Michiaki Tatsubori

OpenJava: A Class-Based Macro System for Java

This paper presents OpenJava, which is a macro system that we have developed for Java. With traditional macro systems designed for non object-oriented languages, it is difficult to write a number of macros typical in object-oriented programming since they require the ability to access a logical structure of programs. One of the drawbacks of traditional macro systems is that abstract syntax trees are used for representing source programs. This paper first points out this problem and then shows how OpenJava addresses this problem. A key idea of Open-Java is to use metaobjects, which was originally developed for reflective computing, for representing source programs.

A Bytecode Translator for Distributed Execution of ``Legacy'' Java Software

This paper proposes a system named Addistant, which enables the distributed execution of legacy Java bytecode. Here legacy means the software originally developed to be executed on a single Java virtual machine (JVM). For adapting legacy software to distributed execution on multiple JVM, developers using Addistant have only to specify the host where instances of each class are allocated and how remote references are implemented. According to that specification, Addistant automatically transforms the bytecode at load time. A technical contribution by Addistant is that it covers a number of issues for implementing distributed execution in the real world. In fact, Addistant can adapt a legacy program written with the Swing library so that Swing objects are executed on a local JVM while the rest of objects are on a remote JVM.

Remote pointcut: a language construct for distributed AOP

This paper presents our extension to AspectJ for distributed computing. Although AspectJ allows Java developers to modularize a crosscutting concern as an aspect, this paper shows that some crosscutting concerns in distributed computing are not modularized in AspectJ as simple aspects. Rather, aspects modularizing such a concern tend to be in code spread over multiple hosts and explicitly communicated across the network. This paper illustrates this fact with an example of testing a distributed program written in AspectJ with Java RMI. To address this complexity caused by network communication, this paper proposes an extension to AspectJ for distributed computing. The language construct that we call remote pointcut enables developers to write a simple aspect to modularize crosscutting concerns distributed on multiple hosts. This paper presents DJcutter, which is our AspectJ-like language supporting remote pointcuts.

Model-driven security based on a Web services security architecture

The emergence of Web services and service-oriented architecture (SOA) makes application development easy. However, since the computing environments on which applications are running are becoming complex, it is harder for users to set up security properly. Considering such complex security environments, this paper describes a tooling framework to generate Web services security configurations using model driven architecture (MDA). According to the MDA concept, users simply add security intentions to an application model, and then detailed security configurations are generated, employing transformations over UML constructs and a security environment model. In order to demonstrate that the framework is practically useful, we also illustrate how to generate configuration files for a commercial product.

A selective, just-in-time aspect weaver

Dynamic AOP (Aspect-Oriented Programming) is receiving growing interests in both the academia and the industry. Since it allows weaving aspects with a program at runtime, it is useful for rapid prototyping and adaptive software. However, the previous implementations of dynamic AOP systems suffered from serious performance penalties. This paper presents our new efficient dynamic AOP system in Java for addressing the underlying problem. This system called Wool is a hybrid of two approaches. When a new aspect is woven in, the programmers can select to reload into the JVM a modified class file in which hooks for executing advice are statically embedded, or they can insert hooks as breakpoints in the JVM. Since the two approaches have different performance characteristics, the programmers can select the best one for each join point. Our experimental result shows, under a certain circumstance, Wool runs dynamic AOP application about 26% faster than a traditional static code translation approach.

Location inference using microblog messages

In order to sense and analyze disaster information from social media, microblogs as sources of social data have recently attracted attention. In this paper, we attempt to discover geolocation information from microblog messages to assess disasters. Since microblog services are more timely compared to other social media, understanding the geolocation information of each microblog message is useful for quickly responding to a sudden disasters. Some microblog services provide a function for adding geolocation information to messages from mobile device equipped with GPS detectors. However, few users use this function, so most messages do not have geolocation information. Therefore, we attempt to discover the location where a message was generated by using its textual content. The proposed method learns associations between a location and its relevant keywords from past messages, and guesses where a new message came from.

Optimizing Web services performance by differential deserialization

Web services technology has emerged as a key infrastructure that enables business entities to interact with each other without any human inventions. In order for the technology to be widely used, especially in any field where a large volume of transactions may be processed, it is highly desirable that the Web services engine should tolerate such environments. In this paper, we present a novel approach for improving Web services performance. We first focus on the fundamental characteristics of the Web services in that the SOAP messages on the wire are mostly generated by machines and have a lot of similarities among the processed messages. By making use of these features and eliminating the redundant processing, we propose a new deserialization mechanism that reuses matching regions from the previously deserialized application objects from earlier messages, and only performs deserialization for a new region that would not be processed before. Through our experiments in this paper, we observed that our approach obtained a 288% performance gain (maximum) by incorporating the differential deserialization into the Axis SOAP engine.

Best-practice patterns and tool support for configuring secure Web services messaging

This paper presents an emerging tool for security configuration of service-oriented architectures with Web Services. Security is a major concern when implementing mission-critical business transactions and such concern motivated the development of Web Services Security (WS-Security). However, the existing tools for configuring the security properties of Web Services give a technology-oriented view, and only assist in choosing the data to encrypt and selecting an encryption algorithm. The users must construct their own mental models of how the security configurations actually relate to business policies. In contrast, the tool described here gives a simplified, business-policy-oriented view. It models the messaging with customers and business partners, lists various threats, and presents best-practice security patterns against the threats. A user can select among variations on the basic patterns according to the business policies, and then apply them to the messaging model through the GUI. The result of the pattern application is described in the Web Services Security Policy Language (WS-Security Policy).

An adaptive, fast, and safe XML parser based on byte sequences memorization

XML (Extensible Markup Language) processing can incur significant runtime overhead in XML-based infrastructural middleware such as Web service application servers. This paper proposes a novel mechanism for efficiently processing similar XML documents. Given a new XML document as a byte sequence, the XML parser proposed in this paper normally avoids syntactic analysis but simply matches the document with previously processed ones, reusing those results. Our parser is adaptive since it partially parses and then remembers XML document fragments that it has not met before. Moreover, it processes safely since its partial parsing correctly checks the well-formedness of documents. Our implementation of the proposed parser complies with the JSR 63 standard of the Java API for XML Processing (JAXP) 1.1 specification. We evaluated Deltarser performance with messages using Google Web services. Comparing to Piccolo (and Apache Xerces), it effectively parses 35% (106%) faster in a server-side use-case scenario, and 73% (126%) faster in a client-side use-case scenario.

Methodology and Tools for End-to-End SOA Security Configurations

The configuration of non-functional requirements, such as security, has become important for SOA applications, but the configuration process has not been discussed comprehensively. In current development processes, the security requirements are not considered in upstream phases and a developer at a downstream phase is responsible for writing the security configuration. However, configuring security requirements properly is quite difficult for developers because the SOA security is cross-domain and all required information is not available in the downstream phase. To resolve this problem, we clarify how to configure security in the SOA application development process, and define the developers roles in each phase. Additionally, supporting technologies to generate security configurations are proposed: Model-Driven Security and Pattern-based Policy Configuration. Our contribution is proposing a methodology for end-to-end security configuration for SOA applications and tools for generating detailed security configurations from the requirements specified in upstream phases model transformations, making it possible to configure security properly without increasing developers workloads.