%0 Journal Article %J Communications Magazine, IEEE %D 2011 %T A survey of virtual LAN usage in campus networks %A Yu,Minlan %A Rexford,J. %A Sun,Xin %A Rao,Sanjay %A Feamster, Nick %K academic department %K campus network %K educational computing %K Educational institutions %K Ethernet scalability %K Local area networks %K network policy support %K university campus %K virtual LAN usage %K VLAN %X VLANs are widely used in today's enterprise networks to improve Ethernet scalability and support network policies. However, manuals and textbooks offer very little information about how VLANs are actually used in practice. Through discussions with network administrators and analysis of configuration data, we describe how three university campuses and one academic department use VLANs to achieve a variety of goals. We argue that VLANs are ill-suited to some of these goals (e.g., VLANs are often used to realize access control policies, but constrain the types of policies that can be expressed). Furthermore, the use of VLANs leads to significant complexity in the configuration of network devices. %B Communications Magazine, IEEE %V 49 %P 98 - 103 %8 2011/07// %@ 0163-6804 %G eng %N 7 %R 10.1109/MCOM.2011.5936161 %0 Conference Paper %B 13th International Conference on Computer Communications and Networks, 2004. ICCCN 2004. Proceedings %D 2004 %T High-performance MAC for high-capacity wireless LANs %A Yuan Yuan %A Daqing Gu %A Arbaugh, William A. %A Jinyun Zhang %K 35 Mbit/s %K access protocols %K Aggregates %K Bandwidth %K batch transmission %K Computer science %K Educational institutions %K high-capacity wireless LAN %K high-performance MAC %K Laboratories %K Local area networks %K Media Access Protocol %K opportunistic selection %K Physical layer %K probability %K Throughput %K Wireless LAN %X The next-generation wireless technologies, e.g., 802.11n and 802.15.3a, offer a physical-layer speed at least an-order-of-magnitude higher than the current standards. However, direct application of current MACs leads to high protocol overhead and significant throughput degradation. In this paper, we propose ADCA, a high-performance MAC that works with high-capacity physical layer. ADCA exploits two ideas of adaptive batch transmission and opportunistic selection of high-rate hosts to simultaneously reduce the overhead and improve the aggregate throughput. It opportunistically favors high-rate hosts by providing higher access probability and more access time, while ensuring each low-rate host certain minimum amount of channel access time. Simulations show that the ADCA design increases the throughput by 112% and reduces the average delay by 55% compared with the legacy DCF. It delivers more than 100 Mbps MAC-layer throughput as compared with 35 Mbps offered by the legacy MAC %B 13th International Conference on Computer Communications and Networks, 2004. ICCCN 2004. Proceedings %I IEEE %P 167 - 172 %8 2004/10/11/13 %@ 0-7803-8814-3 %G eng %R 10.1109/ICCCN.2004.1401615 %0 Conference Paper %D 2001 %T A dynamic replica selection algorithm for tolerating timing faults %A Krishnamurthy, S. %A Sanders,W. H. %A Michel Cukier %K AQuA %K client %K client-server systems %K CORBA-based middleware %K distributed object management %K distributed services %K dynamic replica selection algorithm %K fault tolerant computing %K local area network %K Local area networks %K quality of service %K replica failures %K response time %K server replication %K time-critical applications %K timing failures %K timing fault tolerance %X Server replication is commonly used to improve the fault tolerance and response time of distributed services. An important problem when executing time-critical applications in a replicated environment is that of preventing timing failures by dynamically selecting the replicas that can satisfy a client's timing requirement, even when the quality of service is degraded due to replica failures and excess load on the server. We describe the approach we have used to solve this problem in AQuA, a CORBA-based middleware that transparently replicates objects across a local area network. The approach we use estimates a replica's response time distribution based on performance measurements regularly broadcast by the replica. An online model uses these measurements to predict the probability with which a replica can prevent a timing failure for a client. A selection algorithm then uses this prediction to choose a subset of replicas that can together meet the client's timing constraints with at least the probability requested by the client. We conclude with experimental results based on our implementation. %P 107 - 116 %8 2001/07// %G eng %R 10.1109/DSN.2001.941397 %0 Conference Paper %B IEEE INFOCOM '99. