PhD thesis abstracts

September 2009

PhD thesis abstracts

Arne Munch-Ellingsen

An Extensible, Pervasive Systems, Application Server

Pervasive systems, with their interconnected mesh of devices, have some similarities, but pervasive systems are mostly diverse and will certainly change over time. Within these pervasive systems, the applications come in many varieties (e.g: context aware, QoS aware, multimedia, realtime, games, discrete, ubiquitous and domain specific as in health care applications, tourist application, etc.). The users expect that the applications are available on many devices (stationary and mobile and sometimes even ubiquitous).

Progress has been made in many of the research areas in pervasive computing. We have seen proposed solutions to service discovery, context modeling, semantic representation of context, etc. On the downside, many of these solutions have been designed ad-hoc as prototypes to illustrate proof of concept. To make the solutions commonly available we need a programming environment that can be extended to include solutions to well known problems so that the solutions can be reused in future application development.

Unfortunately, many of the existing middleware systems are too complex (due to their general purpose nature) and are therefore not a good match for pervasive application development. The goal of the thesis has been to design and implement a middleware system that is capable of extending itself with new solutions to functional and non functional pervasive system requirements. Because of the diversity in pervasive applications the detailed requirements for pervasive middleware technologies will vary significantly across the difierent application domains. As a result, a supporting pervasive middleware must at least meet these high level requirements:

  • Extensible: Since both the underlying pervasive system and pervasive applications will change (evolve) over time the middleware needs to be able to adapt accordingly(e.g. meet the changing requirements).
  • Promote modularization and reuse: Recurring solutions to both functional and non functional requirements should be part of the (evolving) offerings of the middleware. Modularization promotes separation of concerns and enables reuse of solutions to functional and non functional requirements.
  • Tailored: Not all pervasive application domains need the same support from the middleware. It should therefore be possible to tailor the middleware to your needs.
  • Lightweight: Many current container middleware systems try to solve all thinkable functional and non functional requirements and this makes them very complex. A lightweight yet extensible middleware will make it easier to understand how the middleware itself is designed and how it should be used.
  • Easy to use: The abstractions made available by the middleware should be easy to use (i.e. the programming model should be simple). Extending the middleware should also be easy (i.e. should not require that you inspect and understand thousands of lines of internal code in the middleware as is the case with existing middleware systems that have not been designed to be intrinsically extensible).
  • Monitoring and Control: Middleware introduces a level between the underlying system and the applications and it is necessary to be able to monitor and control the middleware layer in order to ensure proper behavior.

The global aim of this thesis is to investigate what it takes in terms of principles and patterns to create a container based middleware platform suitable for development of applications in the small scale and personal application domain (i.e. fulfilling the outlined high level requirements). The meaning of the term container based as used in the thesis is:

  • The middleware has its own lifecycle (e.g. it exists as a separate entity).
  • The middleware supports a deployment mechanism in order to add applications or services to it (i.e. the middleware can be viewed as a container that you can put applications and services into).
  • The middleware persists even if no applications or services are contained within it.

The personal application domain is defined to be applications revolving around you as a person, using information relative to you (context) to deliver personalized services. It is envisioned that some of the personal information may be retrieved using sensors that measure something in your environment or something about you. It is also envisioned that parts of the personal services will be delivered to you by the use of your mobile phone or other devices that you carry with you all the time.

The aim is to develop a middleware that hides some aspects of the complexity in the "real world" (e.g. a pervasive system of networks and devices). The middleware needs to be extensible in order to adapt to enhancements and changes in the "real world". The extendability is provided through services that can be added/modified/deleted to/from the middleware. S1, S2, etc. are examples of such services. Some of the services provide abstractions over persistence, some provide abstractions over telecom services and some provide abstractions over the pervasive system of networks and devices (i.e. sensors). Services may use abstractions provided by other services in the middleware. The middleware is thus extensible both "upwards" (towards end user application GUIs) and "downwards" (towards the "real world").

