1998 IEEE International Conference on Electronics, Circuits and Systems. Surfing the Waves of Science and Technology (Cat. No.98EX196)
Abstract This paper describes a clock distribution strategy adequate for wide-area synchronisatio... more Abstract This paper describes a clock distribution strategy adequate for wide-area synchronisation, applicable to VLSI, WSI and MCM systems. This strategy is described in terms of Controlled Delay Lines. Local clock multiplication is proposed to solve possible phase ambiguities. Implementation issues are also discussed. Simulations using DLLs with extreme parameter variations are presented in the last section. Sub-nanosecond phase accuracy is shown for wafer size areas
The Internet of Things (IoT) is a growing research field and one of today's prime examples of... more The Internet of Things (IoT) is a growing research field and one of today's prime examples of Wireless Sensor Networks (WSN) applicability and possible impact on general society. IoT scenarios use a great diversity of sensors, protocols, and mechanisms widely researched from a system perspective. Unfortunately, the security within the small sensing devices and the impact on those small sensors of choosing one cryptographic solution over the other is still lacking further research. In this paper, we tested different security configurations using the two most used transport protocols (HTTP and MQTT). We measured their effects on five commonly used embedded devices in IoT WSNs: ESP8622, ESP32, RPil, RPi2, and RPi3. We considered three different metrics for evaluating each configuration: power consumption, message delay, and additional message length (bytes). The experimental results from long runs (60 hours) reveal the cryptographic solution choice is significant for the message delay and additional message length.
Slice-based Network Control allows the delivery of different SLAs to heterogeneous services and t... more Slice-based Network Control allows the delivery of different SLAs to heterogeneous services and the isolation of network flows, all within the same shared infrastructure. Industry 4.0 and the IoT are prime use-cases for Network Slicing and expose a large number of embedded systems that cannot run advanced anti-malware routines - this raises significant security concerns. An approach to defending against these issues is honeynets, isolated sandbox networks with decoy functions (honeypots) mimicking the real endpoints. However, steering an active TCP connection (i.e., the attack) to a different endpoint (i.e., the decoy) is still a significant challenge. This article proposes using the SDN controller to bootstrap a smooth handover of the active TCP session across endpoints. Our proposal's core is a purpose-built proxy function that will resume a live attack session with the decoy using the Linux Kernel's TCP-REPAIR features. Because we are effectively recreating the socket as if the connection was initially established with that new endpoint, all of the TCP state machine and control sequence inner-workings are still done seamlessly by the kernel's built-in routines and the higher-level abstractions that use them. The results show that our approach has a similar performance to a regular socket (latency and throughput), while the new management interfaces integrate nicely into the existing Network Slicing operations.
Recently, the open-source management and orchestration (OSM) platform has attracted significant i... more Recently, the open-source management and orchestration (OSM) platform has attracted significant interest from academia and industry, potentially providing network function virtualization (NFV) management and orchestration solutions for European Telecommunications Standards Institute (ETSI) compliant NFV implementations. OSM has a built-in monitoring module (MON), a policy-management module (POL), and a Prometheus time-series database for metrics collection, which are the main components of ensuring service assurance in OSM. In this work, auto-scaling testing is performed with OSM after instantiating network service using the OSM community-developed virtual network functions (VNFs) and the Grafana tool for data visualization. The Prometheus database collects the metrics from the MON exporter, and scaling actions are defined in POL. Finally, we performed auto-scaling testing and demonstrated the results using the Grafana dashboard. The results showed that the auto-scaling policy was automated successfully after the virtual infrastructure manager (VIM) and VNF metrics triggered threshold violation alarms (already defined) and scaling actions were performed successfully as defined in POL.
