Catálogo de publicaciones - revistas

<jats:p>We review the computation of 3D geometric data mapping, which establishes one-to-one correspondence between or among spatial/spatiotemporal objects. Effective mapping benefits many scientific and engineering tasks that involve the modeling and processing of correlated geometric or image data. We model mapping computation as an optimization problem with certain geometric constraints and go through its general solving pipeline. Different mapping algorithms are discussed and compared according to their formulations of objective functions, constraints, and optimization strategies.</jats:p>

<jats:p>Mobile ad hoc networks (MANETs) are infrastructureless and distributed communication systems that require sophisticated approaches to routing to cope with node mobility and heterogeneous application requirements. In the past few years, distributed hash table (DHT) has come forth as a useful additional technique to the design and specification of spontaneous and self-organized networks. Researchers have exploited its advantages by implementing it at the network layer and developing scalable routing protocols for MANETs. The implementation of DHT-based routing in a MANET requires different algorithms and specifications compared to routing in the Internet because a MANET has its unique characteristics, such as node mobility, spontaneous networking, decentralized architecture, limited transmission range, dynamic topology, and frequent network partitioning/merging.</jats:p> <jats:p>In this article, we present a comprehensive survey of research related to DHT-based routing that aims at enhancing the scalability of MANETs. We present a vivid taxonomy of DHT-based routing protocols and the guidelines to design such protocols for MANETs. We compare the features, strengths, and weaknesses of existing DHT-based routing protocols and highlight key research challenges that are vital to address. The outcome of the analysis serves as a guide for anyone willing to delve into research on DHT-based routing in MANETs.</jats:p>

<jats:p>Web service is a widely used implementation technique under the paradigm of Service-Oriented Architecture (SOA). A service-based system is subjected to continuous evolution and regression testing is required to check whether new faults have been introduced. Based on the current scientific work of web service regression testing, this survey aims to identify gaps in current research and suggests some promising areas for further study. To this end, we performed a broad automatic search on publications in the selected electronic databases published from 2000 to 2013. Through our careful review and manual screening, a total of 30 papers have been selected as primary studies for answering our research questions. We presented a qualitative analysis of the findings, including stakeholders, challenges, standards, techniques, and validations employed in these primary studies. Our main results include the following: (1) Service integrator is the key stakeholder that largely impacts how regression testing is performed. (2) Challenges of cost and autonomy issues have been studied heavily. However, more emphasis should be put on the other challenges, such as test timing, dynamics, privacy, quota constraints, and concurrency issues. (3) Orchestration-based services have been largely studied, while little attention has been paid to either choreography-based services or semantic-based services. (4) An appreciable amount of web service regression testing techniques have been proposed, including 48 test case prioritization techniques, 10 test selection techniques, two test suite minimization techniques, and another collaborative technique. (5) Many regression test techniques have not been theoretically proven or experimentally analyzed, which limits their application in large-scale systems. We believe that our survey has identified gaps in current research work and reveals new insights for the future work.</jats:p>

<jats:p>We survey the notion of provably secure searchable encryption (SE) by giving a complete and comprehensive overview of the two main SE techniques: searchable symmetric encryption (SSE) and public key encryption with keyword search (PEKS). Since the pioneering work of Song, Wagner, and Perrig (IEEE S&amp;P '00), the field of provably secure SE has expanded to the point where we felt that taking stock would provide benefit to the community.</jats:p> <jats:p>The survey has been written primarily for the nonspecialist who has a basic information security background. Thus, we sacrifice full details and proofs of individual constructions in favor of an overview of the underlying key techniques. We categorize and compare the different SE schemes in terms of their security, efficiency, and functionality. For the experienced researcher, we point out connections between the many approaches to SE and identify open research problems.</jats:p> <jats:p>Two major conclusions can be drawn from our work. While the so-called IND-CKA2 security notion becomes prevalent in the literature and efficient (sublinear) SE schemes meeting this notion exist in the symmetric setting, achieving this strong form of security efficiently in the asymmetric setting remains an open problem. We observe that in multirecipient SE schemes, regardless of their efficiency drawbacks, there is a noticeable lack of query expressiveness that hinders deployment in practice.</jats:p>

<jats:p> Fork/join (F/J) requests arise in contexts such as parallel computing, query processing in parallel databases, and parallel disk access in RAID. F/J requests spawn <jats:italic>K</jats:italic> tasks that are sent to <jats:italic>K</jats:italic> parallel servers, and the completion of all <jats:italic>K</jats:italic> tasks marks the completion of an F/J request. The exact formula for the mean response time of <jats:italic>K</jats:italic> = 2-way F/J requests derived under Markovian assumptions ( <jats:italic> R <jats:sup>F/J</jats:sup> </jats:italic> <jats:sub>2</jats:sub> ) served as the starting point for an approximate expression for <jats:italic> R <jats:sup>F/J</jats:sup> <jats:sub>K</jats:sub> </jats:italic> for 2 &lt; <jats:italic>K</jats:italic> ≤ 32. When servers process independent requests in addition to F/J requests, the mean response time of F/J requests is better approximated by <jats:italic> R <jats:sup>max</jats:sup> <jats:sub>K</jats:sub> </jats:italic> , which is the maximum of the response times of tasks constituting F/J requests. <jats:italic> R <jats:sup>max</jats:sup> <jats:sub>K</jats:sub> </jats:italic> is easier to compute and serves as an upper bound to <jats:italic> R <jats:sup>F/J</jats:sup> <jats:sub>K</jats:sub> </jats:italic> . We discuss techniques to compute <jats:italic> R <jats:sup>max</jats:sup> <jats:sub>K</jats:sub> </jats:italic> and generally the maximum of <jats:italic>K</jats:italic> random variables denoting the processing times of the tasks of a parallel computation <jats:italic> X <jats:sup>max</jats:sup> <jats:sub>K</jats:sub> </jats:italic> . Graph models of computations such as Petri nets—a more general form of parallelism than F/J requests—are also discussed in this work. Jobs with precedence constraints may require multiple resources, which are represented by a queueing network model. We also discuss various queueing systems related to F/J queueing systems and outline their analysis. </jats:p>