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings %D 1999 %T PLANet: an active internetwork %A Hicks, Michael W. %A Moore,J. T %A Alexander,D. S %A Gunter,C. A %A Nettles,S. M %K 100 Mbit/s %K 300 MHz %K 48 Mbit/s %K active internetwork %K active network architecture %K active network implementation %K byte-code-interpreted applications %K Computer architecture %K Computer languages %K Computer networks %K congested conditions %K dynamic programming %K dynamic router extensions %K Ethernet %K Ethernet networks %K INFORMATION SCIENCE %K Internet %K Internet-like services %K internetworking %K IP %K IP networks %K link layers %K Linux user-space applications %K Local area networks %K ML dialect %K Network performance %K networking operations %K OCaml %K Packet Language for Active Networks %K packet programs %K packet switching %K Pentium-II %K performance %K performance evaluation %K PLAN %K PLANet %K Planets %K programmability features %K programming languages %K router functionality %K special purpose programming language %K Switches %K telecommunication network routing %K Transport protocols %K Web and internet services %X We present PLANet: an active network architecture and implementation. In addition to a standard suite of Internet-like services, PLANet has two key programmability features: (1) all packets contain programs; and (2) router functionality may be extended dynamically. Packet programs are written in our special purpose programming language PLAN, the Packet Language for Active Networks, while dynamic router extensions are written in OCaml, a dialect of ML. Currently, PLANet routers run as byte-code-interpreted Linux user-space applications, and support Ethernet and IP as link layers. PLANet achieves respectable performance on standard networking operations: on 300 MHz Pentium-II's attached to 100 Mbps Ethernet, PLANet can route 48 Mbps and switch over 5000 packets per second. We demonstrate the utility of PLANet's activeness by showing experimentally how it can nontrivially improve application and aggregate network performance in congested conditions %B IEEE INFOCOM '99. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Proceedings %I IEEE %V 3 %P 1124-1133 vol.3 - 1124-1133 vol.3 %8 1999/03/21/25 %@ 0-7803-5417-6 %G eng %R 10.1109/INFCOM.1999.751668 %0 Conference Paper %B Performance, Computing and Communications, 1998. IPCCC '98., IEEE International %D 1998 %T Benchmarking a network of PCs running parallel applications %A Hollingsworth, Jeffrey K %A Guven, E. %A Akinlar, C. %K 100 Mbit/s %K 125 mus %K Aerodynamics %K Application software %K communication micro-benchmarks %K default mathematical libraries %K Delay %K Ethernet %K Ethernet networks %K gcc %K latency %K lightweight message-passing protocol %K Linux %K Local area networks %K mathematics computing %K Message passing %K microcomputer applications %K Microsoft Windows NT %K NAS parallel benchmarks %K network operating systems %K Numerical simulation %K parallel applications %K PARALLEL PROCESSING %K PC network benchmarking %K performance comparison %K performance evaluation %K Personal communication networks %K Protocols %K PVM %K running time %K software libraries %K System software %K system software configurations %K TCP/IP %K TCPIP %K Transport protocols %K U-Net active messages %K Visual C++ %X Presents a benchmarking study that compares the performance of a network of four PCs connected by a 100 Mbit/s fast Ethernet running three different system software configurations: TCP/IP on Windows NT, TCP/IP on Linux and a lightweight message-passing protocol (U-Net active messages) on Linux. For each configuration, we report results for communication micro-benchmarks and the NAS (Numerical Aerodynamics Simulation) parallel benchmarks. For the NAS benchmarks, the overall running time using Linux TCP/IP was 12-500% less than the Windows NT TCP/IP configuration. Likewise, the Linux U-Net based message-passing protocol outperformed the Linux TCP/IP version by 5-200%+. We also show that, by using Linux U-Net, we are able to achieve 125 μs latency between two processes using PVM. Finally, we report that the default mathematical libraries supplied with NT (for both gcc and Visual C++) are