November 2024
·
1 Read
This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.
November 2024
·
1 Read
November 2024
·
7 Reads
To safeguard sensitive user data, web developers typically rely on an implicit access-control policies, which they implement using access checks and query filters. This ad-hoc approach is error-prone, as these scattered checks and filters are easy to misplace or misspecify; and the lack of an explicit policy precludes external access-control enforcement. More critically, it is difficult to divine what policy is embedded in application code and what data the application may access -- an issue that worsens as development teams evolve. This paper tackles policy extraction: the task of extracting the access-control policy embedded in an application by summarizing its data queries. An extracted policy, once vetted for errors, can stand alone as a specification for the application's data access, and can be enforced to ensure compliance as code changes over time. We introduce Ote, a policy extractor for Ruby-on-Rails web applications. Ote uses concolic execution to explore execution paths through the application, generating traces of SQL queries and conditions that trigger them. It then merges and simplifies these traces into a final policy that aligns with the observed behaviors. We applied Ote to three real-world applications and compare extracted policies to handwritten ones, revealing several errors in the latter.
November 2024
November 2024
·
3 Reads
Query determinacy is decidable for project-select views and a project-select-join query with no self joins, as long as the selection predicates are in a first-order theory for which satisfiability is decidable.
November 2024
·
14 Reads
Recent years have witnessed an explosive growth of AI models. The high cost of hosting AI services on GPUs and their demanding service requirements, make it timely and challenging to lower service costs and guarantee service quality. While spot instances have long been offered with a large discount, spot preemptions have discouraged users from using them to host model replicas when serving AI models. To address this, we introduce SkyServe, a system that efficiently serves AI models over a mixture of spot and on-demand replicas across regions and clouds. SkyServe intelligently spreads spot replicas across different failure domains (e.g., regions or clouds) to improve availability and reduce correlated preemptions, overprovisions cheap spot replicas than required as a safeguard against possible preemptions, and dynamically falls back to on-demand replicas when spot replicas become unavailable. We compare SkyServe with both research and production systems on real AI workloads: SkyServe reduces cost by up to 44% while achieving high resource availability compared to using on-demand replicas. Additionally, SkyServe improves P50, P90, and P99 latency by up to 2.6x, 3.1x, 2.7x compared to other research and production systems.
October 2024
·
5 Reads
October 2024
·
3 Reads
Prevailing wisdom asserts that one cannot rely on the cloud for critical real-time control systems like self-driving cars. We argue that we can, and must. Following the trends of increasing model sizes, improvements in hardware, and evolving mobile networks, we identify an opportunity to offload parts of time-sensitive and latency-critical compute to the cloud. Doing so requires carefully allocating bandwidth to meet strict latency SLOs, while maximizing benefit to the car.
August 2024
·
8 Reads
August 2024
·
20 Reads
April 2024
·
6 Reads
... Moreover, the engineering of the ARPANET was extraordinary. The network grew from a few hundred computers in the 1970s to tens of billions of computers today in a smooth evolution that maintained its overall structure and many of its communication protocols, even as new technologies, such as fiber optics and mobile phones, emerged to support or use the Internet (Mccauley et al., 2023). ...
Reference:
Evolution of Computing
January 2023
Communications of the ACM
... This addressing scheme allows for referencing individual output ports. The domain name can be derived from existing naming infrastructure, such as Internet domain names, public ledger addresses [25], or GitHub accounts or organizations [8]. It's important to note that the gate address is distinct from the network address. ...
November 2022
... We find that HOs to 3G (2G) increase the HOF rate by 166% (915%, respectively) compared to HOs to 4G/5G-NSA, see Table 4. We repeat this analysis while controlling for the other covariates and filtering the outliers (HOF rate<50%, number of HOs per day in [50,30 ]), finding the same result with slightly smaller intensity (coefficients of 5.48 and 4.77 instead of 6.82 and 5.12), as can be seen in Table 5. From the remaining covariates, the antenna vendor has a significant but smaller effect, which we also verify with an ANOVA test. ...
August 2021
... Recently, federated serverless computing [14][15][16][17][18][19], sky computing [20], hybrid serverless computing [21] and serverless edge-cloud continuum [12] have been gaining in popularity due to numerous benefits they can bring to the next-generation serverless workflows and applications. Such applications are typically deployed across multiple cloud providers and edge devices to reduce cost [22], improve scalability [18,23,24] or increase serverless application resilience [25]. ...
June 2021
... Additionally, the emergence of the Internet of Things (IoT), with the provision of cloud computing tools and services, offers a new generation of advanced services with more stringent communication requirements for supporting innovative use cases. To meet the challenges of the explosive traffic demand, automatic and adaptive network management strategies can be applied to overcome the challenges in terms of scalability, reliability, and cost-effectiveness, thereby guaranteeing the user's Quality of Experience (QoE) [3], [4]. ...
April 2021
ACM SIGCOMM Computer Communication Review
... A recent work orthogonal to ours is sPIN [15], a vendor-independent and portable interface for accelerated packet processing, which operates at a higher abstraction level than nethuns. Another recent work that is instead complementary to ours is Bertha [19], a network API which provides a uniform abstraction for offloads, aiming to simplify their use. The nethuns API does not currently support the ability to explicitly specify hardware offloading, and an interesting future development could be extending the interface to cover both network programming and offloading. ...
November 2020
... As a result, many studies have delved into unfair bandwidth allocations. However, the existing "unfair" CC protocols have one or more of the following limitations: (i) assume perfect knowledge of the network in order to define a goal weight of each connection [12], [13] (ii) treat connections according to a limited number of priority classes [14]- [16], or (iii) specifically tailored for a single type of application, such as IoT [4], [17], [18] and video streaming [10], [19]. ...
November 2020
... Creating and preserving these replicas demands a significantly higher allocation of bandwidth, storage, and computational resources, making it a less favorable solution in EC contexts. Another well-established method to circumvent node failures is through the process of checkpointing [8][9][10][11]. In this approach, systems periodically generate and save snapshots (termed as checkpoints) of the nodes' states. When a node encounters a failure, the system can resort to the most recent snapshot to restore the node to its last operational state. ...
October 2020
... However, although it offers high elasticity, current FaaS cloud platforms couple the fast-booting VMs with an event-triggered programming model and a constrained execution environment that makes them unfit to run general-purpose cloud applications off-the-shelf [24]. Existing FaaS platforms, force applications to be written as collections of short-lived, stateless functions, which cannot accept network connections while executing [16,24,41,55]. ...
October 2020
... Conventional memory disaggregation architectures relied on RDMA for remote memory access, as seen in FaRM [21], Infiniswap [29], CFM [5], and Redy [97]. Unfortunately, latency for remote memory access over RDMA can be of the order of s, as shown in our evaluation. ...
April 2020