The following ma jor contributions have been made and they are described in more detail in the thesis.

  1. It has been proven that it is possible to support extensibility in this type of container based middleware by usage of a policy free microkernel that supports deployable extensions in the form of self contained system services.
  2. It has been proven that a lightweight IPO+S based context management strategy is suficient to realize advanced context management in this type of container based middleware system. The lightweight model can further be extended using the extensibility mechanisms provided by the middleware.
  3. It has been proven that a programming model based on POJO components and annotations to express metadata is suficient to provide a straight forward and easy to use programming model to express components in this type of middleware.
  4. It has been proven that in this type of middleware it is possible to express component composition through usage of explicitly expressed dependencies at deploy time together with chain class loading (of dependent components and their dependent components classes) and dependency injection at runtime. The middleware kernel supported dependency injection mechanism is triggered by usage of annotations in the POJO code.

Advisor(s): Anders Andersen (supervisor), Gordon Blair (supervisor), Valerie Issarny (opponent), Carsten Griwodz (opponent), Weihai Yu (opponent)

SIG MM member(s): Anders Andersen, Carsten Griwodz

ISBN number: 978-82-92461-96-9

M. Shamim Hossain

Towards a Biologically-Inspired Framework for Multimedia Service Management

The advent of service-oriented architecture (SOA), internet and ubiquitous delivery tech-nology has resulted in multimedia services (e.g. repurposing, streaming and conferencing services) being accessible at any time, from any device, through any network. However, there are still some problems related to heterogeneity, scalability and QoS demand of the management of such multimedia services. Some of the existing solutions are centralized, which evolve scalability problems in terms of the number of concurrent requests for the target service composition. Other solutions are distributed, which depend on the use of traditional algorithms (e.g. Dijkstra, Bellman Ford). Such distributed solutions also use replicated services, which can also result in scalability problems for large networks.

In order to mitigate the above problems, this dissertation proposes a framework for multimedia service management that is based on a biologically-inspired approach. It utilizes an ant-colony-based selection algorithm for collecting the QoS requirements from the individual repurposing service in order to select the most suitable one for the desired composition process, which ensures higher scalability and efficient load balancing. It also develops a QoS-aware service selection algorithm for a multimedia repurposing service. The proposed framework's performance is validated through both simulation and proto-type implementation.

Advisor(s): Abdulmotaleb EL Saddik

SIG MM member(s): Abdulmotaleb EL Saddik, M. Shamim Hossain


Multimedia Communications Research Lab (MCRLab)

MCRLab adopted the vision of human-centred research: "i have aims" meaning, interactive Hapto-Audio-Visual Environments for Ambient Intelligent Media Semantics. Research at the Multimedia Communications Research Laboratory (MCRLab) is directed towards the dissemination of multimedia data through the internet in an efficient and secure manner. Our goal is to increase the usability and universal access of advanced media such as haptics and smell in a seamless way and to develop new systems to achieve that goal. In particular, current research is oriented towards Multimedia communications, Tele-Collaborative Environments, Peer-to-Peer Protocols, Media Streaming, Applications in arts, tele-medicine, and tele-operation.

William Conner

Session Management for Accountability in Distributed Multimedia Services

Internet-based multimedia applications (e.g., voice-over-IP, instant messaging, and video conferencing) are continuing to grow in importance as more people depend on such applications for personal and professional communications. Although performance is almost always a concern with multimedia systems that must satisfy quality-of-service (QoS) constraints, security is also a major requirement given the increasing criticality of such applications. For example, businesses might depend on Internet telephony to reach customers while governments might depend on video streaming to disseminate information. For distributed multimedia services, in addition to the traditional security properties (confidentiality, integrity, and availability), accountability is also important to complement perimeter defenses. Accounting for user actions within the system enables the development of higher-level security services.

