Steven D. Gribble

Cluster-based scalable network services

We identify three fundamental requirements for scalable network services: incremental scalability and overflow growth provisioning, 24x7 availability through fault masking, and cost-effectiveness. We argue that clusters of commodity workstations interconnected by a high-speed SAN are exceptionally well-suited to meeting these challenges for Internet-server workloads, provided the software infrastructure for managing partial failures and administering a large cluster does not have to be reinvented for each new service. To this end, we propose a general, layered architecture for building cluster-based scalable network services that encapsulates the above requirements for reuse, and a service-programming model based on composable workers that perform transformation, aggregation, caching, and customization (TACC) of Internet content. For both performance and implementation simplicity, the architecture and TACC programming model exploit BASE, a weaker-than-ACID data semantics that results from trading consistency for availability and relying on soft state for robustness in failure management. Our architecture can be used as an off the shelf infrastructural platform for creating new network services, allowing authors to focus on the content of the service (by composing TACC building blocks) rather than its implementation. We discuss two real implementations of services based on this architecture: TranSend, a Web distillation proxy deployed to the UC Berkeley dialup IP population, and HotBot, the commercial implementation of the Inktomi search engine. We present detailed measurements of TranSends performance based on substantial client traces, as well as anecdotal evidence from the TranSend and HotBot experience, to support the claims made for the architecture.

Adapting to network and client variability via on-demand dynamic distillation

The explosive growth of the Internet and the proliferation of smart cellular phones and handheld wireless devices is widening an already large gap between Internet clients. Clients vary in their hardware resources, software sophistication, and quality of connectivity, yet server support for client variation ranges from relatively poor to none at all. In this paper we introduce some design principles that we believe are fundamental to providing meaningful Internet access for the entire range of clients. In particular, we show how to perform on-demand datatype-specific lossy compression on semantically typed data, tailoring content to the specific constraints of the client. We instantiate our design principles in a proxy architecture that further exploits typed data to enable application-level management of scarce network resources. Our proxy architecture generalizes previous work addressing all three aspects of client variation by applying well-understood techniques in a novel way, resulting in quantitatively better end-to-end performance, higher quality display output, and new capabilities for low-end clients.

Adapting to network and client variation using infrastructural proxies: lessons and perspectives

Todays Internet clients vary widely with respect to both hardware and software properties: screen size, color depth, effective bandwidth, processing power, and the ability to handle different data formats. The order-of-magnitude span of this variation is too large to hide at the network level, making application-level techniques necessary. We show that on-the-fly adaptation by transformational proxies is a widely applicable, cost-effective, and flexible technique for addressing all these types of variations. To support this claim, we describe our experience with data-type-specific distillation (lossy compression) in a variety of applications. We also argue that placing adaptation machinery in the network infrastructure, rather than inserting it into end servers, enables incremental deployment and amortization of operating costs. To this end, we describe a programming model for large-scale interactive Internet services and a scalable cluster-based framework that has been in production use at UC Berkeley since April 1997. We present a detailed examination of TranSend, a scalable transformational Web proxy deployed on our cluster framework, and give descriptions of several handheld-device applications that demonstrate the wide applicability of the proxy-adaptation philosophy.

A network architecture for heterogeneous mobile computing

This article summarizes the results of the BARWAN project, which focused on enabling truly useful mobile networking across an extremely wide variety of real-world networks and mobile devices. We present the overall architecture, summarize key results, and discuss four broad lessons learned along the way. The architecture enables seamless roaming in a single logical overlay network composed of many heterogeneous (mostly wireless) physical networks, and provides significantly better TCP performance for these networks. It also provides complex scalable and highly available services to enable powerful capabilities across a very wide range of mobile devices, and mechanisms for automated discovery and configuration of localized services. Four broad themes arose from the project: (1) the power of dynamic adaptation as a generic solution to heterogeneity, (2) the importance of cross-layer information, such as the exploitation of TCP semantics in the link layer, (3) the use of agents in the infrastructure to enable new abilities and to hide new problems from legacy servers and protocol stacks, and (4) the importance of soft state for such agents for simplicity, ease of fault recovery, and scalability.

