Secure Concurrency Control in Firm Real-Time Database Systems

Many real-time database applications arise in electronic financial services, safety-critical installations and military systems where enforcing security is crucial to the success of the enterprise. For real-time database systems supporting applications with firm deadlines, we investigate here the performance implications, in terms of killed transactions, of guaranteeing multilevel secrecy. In particular, we focus on the concurrency control (CC) aspects of this issue. Our main contributions are the following: First, we identify which among the previously proposed real-time CC protocols are capable of providing covert-channel-free security. Second, using a detailed simulation model, we profile the real-time performance of a representative set of these secure CC protocols for a variety of security-classified workloads and system configurations. Our experiments show that a prioritized optimistic CC protocol, OPT-WAIT, provides the best overall performance. Third, we propose and evaluate a novel "dual-CC" approach that allows the real-time database system to simultaneously use different CC mechanisms for guaranteeing security and for improving real-time performance. By appropriately choosing these different mechanisms, concurrency control protocols that provide even better performance than OPT-WAIT are designed. Finally, we propose and evaluate GUARD, an adaptive admission-control policy designed to provide fairness with respect to the distribution of killed transactions across security levels. Our experiments show that GUARD efficiently provides close to ideal fairness for real-time applications that can tolerate covert channel bandwidths of upto one bit per second.

Pinwheel Scheduling for Fault-tolerant Broadcast Disks in Real-time Database Systems

The design of programs for broadcast disks which incorporate real-time and fault-tolerance requirements is considered. A generalized model for real-time fault-tolerant broadcast disks is defined. It is shown that designing programs for broadcast disks specified in this model is closely related to the scheduling of pinwheel task systems. Some new results in pinwheel scheduling theory are derived, which facilitate the efficient generation of real-time fault-tolerant broadcast disk programs.

Speculative Concurrency Control for Real-Time Databases

In this paper, we propose a new class of Concurrency Control Algorithms that is especially suited for real-time database applications. Our approach relies on the use of (potentially) redundant computations to ensure that serializable schedules are found and executed as early as possible, thus, increasing the chances of a timely commitment of transactions with strict timing constraints. Due to its nature, we term our concurrency control algorithms Speculative. The aforementioned description encompasses many algorithms that we call collectively Speculative Concurrency Control (SCC) algorithms. SCC algorithms combine the advantages of both Pessimistic and Optimistic Concurrency Control (PCC and OCC) algorithms, while avoiding their disadvantages. On the one hand, SCC resembles PCC in that conflicts are detected as early as possible, thus making alternative schedules available in a timely fashion in case they are needed. On the other hand, SCC resembles OCC in that it allows conflicting transactions to proceed concurrently, thus avoiding unnecessary delays that may jeopardize their timely commitment.

Real-Time Databases: Issues and Applications (RTDB'96 Workshop Report)

This report summarizes the technical presentations and discussions that took place during RTDB'96: the First International Workshop on Real-Time Databases, which was held on March 7 and 8, 1996 in Newport Beach, California. The main goals of this project were to (1) review recent advances in real-time database systems research, (2) to promote interaction among real-time database researchers and practitioners, and (3) to evaluate the maturity and directions of real-time database technology.

Real-Time Mutable Broadcast Disks

There is an increased interest in using broadcast disks to support mobile access to real-time databases. However, previous work has only considered the design of real-time immutable broadcast disks, the contents of which do not change over time. This paper considers the design of programs for real-time mutable broadcast disks - broadcast disks whose contents are occasionally updated. Recent scheduling-theoretic results relating to pinwheel scheduling and pfair scheduling are used to design algorithms for the efficient generation of real-time mutable broadcast disk programs.