This dissertation will present the Kantoku framework, which includes several different accounting mechanisms for different environments ranging from single servers to server clusters to computing clouds. Our framework focuses on distributed multimedia services deployed in such environments. In particular, we will show how our Kantoku framework can be used to address the problem of transaction state overload on multimedia servers.

The primary attack that we consider throughout this dissertation is a novel denial-of-service attack that intentionally induces transaction state overload at multimedia servers. We refer to this attack as a Ringing-based denial-of-service attack. Unlike many denial-of-service attacks that rely on an increase in the incoming traffic rate, a Ringing-based denial-of-service attack only requires an increase in the transaction durations while the incoming traffic rate does not change. Such attacks cannot be detected by protection mechanisms that monitor the network traffic for anomalies. After briefly explaining some background information on the Session Initiation Protocol, we characterize transaction state accumulation during a Ringing-based denial-of-service attack both mathematically and empirically through extensive experiments.

The first solution to preventing transaction state overload that we present is a family of early termination algorithms that selectively terminate transactions suspected of causing transaction state overload in multimedia servers. This protection mechanism relies on per-transaction accounting at a single server. The three algorithms that we developed are thoroughly evaluated in the context of Ringing-based denial-of-service attacks with experiments on a local testbed.

As an alternative to early termination, we also developed two admission control algorithms that selectively reject transaction requests from users suspected of consuming more than their fair share of transaction resources among a group of multimedia servers. This protection mechanism relies on per-client accounting across a cluster of multimedia servers. The two algorithms that we developed are thoroughly evaluated in the context of Ringing-based denial-of-service attacks with experiments on a local testbed.

For service-oriented environments, we developed a distributed accounting architecture to implement accountability for distributed multimedia services. Specifically, our accounting architecture considers per-client monitoring for accounting across a potentially large number of nodes that are geographically distributed across a wide area network. Using the distributed accounting architecture, we built a reputation-based trust management framework that allows distributed multimedia services to share and retrieve relevant trust information that can be applied to their server-side access control decisions in a customized fashion. We briefly explain how the Ringing-based denial-of-service attack problem can be reduced to a reputation-based trust management problem. We also evaluate the performance of the implementation of our trust management framework both in terms of throughput and latency.

This dissertation makes contributions in three major areas. The first area is the introduction and detailed analysis of the Ringing-based denial-of-service attack, which is a type of malicious transaction state overload that targets multimedia servers running the Session Initiation Protocol. The second area includes early termination and admission control algorithms for specifically mitigating the effects of Ringing-based denial-of-service attacks. The final area includes our distributed accounting architecture and the reputation-based trust management system that uses this accounting architecture. Although our accounting architecture and reputation-based trust management system are applicable to many general problems related to accountability, we consider how they can be applied to the problem of Ringing-based denial-of-service attacks.

Advisor(s): Prof. Klara Nahrstedt (Advisor/Thesis Committee Chairperson), Prof. Nikita Borisov (Thesis Committee Member), Prof. Roy Campbell (Thesis Committee Member), Prof. Indranil Gupta (Thesis Committee Member), Dr. Arun Iyengar (Thesis Committee Member)

SIG MM member(s): Klara Nahrstedt


Multimedia Operating Systems and Networking Research Group

The Multimedia Operating Systems and Networking (MONET) Research Group, led by Professor Klara Nahrstedt in the Department of Computer Science at the University of Illinois at Urbana-Champaign, is engaged in research in various areas of distributed multimedia systems.

Research in the MONET research group focuses on system software issues to provide services and protocols for end-to-end Quality of Service (QoS) guarantees for distributed multimedia applications, leveraging the best effort services provided by the underlying operating system and networks. Toward this goal, we are doing research in a broad area including (but not limited to):

  • Multimedia operating systems
  • Multimedia communication protocols
  • QoS middleware and large scale distributed systems
  • Multimedia security and trustworthy computing systems
  • Advanced tele-immersive and multimedia applications
  • High speed QoS routing and ad hoc networks

Previous Section Table of Contents Next Section