Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content

    Harigovind Ramasamy

    Papers
    Parsimonious Asynchronous Byzantine-Fault-Tolerant Atomic Broadcastmore
    by Harigovind Ramasamy
    ... atomic broadcast protocol that is suitable for building highly available and intrusion-tolerantservices in the ... system that the adversary can exploit, for example, through denial-of-service attacks. ... polynomial-time feasibility... more
    ... atomic broadcast protocol that is suitable for building highly available and intrusion-tolerantservices in the ... system that the adversary can exploit, for example, through denial-of-service attacks. ... polynomial-time feasibility of randomized agreement [5,6,7] and atomic broadcast [8 ...
    Publication Date: 2006
    Publication Name: Lecture Notes in Computer Science
    Research Interests:
    Download (.pdf)
    Enhancing Grid Security Using Trusted Virtualizationmore
    by Harigovind Ramasamy and Stefan Schulz
    Publication Date: 2007
    Publication Name: Lecture Notes in Computer Science
    Research Interests:
    Download (.pdf)
    Architecting Dependable and Secure Systems Using Virtualizationmore
    by Harigovind Ramasamy and Axel Tanner
    Publication Date: 2008
    Publication Name: Lecture Notes in Computer Science
    Research Interests:
    Download (.pdf)
    DEPENDABLE AND SECURE COMPUTINGmore
    by Harigovind Ramasamy
    Anomaly Detection in Network Traffic Based on Statistical Inference and ��-Stable Modeling F. Simmross-Wattenberg, JI Asensio-P��rez, P. Casaseca-de-la-Higuera, M. Mart��n-Fern��ndez, IA Dimitriadis, and C. Alberola-L��pez... more
    Anomaly Detection in Network Traffic Based on Statistical Inference and ��-Stable Modeling F. Simmross-Wattenberg, JI Asensio-P��rez, P. Casaseca-de-la-Higuera, M. Mart��n-Fern��ndez, IA Dimitriadis, and C. Alberola-L��pez ................................................................. ..................................................................................... ... ... Efficient Fault Detection and Diagnosis in Complex Software Systems with Information-Theoretic Monitoring M. Jiang, MA Munawar, T. Reidemeister, and PAS Ward...............................................................................................
    Research Interests:
    Declarative Security Specification of Virtual Networksmore
    by Harigovind Ramasamy
    Page 18. Declarative Security Specification of Virtual Networks (Position Paper) Serdar Cabuk Chris I. Dalton Hewlett-Packard Labs, Bristol, United Kingdom serdar. cabuk@ hp. com, cid@ hp. com HariGovind Ramasamy IBM ...
    System and method for automatically discovering security classification of hostsmore
    by Harigovind Ramasamy
    The coBFIT toolkitmore
    by Harigovind Ramasamy
    Flexible integrity protection and verification architecture for virtual machine monitorsmore
    by Harigovind Ramasamy
    Managing business health in the presence of malicious attacksmore
    by Birgit Pfitzmann, Zbigniew Kalbarczyk, and Harigovind Ramasamy
    ABSTRACT Business metrics play a critical role in determining the best system-level configuration to achieve an organizational business-level goal. We present a framework for reasoning about business-level implications of malicious... more
    ABSTRACT Business metrics play a critical role in determining the best system-level configuration to achieve an organizational business-level goal. We present a framework for reasoning about business-level implications of malicious attacks affecting information technology (IT) systems that underlie various business processes. Through an exemplar web-based retail company scenario, we demonstrate how to quantify both the relative value of the individual business processes, and the relative cost to the business caused by breach of key security properties. The framework allows for mapping business-level metrics to IT system-level metrics, and uses a combination of those metrics to recommend optimal response actions and to guide recovery from security attacks. We validate the framework against three high-impact attack classes common in such web-based retail company situations.