Security on the move: indirect authentication using Kerberos

Even as mobile computing and network computing are gaining momentum, Internet security is sharing the spotlight. Security and authentication on open networks is difficult even without the additional risks posed by wireless media. At the same time, the hardware and software constraints imposed by “small” mobile devices such as PDA’s and smart phones are leading to the pervasive use of application-level proxies to mediate between clients and servers. To date, less attention has been focused specifically on securing the connection between the client and an application-level proxy, independently of any particular service. We describe how to provide secure access to application-level proxied services using an indirect protocol called Charon, which leverages the strong protocol and deployed infrastructure of Kerberos IV. Charon partitions the Kerberos client functionality into a very simple client module that does little more than DES encryption, and a Unix-hosted unprivileged proxy module that runs the remainder of the Kerberos client protocol and can interoperate with other proxy code that provides application-level proxy services. The client module is extremely lightweight and amenable to implementation even on the most modest PDA-class devices. The proxy is trusted as much as any other Kerberized service, but it never learns the user’s Kerberos password or ticketgranting service session key. As a result of this partitioning, clients can continue to enjoy the benefits of proxy-mediated access in a secure way, in addition to gaining secure access to and interoperability with existing Kerberized services.

The Bay Area Research Wireless Access Network (BARWAN)

Wireless data services have thus far been more promising than successful. We believe that future mobile information systems must be built upon heterogeneous wireless overlay networks, extending traditional wired and internetworked processing islands to mobile hosts over coverage areas ranging from in-room, in-building, campus, metropolitan, and wide-areas. In this paper, we describe a new wireless data networking architecture that integrates diverse wireless technologies into a seamless internetwork. It is being implemented in the BARWAN testbed in the San Francisco Bay Area.

Self-similarity in file systems

We demonstrate that high-level file system events exhibit self-similar behaviour, but only for short-term time scales of approximately under a day. We do so through the analysis of four sets of traces that span time scales of milliseconds through months, and that differ in the trace collection method, the filesystems being traced, and the chronological times of the tracing. Two sets of detailed, short-term file system trace data are analyzed; both are shown to have self-similar like behaviour, with consistent Hurst parameters (a measure of self-similarity) for all file system traffic as well as individual classes of file system events. Long-term file system trace data is then analyzed, and we discover that the traces high variability and self-similar behaviour does not persist across time scales of days, weeks, and months. Using the short-term trace data, we show that sources of file system traffic exhibit ON/OFF source behaviour, which is characterized by highly variably lengthed bursts of activity, followed by similarly variably lengthed periods of inactivity. This ON/OFF behaviour is used to motivate a simple technique for synthesizing a stream of events that exhibit the same self-similar short-term behaviour as was observed in the file system traces.

Experience with Top Gun Wingman: a proxy-based graphical web browser for the 3Com PalmPilot

After an inauspicious debut, communication-enabled personal digital assistants (or PDAs) and handheld PCs are being rediscovered as mobile information access terminals. In response, developers have attempted to bring complex applications such as Web browsers to such devices. However, the limited resources available on thin client platforms make them unsuitable for hosting such applications. In this paper, we advocate moving application complexity from thin clients to an adaptive middleware proxy (AMWP), an infrastructural application server platform designed to support large populations and diverse applications. We describe one such application, Top Gun Wingman, a graphical, split Web browser for the Palm Pilot PDA that is currently in use by more than 11,000 users around the world. Our discussion focuses on the design philosophy, implementation, performance, and lessons learned from our experience with the Wingman client and the middleware proxy that supports it.

Give and take: children collaborating on one computer

When two children work together on one computer, it is necessary for them to share the input devices. This study examines the effects of having multiple mice with two different control passing protocols: Give and Take. The results suggest that having two mice instead of a single mouse affects the performance of a pair of children playing on a shared computer. This result was gender dependent in that girls solved the most puzzles in the Give condition while boys solved the most puzzles in the Take condition. Moreover, boys in the Take condition exhibited a larger number of exchanges of control than all other experimental conditions.

Orthogonal extensions to the WWW user interface using client-side technologies

1 The World-Wide Web as a Universal User Interface Our work is motivated by three trends. First, the ubiquitous migration of services to the World Wide Web is due in part to its simple, consistent, and now universal user interface: navigation by following links and filling out HTML forms are interactions familiar to even novice Internet users. Second, client-side extension technologies such as Java and JavaScript allow sites to extend and “personalize” the behaviors and interfaces of their services, with portable user-interface elements that integrate transparently into the browser’s existing interface. Finally, there has been a recent surge of interest in proxymediated access to the Web, in which proxy agents in the network infrastructure provide caching [ 11, anonymize user requests [2], or accelerate Web access via datatype-specific lossy compression [3,4,5]. Recent results show that these services can be built scalably and cost-effectively, and can shield the user from the limitations of their Internet connections or client platforms. Not surprisingly, the services have become increasingly powerful and therefore parameterizable and customizable by each user, resulting in increased attention on the design and implementation of the user interface by which the service can be controlled [S]