<jats:p>Managing Service Level Agreement (SLA) within a cloud-based system is important to maintain service continuity and improve trust due to cloud flexibility and scalability. We conduct a general review on cloud-based systems to understand how service continuity and trust are addressed in cloud SLA management. The review shows that SLA renegotiation is necessary to improve trust and maintain service continuity; however, research on SLA renegotiation is limited. Of the two key approaches in renegotiation, namely bargaining-based negotiation and offer generation--based negotiation, the latter approach is the most promising due to its ability to generate optimized multiple-offer SLA parameters within one round during renegotiation.</jats:p>

<jats:p>Network covert channels are used to hide communication inside network protocols. Various techniques for covert channels have arisen in the past few decades. We surveyed and analyzed 109 techniques developed between 1987 and 2013 and show that these techniques can be reduced to only 11 different patterns. Moreover, the majority (69.7%) of techniques can be categorized into only four different patterns (i.e., most techniques we surveyed are similar). We represent the patterns in a hierarchical catalog using a pattern language. Our pattern catalog will serve as a base for future covert channel novelty evaluation. Furthermore, we apply the concept of pattern variations to network covert channels. With pattern variations, the context of a pattern can change. For example, a channel developed for IPv4 can automatically be adapted to other network protocols. We also propose the pattern-based covert channel optimizations pattern hopping and pattern combination. Finally, we lay the foundation for pattern-based countermeasures: whereas many current countermeasures were developed for specific channels, a pattern-oriented approach allows application of one countermeasure to multiple channels. Hence, future countermeasure development can focus on patterns, and the development of real-world protection against covert channels is greatly simplified.</jats:p>

<jats:p>Today’s mobile phones are far from the mere communication devices they were 10 years ago. Equipped with sophisticated sensors and advanced computing hardware, phones can be used to infer users’ location, activity, social setting, and more. As devices become increasingly intelligent, their capabilities evolve beyond inferring context to predicting it, and then reasoning and acting upon the predicted context. This article provides an overview of the current state of the art in mobile sensing and context prediction paving the way for full-fledged anticipatory mobile computing. We present a survey of phenomena that mobile phones can infer and predict, and offer a description of machine learning techniques used for such predictions. We then discuss proactive decision making and decision delivery via the user-device feedback loop. Finally, we discuss the challenges and opportunities of anticipatory mobile computing.</jats:p>

<jats:p>In response to the revival of virtualized technology by Rosenblum and Garfinkel [2005], NIST defined cloud computing, a new paradigm in service computing infrastructures. In cloud environments, the basic security mechanism is ingrained in virtualization—that is, the execution of instructions at different privilege levels. Despite its obvious benefits, the caveat is that a crashed virtual machine (VM) is much harder to recover than a crashed workstation. When crashed, a VM is nothing but a giant corrupt binary file and quite unrecoverable by standard disk-based forensics. Therefore, VM crashes should be avoided at all costs. Security is one of the major contributors to such VM crashes. This includes compromising the hypervisor, cloud storage, images of VMs used infrequently, and remote cloud client used by the customer as well as threat from malicious insiders. Although using secure infrastructures such as private clouds alleviate several of these security problems, most cloud users end up using cheaper options such as third-party infrastructures (i.e., private clouds), thus a thorough discussion of all known security issues is pertinent. Hence, in this article, we discuss ongoing research in cloud security in order of the attack scenarios exploited most often in the cloud environment. We explore attack scenarios that call for securing the hypervisor, exploiting co-residency of VMs, VM image management, mitigating insider threats, securing storage in clouds, abusing lightweight software-as-a-service clients, and protecting data propagation in clouds. Wearing a practitioner's glasses, we explore the relevance of each attack scenario to a service company like Infosys. At the same time, we draw parallels between cloud security research and implementation of security solutions in the form of enterprise security suites for the cloud. We discuss the state of practice in the form of enterprise security suites that include cryptographic solutions, access control policies in the cloud, new techniques for attack detection, and security quality assurance in clouds.</jats:p>

<jats:p>Technology downscaling is expected to amplify a variety of reliability concerns in future digital systems. A good understanding of reliability threats is crucial for the creation of efficient mitigation techniques. This survey performs a systematic classification of the state of the art on the analysis and modeling of such threats, which are caused by physical mechanisms to digital systems. The purpose of this article is to provide a classification tool that can aid with the navigation across the entire landscape of reliability analysis and modeling. A classification framework is constructed in a top-down fashion from complementary categories, each one addressing an approach on reliability analysis and modeling. In comparison to other classifications, the proposed methodology approaches the target research domain in a complete way, without suppressing hybrid works that fall under multiple categories. To substantiate the usability of the classification framework, representative works from the state of the art are mapped to each appropriate category and are briefly analyzed. Thus, research trends and opportunities for novel approaches can be identified.</jats:p>