    Publication Date: 2011
    Publication Name: 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W)
    The coBFIT toolkitmore
    by Harigovind Ramasamy
    Publication Date: 2007
    Publication Name: Proceedings of the twenty-sixth annual ACM symposium on Principles of distributed computing - PODC '07
    Research Interests:
    Download (.pdf)
    Parsimony-Based Approach for Obtaining Resource-Efficient and Trustworthy Executionmore
    by Harigovind Ramasamy
    We propose a resource-e-cient way to execute requests in Byzantine-fault-tolerant replication that is particularly well-suited for services in which request processing is resource-intensive. Previous ef- forts took a failure-masking... more
    We propose a resource-e-cient way to execute requests in Byzantine-fault-tolerant replication that is particularly well-suited for services in which request processing is resource-intensive. Previous ef- forts took a failure-masking all-active approach of using all 2t+1 execu- tion replicas to execute all requests, where t is the maximum number of failures tolerated. We describe an asynchronous execution protocol that combines failure
    Publication Date: 2005
    Publication Name: Lecture Notes in Computer Science
    Research Interests:
    CoBFIT: A component-based framework for intrusion tolerancemore
    by Harigovind Ramasamy
    In this paper, we present the architecture of CoBFIT, a component-based framework for building intrusion-tolerant distributed systems. The CoBFIT framework, by virtue of its design and implementation principles, can serve as a convenient... more
    In this paper, we present the architecture of CoBFIT, a component-based framework for building intrusion-tolerant distributed systems. The CoBFIT framework, by virtue of its design and implementation principles, can serve as a convenient base for building components that implement intrusion-tolerant protocols and for combining these com- ponents in an efficient manner to provide a number of ser- vices for dependability.
    Publication Date: 2004
    Publication Name: Proceedings. 30th Euromicro Conference, 2004.
    Research Interests:
    On the Latency Efficiency of Message-Parsimonious Asynchronous Atomic Broadcastmore
    by Harigovind Ramasamy
    Publication Date: 2007
    Publication Name: 2007 26th IEEE International Symposium on Reliable Distributed Systems (SRDS 2007)
    Research Interests:
    Download (.pdf)
    Application-storage discoverymore
    by Birgit Pfitzmann and Harigovind Ramasamy
    ABSTRACT Discovering application dependency on data and storage is a key prerequisite for many storage optimization tasks such as data assignment to storage tiers, storage consolidation, virtualization, and handling unused data. However,... more
    ABSTRACT Discovering application dependency on data and storage is a key prerequisite for many storage optimization tasks such as data assignment to storage tiers, storage consolidation, virtualization, and handling unused data. However, in the real world these dependencies are rarely known, and discovering them is a challenge because of virtualization at various levels and the need for discovery methods to be non-intrusive. As a result, many optimization tasks are performed, if at all, without the full knowledge of application-to-storage dependencies. This paper presents a non-intrusive application-to-storage discovery method, and while it is built on our prior work, the storage discovery described here is entirely new. We used this discovery method in two production enterprise environments, consisting of about 323 servers, and we show how the discovered data enables three optimization tasks. First, we relate application criticality with storage tiers. Second, we find unused storage devices and we show how this information together with storage consolidation can be used to achieve power savings of up to two orders of magnitude. Third, we identify opportunities for database storage optimization.
    Publication Date: 2010
    Publication Name: Proceedings of the 3rd Annual Haifa Experimental Systems Conference on - SYSTOR '10
    Research Interests:
    ITBVM: IT Business Value Modelermore
    by Birgit Pfitzmann and Harigovind Ramasamy
    Today, enterprise IT environments are complex as never before with individual applications, tiers, or technologies segregated into individual management domains. Typically, the value of business applications and the dependencies between... more
    Today, enterprise IT environments are complex as never before with individual applications, tiers, or technologies segregated into individual management domains. Typically, the value of business applications and the dependencies between business and IT objects and IT objects among each other is completely unknown or at least not up to date. Thus, ultimately, the business value of individual IT tasks is
    Publication Date: 2009
    Publication Name: 2009 IEEE International Conference on Services Computing
    Research Interests:
    Providing Intrusion Tolerance With ITUA 1more
    by Harigovind Ramasamy
    survive certain kinds of attacks. The goal of this paper is to introduce several features of the ITUA project that are illus-trated in a use scenario. Section 2 explains the importance of unpredictable adaptation in intrusion tolerance.... more