ABSTRACT This paper presents an innovative extension to routing protocols using a back-tracing te... more ABSTRACT This paper presents an innovative extension to routing protocols using a back-tracing technique to improve performance of handovers in wireless mesh networks. The main purpose of this extension is to minimize disconnection time and packets losses when mobility occurs. The proposed scheme requires some minor changes to the original proactive ad-hoc routing protocol, but does not impose any modification to the current IEE 802.11 MAC protocol. Some additional changes are also required to the handover signalling, in order to better optimize the process. The back-tracing mechanism is also able to reach route convergence to a minimum route length maintaining the throughput of data packets. The results of the proposed extension show that it is able to maintain the network throughput in wireless mesh networks during mobility, minimizing the packet losses.
Up until recently, a physical SIM card was mandatory to make calls, send messages, and access the... more Up until recently, a physical SIM card was mandatory to make calls, send messages, and access the Internet using hardware modems, but a physical card has some limitations, especially when it is used within IoT devices deployed in a wide area. eSIM is an embedded alternative of the traditional physical SIM cards, providing the same usability, privacy, and security, but also minimizing some disadvantages of the traditional SIM card. In this work, we explore the usability of eSIM on vertical using 5G that can benefit from adopting eSIM. We start by presenting an overview of eSIM, discuss its main features, compare it to the physical SIM card, and specify the main characteristics of each vertical market.
Abstract In this paper we present a new extension to proactive routing protocols using a fast mob... more Abstract In this paper we present a new extension to proactive routing protocols using a fast mobility extension, FastM, with the purpose of increasing handover performance in wireless mesh networks. With this new extension a new concept is created to integrate information between neighbor wireless mesh routers, managing locations of clients associated to wireless mesh routers in a certain neighborhood, and avoiding packet loss during handover. The proposed mobility protocol is able to optimize the handover process without imposing ...
Nowadays domestic and enterprise WLANs are pervasive and offer capabilities adequate for a broad ... more Nowadays domestic and enterprise WLANs are pervasive and offer capabilities adequate for a broad spectrum of applications. Unlocking these networks for enhanced wireless access to select users and devices, through dynamically sharing the unused portion of hotspots bandwidth, is key to provide seamless connectivity. Far from providing just basic wireless connectivity, we argue that these WLANs can be efficiently exploited to cope with emerging applications in the context of smart cities, massive machine type communication, and cellular data offloading. We introduce an approach aimed at the efficient sharing of available WLANs resources, allowing applications of domestic or enterprise users to coexist with third-party applications. To achieve this goal, we go beyond existing solutions by proposing the virtualization of access networks to offer differentiated networking services in an isolated manner. However, commodity wireless access devices are low-cost and performance-constrained, ...
1998 IEEE International Conference on Electronics, Circuits and Systems. Surfing the Waves of Science and Technology (Cat. No.98EX196)
Abstract This paper describes a clock distribution strategy adequate for wide-area synchronisatio... more Abstract This paper describes a clock distribution strategy adequate for wide-area synchronisation, applicable to VLSI, WSI and MCM systems. This strategy is described in terms of Controlled Delay Lines. Local clock multiplication is proposed to solve possible phase ambiguities. Implementation issues are also discussed. Simulations using DLLs with extreme parameter variations are presented in the last section. Sub-nanosecond phase accuracy is shown for wafer size areas
The Internet of Things (IoT) is a growing research field and one of today's prime examples of... more The Internet of Things (IoT) is a growing research field and one of today's prime examples of Wireless Sensor Networks (WSN) applicability and possible impact on general society. IoT scenarios use a great diversity of sensors, protocols, and mechanisms widely researched from a system perspective. Unfortunately, the security within the small sensing devices and the impact on those small sensors of choosing one cryptographic solution over the other is still lacking further research. In this paper, we tested different security configurations using the two most used transport protocols (HTTP and MQTT). We measured their effects on five commonly used embedded devices in IoT WSNs: ESP8622, ESP32, RPil, RPi2, and RPi3. We considered three different metrics for evaluating each configuration: power consumption, message delay, and additional message length (bytes). The experimental results from long runs (60 hours) reveal the cryptographic solution choice is significant for the message delay and additional message length.
