Paolo A. G. Sivilotti

Using parse tree validation to prevent SQL injection attacks

An SQL injection attack targets interactive web applications that employ database services. Such applications accept user input, such as form fields, and then include this input in database requests, typically SQL statements. In SQL injection, the attacker provides user input that results in a different database request than was intended by the application programmer. That is, the interpretation of the user input as part of a larger SQL statement, results in an SQL statement of a different form than originally intended. We describe a technique to prevent this kind of manipulation and hence eliminate SQL injection vulnerabilities. The technique is based on comparing, at run time, the parse tree of the SQL statement before inclusion of user input with that resulting after inclusion of input. Our solution is efficient, adding about 3 ms overhead to database query costs. In addition, it is easily adopted by application programmers, having the same syntactic structure as current popular record set retrieval methods. For empirical analysis, we provide a case study of our solution in J2EE. We implement our solution in a simple static Java class, and show its effectiveness and scalability.

A world-wide distributed system using Java and the Internet

This paper describes the design of a distributed system built using Java that supports peer-to-peer communication among processes spread across a network. We identify the requirements of a software layer that supports distributed computing, and we propose a design that meets those requirements. Our primary concerns are (I) the identification, specification, and implementation of software components that can be composed in different ways to develop correct distributed applications; (2) reasoning about the components systematically; and (3) providing services to the components. This paper deals with the last of these concerns. Though our implementation uses Java, the fundamental ideas apply to any object-oriented language that supports messaging and threads. Alternative implementations use such languages coupled with object request brokers or remote procedure invocation mechanisms.

Scratching the surface of advanced topics in software engineering: a workshop module for middle school students

A common approach for introducing computer science to middle school students is to teach them a simple yet engaging programming language A different approach is to teach them some advanced topic independent of any particular language or syntax We describe a 3-hour workshop module designed to do both This module has been piloted with a group of thirty 8th grade girls. It uses the Scratch programming language to develop the advanced software engineering concepts of specifications, refinement, and composition After this module, students were enthusiastic about continuing to program in Scratch independently and also felt they learned something about computer science as a discipline.

Dining philosophers with crash locality 1

Ideally, distributed algorithms isolate the side-effects of faults within local neighborhoods of impact. Failure locality quantifies this concept as the maximum radius of impact caused by a given fault. We present new locality results for the dining philosophers problem subject to crash failures. The optimal crash locality for dining is 0 in synchronous networks, but degrades to 2 in asynchronous networks. Using the eventually-perfect failure detector /spl diams/P , we construct the first known dining algorithms with crash locality 1 under partial synchrony. These algorithms close the failure-locality complexity gap and improve the crash tolerance of resource allocation algorithms in practical networks. We prove the optimality of our results with two fundamental theorems. First, no dining solution using /spl diams/P achieves locality 0. Second, /spl diams/P is the weakest failure detector in the Chandra-Toueg hierarchy to realize locality 1.

The suitability of kinesthetic learning activities for teaching distributed algorithms

Kinesthetic learning is a process in which students learn by actively carrying out physical activities rather than by passively listening to lectures. Pedagogical research indicates that kinesthetic learning is a fundamental, powerful, and ubiquitous learning style. To date, efforts to incorporate this learning style within the computer science curriculum have focussed on introductory courses. Material in upper-level courses, however, can also benefit from a similar approach. In particular, courses on distributed computing, by the very nature of the material they cover, are uniquely suited to exploiting this learning technique. We have developed and piloted a collection of kinesthetic activities for a senior undergraduate or graduate-level course on distributed systems. We give detailed descriptions of these exercises and discuss factors that contribute to their success.

Introducing middle school girls to fault tolerant computing

During summer 2002, we ran a workshop module for a group of 28 eighth-grade girls. Our aim was ambitious: to introduce these students, ages 12 and 13, to computer science by focussing on the deep intellectual topic of self-stabilizing distributed algorithms and by imparting an intuitive appreciation for their use in fault tolerance. At the same time, we hoped to dispel some negative stereotypes of computer science. The module was a success according to evaluations and comments from the participants. This paper describes the sequence of exercises we developed as an elementary-level introduction to the graduate-level topics of fault tolerance and self-stabilization. We report them with the hope that others will try them in college classrooms, as we plan to do.

A collection of kinesthetic learning activities for a course on distributed computing: ACM SIGACT news distributed computing column 26

Kinesthetic learning is a process where students learn by actively carrying out physical activities rather than by passively listening to lectures. Pedagogical research has indicated that kinesthetic learning is a fundamental, powerful, and ubiquitous learning style. It resonates with many students across all disciplines and levels of education. The adoption of kinesthetic approaches in college classrooms, however, has been hampered by the difficulty of designing effective activities, as well as the perceived challenges of coordinating these activities. On the other hand, courses on distributed computing, by the very nature of the material they cover, are uniquely suited to exploiting this learning technique. We have developed and piloted a collection of kinesthetic activities for a senior undergraduate or graduate-level course on distributed systems. We give detailed descriptions of these exercises and discuss factors that contribute to their success (or failure). Our hope is that others will adopt these particular activities in their own distributed systems courses as well as use these examples as a pattern for developing new activities.

A distributed maximal scheduler for strong fairness

Weak fairness guarantees that continuously enabled actions are executed infinitely often. Strong fairness, on the other hand, guarantees that actions that are enabled infinitely often (but not necessarily continuously) are executed infinitely often. In this paper, we present a distributed algorithm for scheduling actions for execution. Assuming weak fairness for the execution of this algorithm, the schedule it provides is strongly fair. Furthermore, this algorithm is maximal in that it is capable of generating any strongly fair schedule. This algorithm is the first strongly-fair scheduling algorithm that is both distributed and maximal.

Increasing client-side confidence in remote component implementations

When a client makes use of a remote component, it does not have direct access to the remote components implementation or state information. By observing the components interactions with its environment, however, the client can determine whether the components behavior conforms to its promised specification. We present a distributedinfrastructure with which a client can make these observations and thereby increase its confidence in the correctness of the remote component. This infrastructure supports temporal specifications of distributed components with autonomous threads of control. It also supports multiple levels of confidence, with commensurate performance costs. As a proof-of-concept for this design, we have implemented a prototype in Java for distributed systems built using CORBA.

Interfaces first (and foremost) with Java

Abstraction is a critical concept that underlies many topics in computing science. For example, in software engineering, the distinction between a components behavior and its implementation is fundamental. Java provides two constructs that correspond to precisely this distinction: A Java interface is a clients abstract view of a components behavior, while a class is a concrete implementation of that same component. We have developed a course that introduces Java while following a discipline of diligently decomposing every component into these two separate linguistic elements. In this course, interfaces are given the same prominence as classes since both are needed for a complete component. This approach is helpful to students by providing: (i) a clear manifestation of the role of abstraction in software systems, and (ii) a framework that naturally motivates many good coding practices adopted by professional programmers.