Architecture for real-time coordination of multiple autonomous mobile units

Interest on using teams of mobile robots has been growing, due to their potential to cooperate for diverse purposes, such as rescue, de-mining, surveillance or even games such as robotic soccer. These applications require a real-time middleware and wireless communication protocol that can support an efficient and timely fusion of the perception data from different robots as well as the development of coordinated behaviours. Coordinating several autonomous robots towards achieving a common goal is currently a topic of high interest, which can be found in many application domains. Despite these different application domains, the technical problem of building an infrastructure to support the integration of the distributed perception and subsequent coordinated action is similar. This problem becomes tougher with stronger system dynamics, e.g., when the robots move faster or interact with fast objects, leading to tighter real-time constraints. This thesis work addressed computing architectures and wireless communication protocols to support efficient information sharing and coordination strategies taking into account the real-time nature of robot activities. The thesis makes two main claims. Firstly, we claim that despite the use of a wireless communication protocol that includes arbitration mechanisms, the self-organization of the team communications in a dynamic round that also accounts for variable team membership, effectively reduces collisions within the team, independently of its current composition, significantly improving the quality of the communications. We will validate this claim in terms of packet losses and communication latency. We show how such self-organization of the communications can be achieved in an efficient way with the Reconfigurable and Adaptive TDMA protocol. Secondly, we claim that the development of distributed perception, cooperation and coordinated action for teams of mobile robots can be simplified by using a shared memory middleware that replicates in each cooperating robot all necessary remote data, the Real-Time Database (RTDB) middleware. These remote data copies, which are updated in the background by the selforganizing communications protocol, are extended with age information automatically computed by the middleware and are locally accessible through fast primitives. We validate our claim showing a parsimonious use of the communication medium, improved timing information with respect to the shared data and the simplicity of use and effectiveness of the proposed middleware shown in several use cases, reinforced with a reasonable impact in the Middle Size League of RoboCup.

Development of hardware in the loop real-time control techniques for hybrid power systems involving distributed demands and sustainable energy sources

The future power grid will effectively utilize renewable energy resources and distributed generation to respond to energy demand while incorporating information technology and communication infrastructure for their optimum operation. This dissertation contributes to the development of real-time techniques, for wide-area monitoring and secure real-time control and operation of hybrid power systems. ^ To handle the increased level of real-time data exchange, this dissertation develops a supervisory control and data acquisition (SCADA) system that is equipped with a state estimation scheme from the real-time data. This system is verified on a specially developed laboratory-based test bed facility, as a hardware and software platform, to emulate the actual scenarios of a real hybrid power system with the highest level of similarities and capabilities to practical utility systems. It includes phasor measurements at hundreds of measurement points on the system. These measurements were obtained from especially developed laboratory based Phasor Measurement Unit (PMU) that is utilized in addition to existing commercially based PMU’s. The developed PMU was used in conjunction with the interconnected system along with the commercial PMU’s. The tested studies included a new technique for detecting the partially islanded micro grids in addition to several real-time techniques for synchronization and parameter identifications of hybrid systems. ^ Moreover, due to numerous integration of renewable energy resources through DC microgrids, this dissertation performs several practical cases for improvement of interoperability of such systems. Moreover, increased number of small and dispersed generating stations and their need to connect fast and properly into the AC grids, urged this work to explore the challenges that arise in synchronization of generators to the grid and through introduction of a Dynamic Brake system to improve the process of connecting distributed generators to the power grid.^ Real time operation and control requires data communication security. A research effort in this dissertation was developed based on Trusted Sensing Base (TSB) process for data communication security. The innovative TSB approach improves the security aspect of the power grid as a cyber-physical system. It is based on available GPS synchronization technology and provides protection against confidentiality attacks in critical power system infrastructures. ^

使用容量指标的安全实时数据库信道限制方法

依据可信计算机系统评测标准(TCSEC)要求,提出一种使用信道容量指标的安全实时数据库中数据竞争信道的限制方法(CUCCMM),给出了限制过程中信道容量度量算法和限制参数计算方法。为了保证系统的信道容量限制标准的准确执行,提出了一种基于多概率的并发控制协议选择策略(MPBPSP)。实验结果证明CUCCMM方法可以有效地、准确地实施对隐蔽信道容量的限制,并且通过使用MPBPSP策略显著降低了信道限制操作对系统实时性能的影响。

短消息指标新定义及在事务信道限制中的应用

短消息指标可以度量隐蔽信道的短消息传输能力,是信道容量的必要补充.但指标现有定义中还存在着以下问题:消息长度参数在普通信息系统中不能定量分析;信道限制机制难以同时满足传输时间和保真度两个约束;没有包含消息的敏感度信息.针对这些问题,首先通过引入短消息传输价值的概念,给出了短消息指标的新定义.在该定义中,利用价值阈值统一表示系统对信道短消息传输能力的容忍程度,并且在所采用的价值函数中引入了消息的敏感度因素.其后,基于安全实时数据库应用场景给出了结合短消息指标和信道容量的事务隐蔽信道度量和限制机制.理论分析和模拟结果表明,基于短消息指标的新定义,系统可以对隐蔽信道威胁实施全面的度量和可调节的限制.