Slice-based Network Control allows the delivery of different SLAs to heterogeneous services and t... more Slice-based Network Control allows the delivery of different SLAs to heterogeneous services and the isolation of network flows, all within the same shared infrastructure. Industry 4.0 and the IoT are prime use-cases for Network Slicing and expose a large number of embedded systems that cannot run advanced anti-malware routines - this raises significant security concerns. An approach to defending against these issues is honeynets, isolated sandbox networks with decoy functions (honeypots) mimicking the real endpoints. However, steering an active TCP connection (i.e., the attack) to a different endpoint (i.e., the decoy) is still a significant challenge. This article proposes using the SDN controller to bootstrap a smooth handover of the active TCP session across endpoints. Our proposal's core is a purpose-built proxy function that will resume a live attack session with the decoy using the Linux Kernel's TCP-REPAIR features. Because we are effectively recreating the socket as if the connection was initially established with that new endpoint, all of the TCP state machine and control sequence inner-workings are still done seamlessly by the kernel's built-in routines and the higher-level abstractions that use them. The results show that our approach has a similar performance to a regular socket (latency and throughput), while the new management interfaces integrate nicely into the existing Network Slicing operations.
Recently, the open-source management and orchestration (OSM) platform has attracted significant i... more Recently, the open-source management and orchestration (OSM) platform has attracted significant interest from academia and industry, potentially providing network function virtualization (NFV) management and orchestration solutions for European Telecommunications Standards Institute (ETSI) compliant NFV implementations. OSM has a built-in monitoring module (MON), a policy-management module (POL), and a Prometheus time-series database for metrics collection, which are the main components of ensuring service assurance in OSM. In this work, auto-scaling testing is performed with OSM after instantiating network service using the OSM community-developed virtual network functions (VNFs) and the Grafana tool for data visualization. The Prometheus database collects the metrics from the MON exporter, and scaling actions are defined in POL. Finally, we performed auto-scaling testing and demonstrated the results using the Grafana dashboard. The results showed that the auto-scaling policy was automated successfully after the virtual infrastructure manager (VIM) and VNF metrics triggered threshold violation alarms (already defined) and scaling actions were performed successfully as defined in POL.
ABSTRACT This paper presents an innovative extension to routing protocols using a back-tracing te... more ABSTRACT This paper presents an innovative extension to routing protocols using a back-tracing technique to improve performance of handovers in wireless mesh networks. The main purpose of this extension is to minimize disconnection time and packets losses when mobility occurs. The proposed scheme requires some minor changes to the original proactive ad-hoc routing protocol, but does not impose any modification to the current IEE 802.11 MAC protocol. Some additional changes are also required to the handover signalling, in order to better optimize the process. The back-tracing mechanism is also able to reach route convergence to a minimum route length maintaining the throughput of data packets. The results of the proposed extension show that it is able to maintain the network throughput in wireless mesh networks during mobility, minimizing the packet losses.
Up until recently, a physical SIM card was mandatory to make calls, send messages, and access the... more Up until recently, a physical SIM card was mandatory to make calls, send messages, and access the Internet using hardware modems, but a physical card has some limitations, especially when it is used within IoT devices deployed in a wide area. eSIM is an embedded alternative of the traditional physical SIM cards, providing the same usability, privacy, and security, but also minimizing some disadvantages of the traditional SIM card. In this work, we explore the usability of eSIM on vertical using 5G that can benefit from adopting eSIM. We start by presenting an overview of eSIM, discuss its main features, compare it to the physical SIM card, and specify the main characteristics of each vertical market.
Abstract In this paper we present a new extension to proactive routing protocols using a fast mob... more Abstract In this paper we present a new extension to proactive routing protocols using a fast mobility extension, FastM, with the purpose of increasing handover performance in wireless mesh networks. With this new extension a new concept is created to integrate information between neighbor wireless mesh routers, managing locations of clients associated to wireless mesh routers in a certain neighborhood, and avoiding packet loss during handover. The proposed mobility protocol is able to optimize the handover process without imposing ...
