Catálogo de publicaciones - libros

The complexity of today’s large-scale enterprise applications demands system administrators to monitor enormous amounts of metrics, and reconfigure their hardware as well as software at run-time without thorough understanding of monitoring results. The Elba project is designed to achieve an automated iterative staging to mitigate the risk of violating Service Level Objectives (SLOs). As part of Elba we undertake performance characterization of system to detect bottlenecks in their configurations. In this paper, we introduce our concrete bottleneck detection approach used in Elba, and then show its robustness and accuracy in various configurations scenarios. We utilize a well-known benchmark application, RUBiS (Rice University Bidding System), to evaluate the classifier with respect to successful identification of different bottlenecks.

Malicious root-kits modify the in-memory state of programs executing on an endpoint to hide themselves from security software. Such attacks negatively affect network-based security frameworks that depend on the trustworthiness of endpoint software. In network access control frameworks this issue is called the lying-endpoint problem, where a compromised endpoint spoofs software integrity reports to render the framework untrustworthy. We present a novel architecture called Virtualization-enabled Integrity Services (VIS) to protect the run-time integrity of network-access software in an untrusted environment. We describe the design of a VIS-protected network access stack, and characterize its performance. We show that a network access stack running on an existing operating system can be protected using VIS with less than 5% overhead, even when each network packet causes protection enforcement.

This paper deals with the Change Management process within IT Service Management. Change Management includes several activities, some of which need to evaluate the risk exposure associated with changes to be made to the infrastructure and services. We present a method by which risk exposure associated with a change can be evaluated and the risk exposure metric is applied to the problem of automatically assigning priorities to changes. A formal model is developed to this end; the model captures the business perspective by using financial metrics in the evaluation of risk. A case study, performed in conjunction with a large IT service provider, is reported and provides good results when compared to decisions made by human managers.

Performing impact analysis involves determining which users are affected by system resource failures. Understanding when users are actually using certain resources allows system administrators to better assess the impact on enterprise operations. This is critical to prioritizing system repair and restoration actions, and allowing users to modify their plans proactively. We present an approach that combines traditional dependency analysis with resource usage information to improve the operational relevance of these assessments. Our approach collects data from end-user systems using common operating system commands, and uses this data to generate dependency and usage pattern information. We tested our approach in a computer lab running applications at various levels of complexity, and demonstrate how our framework can be used to assist system administrators in providing clear and concise impact assessments to executive managers.

As service providers strive to improve the quality and efficiency of their IT (information technology) management services, the need to adopt a standard set of tools and processes becomes increasingly important. Deploying capable tools is a key part of this standardization, since a single instance can be used to manage multiple customer environments, and multi-tenant tools have the potential to significantly reduce service-delivery costs. However, most tools are not designed for multi-tenancy, and providing this support requires extensive re-design and re-implementation.

In this paper, we explore the use of virtualization technology to enable multi-tenancy for systems and network management tools with minimal, if any, changes to the tool software. We demonstrate our design techniques by creating a multi-tenant version of a widely-used open source network management system. We perform a number of detailed profiling experiments to measure the resource requirements in the virtual environments, and also compare the scalability of two multi-tenant realizations using different virtualization approaches. We show that our design can support roughly 20 customers with a single tool instance, and leads to a scalability increase of 60–90% over a traditional design in which each customer is assigned to a single virtual machine.

Optical networks are capable of switching IP traffic via lambda connections. In this way, big IP flows that overload the regular IP routing level may be moved to the optical level, where they get better Quality of Service (QoS). At the same time, the IP routing level is off-loaded and can serve smaller flows better. Within this context, this paper analyses the eligibility of IP flows to be moved to the optical level. In this analysis, we observe the percentage of IP traffic as well as the amount of IP flows moved to the optical level while using various definitions for an IP flow. The main contribution of this paper is to show how the amount of IP traffic transferred over lambda-connections considerably depends on the definition used for a flow.

Interoperability testing is an inherently distributed task. It connects different implementations together and determines if they interact according to their specifications, providing the expected services.

Deployment, configuration management and operation of an interoperability solution can be drastically improved with the use of virtualization techniques. Virtualized solution allows simpler and more reliable testing, as less equipment is required and full automation is achieved, providing means for better testing.

This paper deals with a new iterative Network Anomaly Detection Algorithm – NADA, which accomplishes the detection, classification and identification of traffic anomalies. NADA fully provides all information required limiting the extent of anomalies by locating them in time, by classifying them, and identifying their features as, for instance, the source and destination addresses and ports involved. To reach its goal, NADA uses a generic multi-featured algorithm executed at different time scales and at different levels of IP aggregation. Besides that, the NADA approach contributes to the definition of a set of traffic anomaly behavior-based signatures. The use of these signatures makes NADA suitable and efficient to use in a monitoring environment.

People, processes, technology and information are the service provider’s resources for delivering IT services. Process automation is one way in which service providers can reduce cost and improve quality by automating routine tasks thereby reducing human error and reserving people resources for those tasks which require human skill and complex decision making. In this paper we propose a conceptual methodology for IT service management process automation in the area of configuration control, audit verification, and process analytics. We employ a complexity model to assist in identifying the opportunities for process automation. We recommend and outline an automated approach to the complex task of variance detection of the hierarchically defined Configuration Items in a Configuration Management Database (CMDB) against the Configuration Items in the IT environment. We also recommend the integration of this automated detection with human centric remediation for resolving the variances detected and outline an automated approach to the variance detection.

This paper proposes a new network-wide rollback scheme for fast recovery from operator errors, toward the high availability of networks and services. A technical issue arises from the fact that operators, who manipulate one or more diverse devices and services due to their network-wide dependency in a typical management task, are the major cause of failure. The lack of systems or tools fully addressing the issue motivated us to develop a new scheme. The underlying idea is that, for any operational device or service, the observable behavior is identical whenever the same setting is configured. High availability will thus be achieved by rolling the settings that may cause an abnormal state by an operator error, back to past ones with which devices and services were stable. Certain policies for the network-wide rollback are identified and a prototype implementation and preliminary results will be presented.