Catálogo de publicaciones - revistas

<jats:p>Flash is a type of Electronically Erasable Programmable Read-Only Memory (EEPROM). Different from traditional magnetic disks, flash memories have no moving parts and are purely electronic devices, giving them unique advantages, such as lower access latency, lower power consumption, higher density, shock resistance, and lack of noise. However, existing applications cannot run directly on flash memories due to their special characteristics. Flash Translation Layer (FTL) is a software layer built on raw flash memories that emulates a normal block device like magnetic disks. Primary functionalities of the FTL include address translation, garbage collection, and wear leveling. This survey focuses on address translation technologies and provides a broad overview of existing schemes described in patents, journals, and conference proceedings.</jats:p>

<jats:p>In the last 25 years we have witnessed the rise and growth of interactive tabletop research, both in academic and in industrial settings. The rising demand for the digital support of human activities motivated the need to bring computational power to table surfaces. In this article, we review the state of the art of tabletop computing, highlighting core aspects that frame the input space of interactive tabletops: (a) developments in hardware technologies that have caused the proliferation of interactive horizontal surfaces and (b) issues related to new classes of interaction modalities (multitouch, tangible, and touchless). A classification is presented that aims to give a detailed view of the current development of this research area and define opportunities and challenges for novel touch- and gesture-based interactions between the human and the surrounding computational environment.</jats:p>

<jats:p> MapReduce is a framework for processing and managing large-scale datasets in a distributed cluster, which has been used for applications such as generating search indexes, document clustering, access log analysis, and various other forms of data analytics. MapReduce adopts a flexible computation model with a simple interface consisting of <jats:italic>map</jats:italic> and <jats:italic>reduce</jats:italic> functions whose implementations can be customized by application developers. Since its introduction, a substantial amount of research effort has been directed toward making it more usable and efficient for supporting database-centric operations. In this article, we aim to provide a comprehensive review of a wide range of proposals and systems that focusing fundamentally on the support of distributed data management and processing using the MapReduce framework. </jats:p>

<jats:p>Software verification has emerged as a key concern for ensuring the continued progress of information technology. Full verification generally requires, as a crucial step, equipping each loop with a “loop invariant.” Beyond their role in verification, loop invariants help program understanding by providing fundamental insights into the nature of algorithms. In practice, finding sound and useful invariants remains a challenge. Fortunately, many invariants seem intuitively to exhibit a common flavor. Understanding these fundamental invariant patterns could therefore provide help for understanding and verifying a large variety of programs.</jats:p> <jats:p>We performed a systematic identification, validation, and classification of loop invariants over a range of fundamental algorithms from diverse areas of computer science. This article analyzes the patterns, as uncovered in this study, governing how invariants are derived from postconditions; it proposes a taxonomy of invariants according to these patterns; and it presents its application to the algorithms reviewed. The discussion also shows the need for high-level specifications based on “domain theory.” It describes how the invariants and the corresponding algorithms have been mechanically verified using an automated program prover; the proof source files are available. The contributions also include suggestions for invariant inference and for model-based specification.</jats:p>

<jats:p>Timed automata are state-machine-like structures used to model real-time systems. Since their invention in the early 1990s, a number of often subtly differing variants have appeared in the literature; one of this article’s key contributions is defining, highlighting, and reconciling these differences. The article achieves this by defining a baseline theory of timed automata, characterizing each variant both syntactically and semantically, and giving, when possible, syntactic and semantic conversion to and from the baseline version. This article also surveys various extensions to the basic timed-automaton framework.</jats:p>

<jats:p> Memory encryption has yet to be used at the core of operating system designs to provide confidentiality of code and data. As a result, numerous vulnerabilities exist at every level of the software stack. Three general approaches have evolved to rectify this problem. The most popular approach is based on complex <jats:italic>hardware enhancements</jats:italic> ; this allows all encryption and decryption to be conducted within a well-defined trusted boundary. Unfortunately, these designs have not been integrated within commodity processors and have primarily been explored through simulation with very few prototypes. An alternative approach has been to augment existing hardware with <jats:italic>operating system enhancements</jats:italic> for manipulating keys, providing improved trust. This approach has provided insights into the use of encryption but has involved unacceptable overheads and has not been adopted in commercial operating systems. Finally, <jats:italic>specialized industrial devices</jats:italic> have evolved, potentially adding coprocessors, to increase security of particular operations in specific operating environments. However, this approach lacks generality and has introduced unexpected vulnerabilities of its own. Recently, memory encryption primitives have been integrated within commodity processors such as the Intel i7, AMD bulldozer, and multiple ARM variants. This opens the door for new operating system designs that provide confidentiality across the entire software stack outside the CPU. To date, little practical experimentation has been conducted, and the improvements in security and associated performance degradation has yet to be quantified. This article surveys the current memory encryption literature from the viewpoint of these central issues. </jats:p>