Nowadays domestic and enterprise WLANs are pervasive and offer capabilities adequate for a broad ... more Nowadays domestic and enterprise WLANs are pervasive and offer capabilities adequate for a broad spectrum of applications. Unlocking these networks for enhanced wireless access to select users and devices, through dynamically sharing the unused portion of hotspots bandwidth, is key to provide seamless connectivity. Far from providing just basic wireless connectivity, we argue that these WLANs can be efficiently exploited to cope with emerging applications in the context of smart cities, massive machine type communication, and cellular data offloading. We introduce an approach aimed at the efficient sharing of available WLANs resources, allowing applications of domestic or enterprise users to coexist with third-party applications. To achieve this goal, we go beyond existing solutions by proposing the virtualization of access networks to offer differentiated networking services in an isolated manner. However, commodity wireless access devices are low-cost and performance-constrained, ...
Programmers of relational database applications use software solutions (Hibernate, JDBC, LINQ, AD... more Programmers of relational database applications use software solutions (Hibernate, JDBC, LINQ, ADO.NET) to ease the development process of business tiers. These software solutions were not devised to address access control policies, much less for evolving access control policies, in spite of their unavoidable relevance. Currently, access control policies, whenever implemented, are enforced by independent components leading to a separation between policies and their enforcement. This paper proposes a new approach based on an architectural model referred to here as the Access Control driven Architecture with Dynamic Adaptation (ACADA). Solutions based on ACADA are automatically built to statically enforce access control policies based on schemas of Create, Read, Update and Delete (CRUD) expressions. Then, CRUD expressions are dynamically deployed at runtime driven by established access control policies. Any update in the policies is followed by an adaptation process to keep access control mechanisms aligned with the policies to be enforced. A proof of concept based on Java and Java Database Connectivity
(JDBC) is also presented.
Most of the security threats in relational database applications have their source in client-side... more Most of the security threats in relational database applications have their source in client-side systems when they issue requests formalized by Create, Read, Update and Delete (CRUD) expressions. If tools such as ODBC and JDBC are used to develop business logics, then there is another source of threats. In some situations the content of data sets retrieved by Select expressions can be modified and then committed into the host databases. These tools are agnostic regarding not only database schemas but also regarding the established access control policies. This situation can hardly be mastered by programmers of business logics in database applications with many and complex access control policies. To overcome this gap, we extend the basic Role-Based Access policy to support and supervise the two sources of security threats. This extension is then used to design the correspondent RBAC model. Finally, we present a software architectural model from which static RBAC mechanisms are automatically built, this way relieving programmers from mastering any schema. We demonstrate empirical evidence of the effectiveness
"This research proposes an architecture for reusable components
aimed at bridging the object-ori... more "This research proposes an architecture for reusable components
aimed at bridging the object-oriented and the relational paradigms. The component, referred to here as Business Tier Component, provides a single wide range static interface able to manage a set of Create, Read, Update and Delete (CRUD) expressions, deployed at runtime and of any complexity, on behalf of application tiers. The only constraint is that the required interface to manage each CRUD expression must be a super-interface of the provided wide range interface. The main research challenge of this paper is the definition of an architecture for reusable components aimed at managing dynamically a set of CRUD expressions, deployed at runtime, on behalf of application tiers. "
Currently, business tiers for relational database applications are mostly built from software art... more Currently, business tiers for relational database applications are mostly built from software artifacts, among which Java Persistent API, Java Database Connectivity and LINQ are three representatives. Those software artifacts were mostly devised to address the impedance mismatch between the object-oriented and the relational paradigms. Key aspects as reusable business tier components and access control to data residing inside relational databases have not been addressed. To tackle the two aspects, this research proposes an architecture, referred to here as Business Tier Architecture (BTA), to develop reusable business tier components which enforce access control policies to data residing inside relational databases management systems. Besides BTA, this paper also presents a proof of concept based on Java and on Java Database Connectivity (JDBC).