    survive certain kinds of attacks. The goal of this paper is to introduce several features of the ITUA project that are illus-trated in a use scenario. Section 2 explains the importance of unpredictable adaptation in intrusion tolerance. Section 3 presents the assumptions made by the ITUA project. The remaining sections address the ITUA architecture. In Sec-tion 4, we give a
    Publication Date: 2000
    Publication Name: Conference on Computer Networks
    Research Interests:
    An Ontology-Based Framework for Model-Driven Analysis of Situations in Data Centersmore
    by Harigovind Ramasamy, Ronnie Sarkar, and Rafah Hosn
    Publication Date: 2013
    Publication Name: 2013 IEEE International Conference on Services Computing
    Research Interests:
    Policy enforcement and compliance proofs for Xen virtual machinesmore
    by Harigovind Ramasamy
    Publication Date: 2008
    Publication Name: Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments - VEE '08
    Research Interests:
    Download (.pdf)
    Security-Aware Resource Allocation in Cloudsmore
    by Harigovind Ramasamy
    Publication Date: 2013
    Publication Name: 2013 IEEE International Conference on Services Computing
    Research Interests:
    Dependability and Performance Evaluation of Intrusion-Tolerant Server Architecturesmore
    by Harigovind Ramasamy
    Publication Date: 2003
    Publication Name: Lecture Notes in Computer Science
    Research Interests:
    Download (.pdf)
    Intrusion Tolerance Approaches in ITUA1more
    by Harigovind Ramasamy, Partha Pal, and Richard Schantz
    This paper presents an overviewand the key aspects of the ITUA project. We will describethe kind of attacks we are considering, how unpredictabilitycan be used for intrusion tolerance, the architecture ofthe intrusion tolerant system we... more
    This paper presents an overviewand the key aspects of the ITUA project. We will describethe kind of attacks we are considering, how unpredictabilitycan be used for intrusion tolerance, the architecture ofthe intrusion tolerant system we are envisioning, and theprotocols we are developing to obtain a group communicationsystem that tolerates the intrusions specified in theITUA project
    Publication Date: 2001
    Publication Name: Dependable Systems and Networks
    Research Interests:
    intrusion-tolerant applicationsmore
    by Harigovind Ramasamy, Partha Pal, and Michel Cukier
    SUMMARY Applications that are part of a mission-critical information system need to maintain a usable level of key services through ongoing cyber-attacks. In addition to the well- publicized denial of service (DoS) attacks, these... more
    SUMMARY Applications that are part of a mission-critical information system need to maintain a usable level of key services through ongoing cyber-attacks. In addition to the well- publicized denial of service (DoS) attacks, these networked and distributed applications are increasingly threatened by sophisticated attacks that attempt to corrupt system components and violate service integrity. While various approaches have been explored to deal with the DoS attacks, corruption-inducing attacks remain largely unaddressed. We have developed a collection of mechanisms based on redundancy, Byzantine fault tolerance, and adaptive middleware that help distributed, object-based applications tolerate corruption-inducing attacks. In this paper, we present the ITUA architecture which integrates these mechanisms in a framework for auto-adaptive intrusion-tolerant systems, and describe our experience in using the technology to defend a critical application that is part of a larger avionics system...
    Research Interests:
    Experiences with building an intrusion-tolerant group communication systemmore
    by Harigovind Ramasamy and Michel Cukier
    Publication Date: 2008
    Publication Name: Software: Practice and Experience
    Research Interests:
    Download (.pdf)
    An architecture for adaptive intrusion-tolerant applicationsmore
    by Harigovind Ramasamy and Michel Cukier
    Publication Date: 2006
    Publication Name: Software: Practice and Experience
    Research Interests:
    Download (.pdf)
    A Parsimonious Approach for Obtaining Resource-Efficient and Trustworthy Executionmore
    by Harigovind Ramasamy
    ... 9. Alfred J. Menezes , Scott A. Vanstone , Paul C. Van Oorschot, Handbook of Applied Cryptography, CRC Press, Inc., Boca Raton, FL ... 27. Navin Budhiraja , Keith Marzullo , Fred B. Schneider , Sam Toueg, The primary-backup approach,... more
    ... 9. Alfred J. Menezes , Scott A. Vanstone , Paul C. Van Oorschot, Handbook of Applied Cryptography, CRC Press, Inc., Boca Raton, FL ... 27. Navin Budhiraja , Keith Marzullo , Fred B. Schneider , Sam Toueg, The primary-backup approach, Distributed systems (2nd Ed.), ACM Press ...
    Publication Date: 2000
    Publication Name: IEEE Transactions on Dependable and Secure Computing
    Research Interests:
    Architecting dependable systems using virtualizationmore
    by Harigovind Ramasamy
    ... Under load conditions, the VMs can be seamlessly migrated (using live migration technology [6]) to a lightly loaded or a more powerful ... service running inside the VM is stateful, then additional techniques based on a combi-nation... more
    ... Under load conditions, the VMs can be seamlessly migrated (using live migration technology [6]) to a lightly loaded or a more powerful ... service running inside the VM is stateful, then additional techniques based on a combi-nation of VM checkpointing and VM live migration [6 ...