<jats:p>Pervasive healthcare systems, smart grids, and unmanned aircraft systems are examples of Cyber-Physical Systems (CPSs) that have become highly integrated in the modern world. As this integration deepens, the importance of securing these systems increases. In order to identify gaps and propose research directions in CPS intrusion detection research, we survey the literature of this area. Our approach is to classify modern CPS Intrusion Detection System (IDS) techniques based on two design dimensions: detection technique and audit material. We summarize advantages and drawbacks of each dimension’s options. We also summarize the most and least studied CPS IDS techniques in the literature and provide insight on the effectiveness of IDS techniques as they apply to CPSs. Finally, we identify gaps in CPS IDS research and suggest future research areas.</jats:p>

<jats:p>Web applications are one of the most prevalent platforms for information and service delivery over the Internet today. As they are increasingly used for critical services, web applications have become a popular and valuable target for security attacks. Although a large body of techniques have been developed to fortify web applications and mitigate attacks launched against them, there has been little effort devoted to drawing connections among these techniques and building the big picture of web application security research.</jats:p> <jats:p> This article surveys the area of securing web applications from the server side, with the aim of systematizing the existing techniques into a big picture that promotes future research. We first present the unique aspects of the web application development that cause inherent challenges in building secure web applications. We then discuss three commonly seen security vulnerabilities within web applications: <jats:italic>input validation vulnerabilities, session management vulnerabilities</jats:italic> , and <jats:italic>application logic vulnerabilities</jats:italic> , along with attacks that exploit these vulnerabilities. We organize the existing techniques along two dimensions: (1) the security vulnerabilities and attacks that they address and (2) the design objective and the phases of a web application during which they can be carried out. These phases are <jats:italic>secure construction of new web applications, security analysis/testing of legacy web applications</jats:italic> , and <jats:italic>runtime protection of legacy web applications</jats:italic> . Finally, we summarize the lessons learned and discuss future research opportunities in this area. </jats:p>

<jats:p>The great amounts of energy consumed by large-scale computing and network systems, such as data centers and supercomputers, have been a major source of concern in a society increasingly reliant on information technology. Trying to tackle this issue, the research community and industry have proposed myriad techniques to curb the energy consumed by IT systems. This article surveys techniques and solutions that aim to improve the energy efficiency of computing and network resources. It discusses methods to evaluate and model the energy consumed by these resources, and describes techniques that operate at a distributed system level, trying to improve aspects such as resource allocation, scheduling, and network traffic management. This work aims to review the state of the art on energy efficiency and to foster research on schemes to make network and computing resources more efficient.</jats:p>

<jats:p>We consider the<jats:italic>point-to-point (approximate) shortest-path query problem</jats:italic>, which is the following generalization of the classical<jats:italic>single-source (SSSP)</jats:italic>and<jats:italic>all-pairs shortest-path (APSP)</jats:italic>problems: we are first presented with a<jats:italic>network (graph)</jats:italic>. A so-called preprocessing algorithm may compute certain information<jats:italic>(a data structure or index)</jats:italic>to prepare for the next phase. After this preprocessing step, applications may ask shortest-path or distance queries, which should be answered as fast as possible.</jats:p><jats:p>Due to its many applications in areas such as transportation, networking, and social science, this problem has been considered by researchers from various communities (sometimes under different names): algorithm engineers construct fast route planning methods; database and information systems researchers investigate<jats:italic>materialization tradeoffs</jats:italic>, query processing on<jats:italic>spatial networks</jats:italic>, and<jats:italic>reachability queries</jats:italic>; and theoretical computer scientists analyze<jats:italic>distance oracles</jats:italic>and<jats:italic>sparse spanners</jats:italic>. Related problems are considered for<jats:italic>compact routing</jats:italic>and<jats:italic>distance labeling</jats:italic>schemes in networking and distributed computing and for<jats:italic>metric embeddings</jats:italic>in geometry as well.</jats:p><jats:p>In this survey, we review selected approaches, algorithms, and results on shortest-path queries from these fields, with the main focus lying on the tradeoff between the index size and the query time. We survey methods for general graphs as well as specialized methods for restricted graph classes, in particular for those classes with arguable practical significance such as planar graphs and complex networks.</jats:p>