Call Level Interfaces (CLI) play a key role in database applications whenever performance is a ke... more Call Level Interfaces (CLI) play a key role in database applications whenever performance is a key requirement. SQL statements are encoded inside strings this way keeping the power and the expressiveness of the SQL language. Unfortunately, despite this significant advantage, CLI do not promote the development of business tier components, much less for business tier components driven by dynamic adaptation. To tackle this CLI drawback, and simultaneously keep their advantages, this paper proposes an architecture, herein referred to as the Object-to-Relational Component Architecture (ORCA), relying on CLI for building adaptable business tiers components. ORCA has the capacity of being dynamically adapted to manage any set of SQL statements deployed at runtime. The focus of this paper is threefold: 1) present the ORCA, 2) present a proof of concept based on Java and, finally, 3) assess its performance against a standard CLI.
Access control is a key challenge in software engineering, especially in relational database appl... more Access control is a key challenge in software engineering, especially in relational database applications. Current access control techniques are based on additional security layers designed by security experts. These additional security layers do not take into account the necessary business logic leading to a separation between business tiers and access control mechanisms. Moreover, business tiers are built from commercial tools (ex: Hibernate, JDBC, ODBC, LINQ), which are not tailored to deal with security aspects. To overcome this situation several proposals have been presented. In spite of their relevance, they do not support the enforcement of access control policies at the level of the runtime values that are used to interact with protected data. Runtime values are critical entities because they play a key role in the process of defining which data is accessed. In this paper, we present a general technique for static checking, at the business tier level, the runtime values that are used to interact with databases and in accordance with the established access control policies. The technique is applicable to CRUD (create, read, update and delete) expressions and also to actions (update and insert) that
are executed on data retrieved by Select expressions. A proof of
concept is also presented. It uses an access control platform previously developed, which lacks the key issue of this paper. The collected results show that the presented approach is an effective solution to enforce access control policies at the level of runtime values that are used to interact with data residing in relational databases.
"Call Level Interfaces (CLI) provide services aimed at easing the integration of database compone... more "Call Level Interfaces (CLI) provide services aimed at easing the integration of database components and components from client applications. CLI support native SQL statements keeping this way expressiveness and performance of SQL. Thus, they cannot be discarded as a valid option whenever SQL expressiveness and SQL performance are considered key requirements. Despite the aforementioned performance advantage, CLI do not comprise other important performance features, as concurrency over the in-memory data. In this paper we present and assess a component that is a concurrent version of the ResultSet interface from the JDBC API. Several threads may interact simultaneously in the same
instance of the ResultSet in a concurrent fashion and can be simultaneously connected to the underlying database. The main contributions of this paper are twofold: i) the design of an Enhanced ResultSet Component to provide a concurrent access to relational databases; ii) the evaluation of its performance. The Enhaced ResultSet performance will be assessed in a real scenario. The outcome shows that the gain in performance may increase until 80%. "
To store, update and retrieve data from database management systems (DBMS), software architects u... more To store, update and retrieve data from database management systems (DBMS), software architects use tools, like call-level interfaces (CLI), which provide standard functionalities to interact with DBMS. However, the emerging of NoSQL paradigm, and particularly new NoSQL DBMS providers, lead to situations where some of the standard functionalities provided by CLI are not supported, very often due to their distance from the relational model or due to design constraints. As such, when a system architect needs to evolve, namely from a relational DBMS to a NoSQL DBMS, he must overcome the difficulties conveyed by the features not provided by NoSQL DBMS. Choosing the wrong NoSQL DBMS risks major issues with components requesting non-supported features. This paper focuses on how to deploy features that are not so commonly supported by NoSQL DBMS (like Stored Procedures, Transactions, Save Points and interactions with local memory structures) by implementing them in standard CLI.
In database applications, access control security layers are mostly developed from tools provided... more In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: 1) if policies are complex, their enforcement can lead to performance decay of database servers; 2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.
