative science, engineering and other non-technical students. All the introductory courses are taught by graduate students under the supervision of a faculty member.

PRIVACY AND ITS TECHNICAL IMPLICATIONS ON SECURITY

The increased use of computers by government agencies and private organizations has prompted recent concern with the invasion of privacy. A large amount of information is being collected and disseminated without, always, the necessary concern for its relevance or reliability. Thus, there is an effort to control this situation. A definition of the right to privacy has been given in the 1973 HEWs report as follows: “the right of individuals to participate in decisions regarding the collection, use, and disclosure of information personally identifiable to that individual.” It is important to note that the individual does not have the sole right to determine the collection, use, and disclosure of the information.

OPERATING SYSTEM SECURITY

An operating system is part of a large amount of software that runs on a computer system. Thus, the issues of operating system security are a part of the software security issues. Because the operating system manages and controls the computer hardware resources whereas the other software (e.g., application programs) merely makes requests for resources, the issues involved in the operating system are more critical and far-reaching. Therefore, solutions to operating system security will not only be timely and welcomed but will also lead to more general solutions of software security. To properly identify the user, to process program requests, and to supervise the granting and the denying process, the operating system relies on surveillance. The surveillance is carried out in two areas: At the time of user identification, known as Jogging; and at the moment of granting or denying the request, threat monitoring.

Operating system security a tutorial of current research

This tutorial is extracted from the recently completed monograph, Computer Security: Its Problems and Solutions [3], and is intended as a technical review of research in the areas of operating system security. Furthermore, it is intended to provide some assessment and evaluation of the work reviewed. Some projections and speculations of future activities in operating system research are also included. Because the tutorial is written for technical people who are not directly conducting such research, we have tried to present the review in an illustrative manner with intuitive and informal definitions of the necessary technology. The tutorial expounds the notion of surveillance in terms of logging and threat monitoring. It conceptualizes the problems and solutions of access control. To achieve security, the operating system relies on isolation. The tutorial points out the trade-off between security and cost of isolation. Furthermore, it illustrates two impor tant isolation methods. In order to provide security, the operating system must be designed and implemented as a secure system. The use of verification techniques for proving the correctness of secure operating system design and implementation is examined. When the operating system is large and the security requirements are elaborate, it may be necessary to concentrate the secure elements in a kernel. The notion of secure kernel is therefore examined. Other methods such as penetration tests are also examined An up-to-date bibliography since 1974 is included. To allow the readers to have a coherent coverage of various topics of operating system security, we have endeavored to give our personal views of various subject matters. We would like the reader to bear with us in the expression of these views.