    Publisher: opentc.net
    Publication Date: 2007
    Publication Name: Workshop on Architecting Dependable …
    Research Interests:
    A group membership protocol for an intrusion-tolerant group communication systemmore
    by Harigovind Ramasamy
    ... my work and for their contribution to the ITUA project. I owe a big thanks to all the other PERFORM group members: Ryan, Kaustubh, Sudha, ... UIUC University of Illinois at Urbana-Champaign UCSB University of California at Santa... more
    ... my work and for their contribution to the ITUA project. I owe a big thanks to all the other PERFORM group members: Ryan, Kaustubh, Sudha, ... UIUC University of Illinois at Urbana-Champaign UCSB University of California at Santa Barbara LAN Local Area Network ...
    Publisher: Citeseer
    Publication Date: 2002
    Research Interests:
    Intrusion-Tolerant Parsimonious State Machine Replicationmore
    by Harigovind Ramasamy
    We describe a Byzantine-fault-tolerant state machine replication algorithm that reduces computation and commu- nication costs in the fault-free case, and is reasonably efficient even in the presence of faults. Such an algorithm is... more
    We describe a Byzantine-fault-tolerant state machine replication algorithm that reduces computation and commu- nication costs in the fault-free case, and is reasonably efficient even in the presence of faults. Such an algorithm is practically significant, because failures are the exception than the norm, and much of a system's runtime is fault-free. The algorithm is geared towards applications that require Byzantine-fault
    Research Interests:
    Download (.pdf)
    The Parsimonious Approach to Constructing Fault-Tolerant Protocolsmore
    by Harigovind Ramasamy
    Fault-tolerant distributed protocols, by definition, are designed with the worst in mind. This focus on tol-erating the worst often leads to expensive designs that overlook the practical observation that the occurrence of disruptions and... more
    Fault-tolerant distributed protocols, by definition, are designed with the worst in mind. This focus on tol-erating the worst often leads to expensive designs that overlook the practical observation that the occurrence of disruptions and failures is rare relative to the lifetime or mission periods of many systems. The class of opti-mistic fault-tolerant protocols leverages that observation and strives to achieve
    Publication Date: 2006
    Research Interests:
    A configurable CORBA gateway for providing adaptable system propertiesmore
    by Harigovind Ramasamy and Michel Cukier
    Mouna Seri*, Tod Courtney*, Michel Cukier**, Vishu Gupta*, Sudha Krishnamurthy*, James Lyons*, HariGovind V. Ramasamy*, Jennifer Ren‡, and William H. Sanders* ... *Coordinated Science Laboratory, Electrical and Computer Engineering... more
    Mouna Seri*, Tod Courtney*, Michel Cukier**, Vishu Gupta*, Sudha Krishnamurthy*, James Lyons*, HariGovind V. Ramasamy*, Jennifer Ren‡, and William H. Sanders* ... *Coordinated Science Laboratory, Electrical and Computer Engineering Department, and Computer ...
    Publication Date: 2002
    Research Interests:
    Stochastic Modeling of Intrusion-Tolerant Server Architectures for Dependability and Performance Evaluationmore
    by Harigovind Ramasamy
    Publication Date: 2003
    Research Interests:
    Download (.pdf)
    Formal verification of an intrusion-tolerant group membership protocolmore
    by Harigovind Ramasamy and Michel Cukier
    SUMMARY The traditional approach for establishing the correctness of group communication protocols is through rigor-ous arguments. While this is a valid approach, the likelihood of subtle errors in the design and implementation of such... more
    SUMMARY The traditional approach for establishing the correctness of group communication protocols is through rigor-ous arguments. While this is a valid approach, the likelihood of subtle errors in the design and implementation of such complex distributed protocols is not ...
    Publication Date: 2003
    Semi-passive replication in the presence of byzantine faultsmore
    by Harigovind Ramasamy
    Semi-passive replication is a variant of passive replication that does not rely on a group membership service. D´ efago et al. (4) defined the semi-passive replication concept in the crash fault model and described a semi-passive... more
    Semi-passive replication is a variant of passive replication that does not rely on a group membership service. D´ efago et al. (4) defined the semi-passive replication concept in the crash fault model and described a semi-passive replication algorithm based on a lazy consensus algorithm. In this paper, we consider semi- passive replication and lazy consensus for a Byzantine fault model.
    Publication Date: 2004
    Research Interests:
    Formal specification and verification of a group membership protocol for an intrusion-tolerant group communication systemmore
    by Harigovind Ramasamy and Michel Cukier
    We describe a group membership protocol that is part of an intrusion-tolerant group communication system, and present an effort to use formal tools to model and validate our protocol. We describe in detail the most difficult part of the... more
    We describe a group membership protocol that is part of an intrusion-tolerant group communication system, and present an effort to use formal tools to model and validate our protocol. We describe in detail the most difficult part of the validation exercise, which was the determination of ...