"Object-oriented programming is the most successful programming paradigm. Relational database man... more "Object-oriented programming is the most successful programming paradigm. Relational database management systems are the most successful data storage components. Despite their individual successes and their desirable tight binding, they rely on different points of view about data entailing difficulties on their integration. Some solutions have been proposed to overcome these difficulties, such as Embedded SQL, object/relational mappings (O/RM), language extensions and even Call Level Interfaces (CLI), as JDBC and ADO.NET. In this paper we present a new model aimed at integrating object-oriented languages and relational databases, named CRUD Data Object Model (CRUD-DOM). CRUDDOM relies on CLI (JDBC) and aims not only at exploring
CLI advantages as preserving its performance and SQL expressiveness but also on providing a typestate approach for the implementation of the ResultSet interface. The model design aims to facilitate the development of automatic code generation tools. We also present such a tool, called CRUD Manager (CRUD-M), which provides automatic code generation with a complementary support for software maintenance. This paper shows that CRUD-DOM is an effective model to address the aforementioned objectives. "
The development of database applications comprises three different tiers: application tier, datab... more The development of database applications comprises three different tiers: application tier, database tier and finally the middle tier also known as the data access layer. The development of each tier per-se entails many challenges. Very often the most difficult challenges to be addressed derive from non-functional requirements, as productivity, usability, performance, reliability, high-availability and transparency. This paper is focused on defining and presenting a model for the data access layer aimed to integrate object-oriented application tiers and relational database tiers. The model addresses situations on which users need to explicitly write down complex static Create, Read, Update and Delete (CRUD) expressions and simultaneously get advantages regarding some non-functional requirements. The model, known as CRUD Data Object Model (CRUD-DOM), tackles the following nonfunctional requirements: performance, usability and productivity. The main contributions of this paper are threefold: 1) to present the CRUD-DOM model; 2) to carry out an enhanced performance assessment based on a case study; 3) to present a tool, called CRUD Manager (CRUD-M), which provides automatic code generation with complementary support for software test and maintenance. The main outcome of this paper is the evidence that the pair CRUD-DOM and CRUD-M effectively addresses productivity, performance and usability requirements in the aforementioned context.
Call Level Interfaces (CLI) are software API used for building business tiers of relational datab... more Call Level Interfaces (CLI) are software API used for building business tiers of relational database applications whenever performance is a key requirement. Nevertheless, their use is cumber-some, mainly in large database applications with many and complex Create, Read, Update and Delete (CRUD) expressions. CLI are low level API conveying several difficulties during the development process of relational business tiers. Four of them are herein emphasized: 1) Programmers need to master the schemas of the underlying databases; 2) the same CRUD expression is frequently re-written to address different business needs; 3) CLI are not suited to cope with evolving business tiers and, finally, 4) CLI do not provide any feature to decouple development process of relational business tiers from the development process of application tiers. To tackle these difficulties, this paper proposes an architecture for building reusable relational business tier components based on CLI herein referred to as the Reusable Business Tier Architecture (RBTA). It relies on a customizable wide typed service to address a business area, such as accountability. The typed service is able to manage CRUD expressions, deployed at runtime, on behalf of application tiers and in accordance with users’ needs. The only constraint is that the required service to manage each CRUD expression must be a sub-set of the implemented wide typed service. A proof of concept is also presented.
