Swaminathan Sivasubramanian

Replication for web hosting systems

Replication is a well-known technique to improve the accessibility of Web sites. It generally offers reduced client latencies and increases a sites availability. However, applying replication techniques is not trivial, and various Content Delivery Networks (CDNs) have been created to facilitate replication for digital content providers. The success of these CDNs has triggered further research efforts into developing advanced <i>Web replica hosting systems</i>. These are systems that host the documents of a website and manage replication automatically. To identify the key issues in designing a wide-area replica hosting system, we present an architectural framework. The framework assists in characterizing different systems in a systematic manner. We categorize different research efforts and review their relative merits and demerits. As an important side-effect, this review and characterization shows that there a number of interesting research questions that have not received much attention yet, but which deserve exploration by the research community.

XACML Policy Integration Algorithms

XACML is the OASIS standard language specifically aimed at the specification of authorization policies. While XACML fits well with the security requirements of a single enterprise (even if large and composed by multiple departments), it does not address the requirements of virtual enterprises in which several autonomous subjects collaborate by sharing their resources to provide better services to customers. In this article we highlight such limitation, and we propose an XACML extension, the policy integration algorithms, to address them. In the article we also present the implementation of a system that makes use of the policy integration algorithms to securely replicate information in a P2P-like environment. In our solution, the data replication process considers the policies specified by both the owners of the data shared and the peers sharing data storage.

GlobeDB: autonomic data replication for web applications

We present GlobeDB, a system for hosting Web applications that performs autonomic replication of application data. GlobeDB offers data-intensive Web applications the benefits of low access latencies and reduced update traffic. The major distinction in our system compared to existing edge computing infrastructures is that the process of distribution and replication of application data is handled by the system automatically with very little manual administration. We show that significant performance gains can be obtained this way. Performance evaluations with the TPC-W benchmark over an emulated wide-area network show that GlobeDB reduces latencies by a factor of 4 compared to non-replicated systems and reduces update traffic by a factor of 6 compared to fully replicated systems.

XACML policy integration algorithms: not to be confused with XACML policy combination algorithms!

XACML is the OASIS standard language for the specification of authorization and entitlement policies. However, while XACML well addresses security requirements of a single enterprise (even if large and composed by multiple departments), it does not address the requirements of virtual enterprises built through collaboration of several autonomous subjects sharing their resources. In this paper we highlight such limitations and we propose an XACML extension, the policy integration algorithm, to address them. In the paper we also discuss in which respect the process of comparing two XACML policies differs from the process used to compare other business rules.

Amazon dynamoDB: a seamlessly scalable non-relational database service

Reliability and scalability of an application is dependent on how its application state is managed. To run applications at massive scale requires one to operate datastores that can scale to operate seamlessly across thousands of servers and can deal with various failure modes such as server failures, datacenter failures and network partitions. The goal of Amazon DynamoDB is to eliminate this complexity and operational overhead for our customers by offering a seamlessly scalable database service. In this talk, I will talk about how developers can build applications on DynamoDB without having to deal with the complexity of operating a large scale database.

P-Hera: scalable fine-grained access control for P2P infrastructures

In this paper, we present P-Hera, a peer-to-peer (P2P) infrastructure for scalable and secure content hosting. P-Hera allows the users and content owners to dynamically establish trust using fine-grained access control. In P-Hera, resource owners can specify fine-grained restrictions on who can access their resources and which user can access which part of data. We differentiate our work with traditional works of fine-grained access control on Web services, as our system in addition to handling access constraints of the service provider (which is the case in Web services), it also handles security constraints regarding actions performed on data: replication and modification. We believe this is of immense significance for wide-range of applications such as data grids, information grids and Web content delivery networks. In addition to presenting the overall system architecture, we also study the problem of evaluating these fine-grained access policies in depth and propose a novel means of organizing these policies that can result in faster evaluation. We demonstrate the effectiveness of our approach using prototype implementation.

A case for dynamic selection of replication and caching strategies

Replication and caching strategies are being used to reduce user perceived delay and wide area network traffic. Numerous such strategies have been proposed to manage replication while maintaining consistency among the replicas. In earlier research, we demonstrated that no single strategy can perform optimal for all documents, and proposed a system where strategies are selected on a per-document basis using trace-driven simulation techniques. In this paper, we demonstrate the need for continuous dynamic adaptation of strategies using experiments conducted on our department Web traces. We also propose two heuristics, Simple and Transition, to perform this dynamic adaptation with reduced simulation cost. In our experiments, we find that Transition heuristic reduces simulation cost by an order of magnitude while maintaining high accuracy in optimal strategy selection.

Harmony: a desktop grid for delivering enterprise computations

We describe Harmony-a grid infrastructure built using personal computer resources. Harmony addresses the key concerns of end users for responsiveness, privacy and protection by isolating the grid computation in a virtual machine on the PC. Harmony also addresses the key concerns of enterprise IT by automating the configuration and deployment of grid services and by automating the workload management so as to meet quality of service goals. Harmonys layered resource management architecture diverts grid workload to currently under utilized desktop resources. Harmony is designed to handle transactional workload-a key characteristic of commercial applications. Our implementation is Web services-based, so the programming model of Harmony is compatible with and familiar to enterprise developers. We believe that Harmony demonstrates practical exploitation of a hitherto underutilized resource of considerable capability, with the potential to complement, or even in some cases replace, dedicated server-based resources.

Globetp: template-based database replication for scalable web applications

Generic database replication algorithms do not scale linearly in throughput as all update, deletion and insertion (UDI) queries must be applied to every database replica. The throughput is therefore limited to the point where the number of UDI queries alone is sufficient to overload one server. In such scenarios, partial replication of a database can help, as UDI queries are executed only by a subset of all servers. In this paper we propose GlobeTP, a system that employs partial replication to improve database throughput. GlobeTP exploits the fact that a Web applications query workload is composed of a small set of read and write templates. Using knowledge of these templates and their respective execution costs, GlobeTP provides database table placements that produce significant improvements in database throughput. We demonstrate the efficiency of this technique using two different industry standard benchmarks. In our experiments, GlobeTP increases the throughput by 57% to 150% compared to full replication, while using identical hardware configuration. Furthermore, adding a single query cache improves the throughput by another 30% to 60%.

Adaptive resource sharing in a web services environment

One effect of the push towards business process automation and IT consolidation is that low-level resources from multiple administrative domains are shared among multiple workloads and the middleware is called upon to bring about the integration while masking the details of sharing such resources. Web services and grid based technologies hold promise for developing such middleware. However, existing solutions do not extend well when resources to be shared belong to multiple administrative domains and when resource sharing is governed by local policies.In this paper, we describe an architecture for adaptive resource sharing among two types of workloads: (i) local resource specific workload and (ii) global web services based grid workload. Each resource can set its own policies regarding how the resource is to be shared. Our approach leverages both the grid and the web services based technologies and overcomes the limitations of existing solutions by providing an additional layer of middleware. This layer provides services for dynamic discovery and aggregation of resources, policy based and transparent management of resources, and dynamic workload scheduling using the concept of virtualized resources. We discuss some of the design choices we made and present performance results to show the effects of policy-based resource sharing on the throughput delivered to the grid workload.