安全实时数据库隐蔽信道度量和处理技术研究

军事和经济等关键领域的数据应用需要安全实时数据库（SRTDB）提供安全和实时保障，但是隐蔽信道严重威胁着安全实时数据库的表现。如何有效地限制隐蔽信道威胁，同时保障系统的实时性能，是这类数据库迫切需要解决的问题。本文从信道限制、信道容量度量、多种度量指标结合以及信道检测四个方面入手，对安全实时数据库中数据冲突信道（DC信道）度量和处理领域出现的若干关键问题展开研究，取得了以下四个方面的主要成果： 第一，已有的SRTDB系统DC信道处理方法中，基于相对安全目标的信道限制方法能够支持安全和实时需求的均衡，比基于绝对安全目标的消除方法更灵活。在信道限制方法中，基于概率的限制方法降低了满足安全标准时信道限制操作所附加的实时性能损失，但是仍然存在实时性能的额外浪费。针对这一不足，提出了基于多概率的信道限制策略（MPBPSP），能够根据系统安全标准针对每个信道实例施加适当干扰，进一步减少了实时性能的损失。 第二，信道威胁的准确度量是对信道施加适当限制的基础。依据安全评测标准要求，提出了一种使用容量指标的DC信道威胁限制方法（CUCCMM）。该方法克服了已有信道容量限制方法在信道模型描述和度量指标上的缺陷，采用Z信道模型描述MPBPSP方法下DC信道的传输特性，并选择时间单位的容量指标。方法中以定理形式分别给出了干扰下信道容量度量算法，以及根据容量限制标准计算限制措施参数的算法。基于CUCCMM，系统能够准确地实施信道容量限制标准，并对限制下信道的实际容量进行监测。 第三，多种因素共同决定着信道威胁的程度，这些因素对应的度量指标也各有偏重，只有结合多种指标才能全面的度量和限制信道威胁。提出了综合多个指标的DC信道威胁度量和限制方法CMMA，它结合容量和短消息指标度量信道传输能力，并利用消息价值概念在短消息指标中同时包含被传输数据的长度和敏感度属性。实验证明，利用MPBPSP策略，CMMA方法能够同时对信道传输长文件和传输短消息这两方面能力施加限制，并且方法中多个指标的运用并不会带来实时性能损失的成倍增长。 第四，为了威慑入侵者并为限制信道威胁提供准确的依据，需要对信道的实际使用进行审计和检测。提出了对事务冲突信息的审计标准，并且按照用户和数据两种单位划分审计记录，有效地防止入侵者通过分散冲突记录的方式逃避检测。提出了一种基于冲突间隔时间的信道检测方法CTIBDA，方法中将冲突间隔时间的规律性作为检测的依据，并结合两种规律性指标提高了检测方法的健壮性。由于检测方法中没有复杂的学习和运算过程，因此方法还具有实施代价低的优点。

Real-time magnetic resonance imaging and electromagnetic articulography database for speech production research (TC)

USC-TIMIT is an extensive database of multimodal speech production data, developed to complement existing resources available to the speech research community and with the intention of being continuously refined and augmented. The database currently includes real-time magnetic resonance imaging data from five male and five female speakers of American English. Electromagnetic articulography data have also been presently collected from four of these speakers. The two modalities were recorded in two independent sessions while the subjects produced the same 460 sentence corpus used previously in the MOCHA-TIMIT database. In both cases the audio signal was recorded and synchronized with the articulatory data. The database and companion software are freely available to the research community. (C) 2014 Acoustical Society of America.

True real-time change data capture with web service database encapsulation

This research is investigating the claim that Change Data Capture (CDC) technologies capture data changes in real-time. Based on theory, our hypothesis states that real-time CDC is not achievable with traditional approaches (log scanning, triggers and timestamps). Traditional approaches to CDC require a resource to be polled, which prevents true real-time CDC. We propose an approach to CDC that encapsulates the data source with a set of web services. These web services will propagate the changes to the targets and eliminate the need for polling. Additionally we propose a framework for CDC technologies that allow changes to flow from source to target. This paper discusses current CDC technologies and presents the theory about why they are unable to deliver changes in real-time. Following, we discuss our web service approach to CDC and accompanying framework, explaining how they can produce real-time CDC. The paper concludes with a discussion on the research required to investigate the real-time capabilities of CDC technologies. © 2010 IEEE.