""Currently, programmers of database applications use standard API
and frameworks as artifacts t... more ""Currently, programmers of database applications use standard API
and frameworks as artifacts to develop business tiers aimed at integrating the object-oriented and the relational paradigms. These artifacts provide programmers with the necessary services to develop business tiers. In this paper we propose a new architecture based on general Call Level Interfaces from which reusable and Adaptable Business tier Components (ABC) may be developed. Each individual ABC component is able to manage SQL statements of any complexity, deployed at run-time, and also to provide tailored services to each SQL statement. To accomplish this goal, the only requirement is that the schema of each deployed SQL statement must be in conformance with one of the pre-defined static schemas (interfaces) of the recipient ABC component. The main contributions of this paper are threefold: 1) to present the new architecture based on general Call Level Interfaces on which ABC components are based, 2) to show that the source code of ABC components may be automatically built by a tool and 3) to present a concrete example of ABC based on JDBC. The main outcome of this paper is the evidence that the presented architecture is an effective approach to build reusable and adaptable business tiers components to bridge the object-oriented and the relational paradigms. ""
Call Level Interfaces (CLI) are low level API aimed at providing services to connect two main com... more Call Level Interfaces (CLI) are low level API aimed at providing services to connect two main components in database applications: client applications and relational databases. Among their functionalities, the ability to manage data retrieved from databases is emphasized. The retrieved data is kept in local memory structures that may be permanently connected to the host database. Client applications, beyond the ability to read their contents, may also execute Insert, Update and Delete actions over the local memory structures, following specific protocols. These protocols are row (tuple) oriented and, while being executed, cannot be preempted to start another protocol. This restriction leads to several difficulties when applications need to deal with several tuples at a time. The most paradigmatic case is the impossibility to cope with concurrent environments where several threads need to access to the same local memory structure instance, each one pointing to a different tuple and executing its particular protocol. To overcome the aforementioned fragility, a Concurrent Tuple Set Architecture (CTSA) is proposed to manage local memory structures. A performance assessment of a Java component based on JDBC (CLI) is also carried out and compared with a common approach. The main outcome of this research is the evidence that in concurrent environments, components relying on the CTSA may significantly improve the overall performance when compared with solutions based on standard JDBC API.
Uploads
Papers by Rui Aguiar
(JDBC) is also presented.
aimed at bridging the object-oriented and the relational paradigms. The component, referred to here as Business Tier Component, provides a single wide range static interface able to manage a set of Create, Read, Update and Delete (CRUD) expressions, deployed at runtime and of any complexity, on behalf of application tiers. The only constraint is that the required interface to manage each CRUD expression must be a super-interface of the provided wide range interface. The main research challenge of this paper is the definition of an architecture for reusable components aimed at managing dynamically a set of CRUD expressions, deployed at runtime, on behalf of application tiers. "
are executed on data retrieved by Select expressions. A proof of
concept is also presented. It uses an access control platform previously developed, which lacks the key issue of this paper. The collected results show that the presented approach is an effective solution to enforce access control policies at the level of runtime values that are used to interact with data residing in relational databases.
instance of the ResultSet in a concurrent fashion and can be simultaneously connected to the underlying database. The main contributions of this paper are twofold: i) the design of an Enhanced ResultSet Component to provide a concurrent access to relational databases; ii) the evaluation of its performance. The Enhaced ResultSet performance will be assessed in a real scenario. The outcome shows that the gain in performance may increase until 80%. "
users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.
CLI advantages as preserving its performance and SQL expressiveness but also on providing a typestate approach for the implementation of the ResultSet interface. The model design aims to facilitate the development of automatic code generation tools. We also present such a tool, called CRUD Manager (CRUD-M), which provides automatic code generation with a complementary support for software maintenance. This paper shows that CRUD-DOM is an effective model to address the aforementioned objectives. "
and frameworks as artifacts to develop business tiers aimed at integrating the object-oriented and the relational paradigms. These artifacts provide programmers with the necessary services to develop business tiers. In this paper we propose a new architecture based on general Call Level Interfaces from which reusable and Adaptable Business tier Components (ABC) may be developed. Each individual ABC component is able to manage SQL statements of any complexity, deployed at run-time, and also to provide tailored services to each SQL statement. To accomplish this goal, the only requirement is that the schema of each deployed SQL statement must be in conformance with one of the pre-defined static schemas (interfaces) of the recipient ABC component. The main contributions of this paper are threefold: 1) to present the new architecture based on general Call Level Interfaces on which ABC components are based, 2) to show that the source code of ABC components may be automatically built by a tool and 3) to present a concrete example of ABC based on JDBC. The main outcome of this paper is the evidence that the presented architecture is an effective approach to build reusable and adaptable business tiers components to bridge the object-oriented and the relational paradigms. ""