    Publication Date: 2002
    Research Interests:
    Download ()
    Intrusion tolerance approaches in ITUAmore
    by Harigovind Ramasamy
    Publication Date: 2001
    Download (.pdf)
    Quantifying the cost of providing intrusion tolerance in group communication systemsmore
    by Harigovind Ramasamy and Michel Cukier
    Publication Date: 2002
    Research Interests:
    Download (.pdf)
    Providing intrusion tolerance with ITUAmore
    by Harigovind Ramasamy
    Publisher: Citeseer
    Publication Name: Supplemental Volume Int. …
    Download (.pdf)
    Parsimonious service replication for tolerating malicious attacks in asynchronous environmentsmore
    by Harigovind Ramasamy
    ... fault injection scenarios. iii Page 4. To Rachel, Amma, Naina, and Ashok. iv Page 5. ... through the completion of this thesis. I am also very thankful to Rachel's family for their kindness and support. Finally, I would like to... more
    ... fault injection scenarios. iii Page 4. To Rachel, Amma, Naina, and Ashok. iv Page 5. ... through the completion of this thesis. I am also very thankful to Rachel's family for their kindness and support. Finally, I would like to thank my friends Nitin Aggarwal, Prof. Raghupathy Sivakumar, ...
    Publisher: Citeseer
    Publication Date: 2006
    Publication Name: University of Illinois at Urbana-Champaign, Champaign …
    Dependable Computing and Communications Symposium (DCCS)more
    by Harigovind Ramasamy and Christof Fetzer
    Flavio Junqueira (Yahoo, Spain) Zbigniew Kalbarczyk (UIUC, USA) Nagarajan Kandasamy (Drexel U., USA) Vana Kelogeraki (UC Riverside, USA) Sy-Yen Kuo (National Taiwan University, Taiwan) Fabio Martinelli (CNR, Pisa, Italy) Shivakant Mishra... more
    Flavio Junqueira (Yahoo, Spain) Zbigniew Kalbarczyk (UIUC, USA) Nagarajan Kandasamy (Drexel U., USA) Vana Kelogeraki (UC Riverside, USA) Sy-Yen Kuo (National Taiwan University, Taiwan) Fabio Martinelli (CNR, Pisa, Italy) Shivakant Mishra (U. Colorado, USA) Simin Nadjm-Tehrani (Linkoping U., Sweden) Takashi Nanya (U. Tokyo, Japan) Andras Pataricza (BUTE, Hungary) Michael Paulitsch (EADS Innovation Works, Germany) Leonardo Querzoni (U. Rome, Italy) Hari-Govind Ramasamy (IBM, USA) Michael Reiter (U. North Carolina ...
    Towards automated security policy enforcement in multi-tenant virtual data centersmore
    by Harigovind Ramasamy
    Virtual data centers allow the hosting of virtualized infrastructures (networks, storage, machines) that belong to several customers on the same physical infrastructure. Virtualization theoretically provides the capability for sharing the... more
    Virtual data centers allow the hosting of virtualized infrastructures (networks, storage, machines) that belong to several customers on the same physical infrastructure. Virtualization theoretically provides the capability for sharing the infrastructure among ...
    Publication Date: 2010
    Publication Name: Journal of Computer Security
    Research Interests:
    Towards automated identification of security zone classification in enterprise networksmore
    by Birgit Pfitzmann, Harigovind Ramasamy, and Nikolai Joukov
    Knowledge of the security zone classification of devices in an enterprise information technology (IT) infrastruc-ture is essential in many enterprise IT transformation and optimization activities. We describe a systematic and... more
    Knowledge of the security zone classification of devices in an enterprise information technology (IT) infrastruc-ture is essential in many enterprise IT transformation and optimization activities. We describe a systematic and semi-automated approach for discovering the security zone classification of devices in an enterprise network. For reduced interference with normal operation of the IT infrastructure, our approach is structured in stages, each consisting of two phases: one phase involves collecting information about actually allowed network flows, fol-lowed by an analysis phase. As part of our approach, we describe an elimination-based inference algorithm. We also present an alternative to the algorithm based on the Constraint Satisfaction Problem, and explore trade-offs between the two. Using a case study, we demonstrate the validity of our approach.
    -
    by 30-day views
    -
    total views
    -
    followers
    Related Authors
    Miguel Correia
    Miguel Correia
    Moses Liskov
    Vincent Gramoli
    Houssam Yactine
    Mohammad Sadoghi
    Shlomi Dolev
    Ivan Visconti
    Murali Reddy
    Gennady Laventman