substantially slower than the one supplied with Linux %B Performance, Computing and Communications, 1998. IPCCC '98., IEEE International %I IEEE %P 1 - 7 %8 1998/02/16/18 %@ 0-7803-4468-5 %G eng %R 10.1109/PCCC.1998.659876 %0 Journal Article %J IEEE Network %D 1998 %T A secure active network environment architecture: realization in SwitchWare %A Alexander,D. S %A Arbaugh, William A. %A Keromytis,A. D %A Smith,J. M %K access protocols %K AEGIS secure bootstrap architecture %K architecture %K Authentication %K Collaboration %K Communication switching %K dynamic integrity checks %K extended LAN %K Functional programming %K implementation %K integrity %K Intelligent networks %K IP networks %K Local area networks %K network infrastructure %K network infrastructures %K network operating systems %K network-level solutions %K node %K node-to-node authentication %K packet switching %K Proposals %K ramming system %K SANE %K secure active network environment architecture %K security of data %K Switches %K SwitchWare %K trusted state %K Web and internet services %X An active network is a network infrastructure which is programmable on a per-user or even per-packet basis. Increasing the flexibility of such network infrastructures invites new security risks. Coping with these security risks represents the most fundamental contribution of active network research. The security concerns can be divided into those which affect the network as a whole and those which affect individual elements. It is clear that the element problems must be solved first, since the integrity of network-level solutions will be based on trust in the network elements. In this article we describe the architecture and implementation of a secure active network environment (SANE), which we believe provides a basis for implementing secure network-level solutions. We guarantee that a node begins operation in a trusted state with the AEGIS secure bootstrap architecture. We guarantee that the system remains in a trusted state by applying dynamic integrity checks in the network element's runtime system, using a novel naming system, and applying node-to-node authentication when needed. The construction of an extended LAN is discussed %B IEEE Network %V 12 %P 37 - 45 %8 1998/06//May %@ 0890-8044 %G eng %N 3 %R 10.1109/65.690960 %0 Journal Article %J Computer %D 1998 %T Security for virtual private intranets %A Arbaugh, William A. %A Davin,J. R %A Farber,D. J %A Smith,J. M %K businesses %K Clouds %K Companies %K core operating system components %K cryptography %K Data security %K employee homes %K encryption %K functional roles %K hard drive %K Home computing %K home working %K integrity checking %K Internet %K Local area networks %K multiple personalities %K network authentication %K network environment %K operating system modifications %K Operating systems %K Roads %K secure identity based lending %K security management %K security of data %K shared applications %K SIBL %K single hardware platform %K smart cards %K symmetric algorithm %K system partition %K telecommuting %K Teleworking %K trust relationship %K trustworthy system %K virtual private intranets %X As telecommuting grows, businesses must consider security when extending their network environment to employees' homes. Researchers at the University of Pennsylvania have addressed the problem with smart cards, operating system modifications, and network authentication. We note the distinction between trust and integrity: trust is determined through the verification of components and the dependencies among them, while integrity demonstrates that components haven't been modified. Thus integrity checking in a trustworthy system is about preserving an established trust or trust relationship. Our solution to the challenge of isolating functional roles that may share a single hardware platform is called secure identity based lending (SIBL). SIBL provides multiple personalities by partitioning the hard drive into n+1 partitions, where n is the number of supported personalities. All personalities use the system partition for core operating system components and shared applications. Each of the personalities is also associated with one of the remaining partitions, which are encrypted using a symmetric algorithm %B Computer %V 31 %P 48 - 55 %8 1998/09// %@ 0018-9162 %G eng %N 9 %R 10.1109/2.708450 %0 Journal Article %J IEEE Transactions on Knowledge and Data Engineering %D 1998 %T Techniques for update handling in the enhanced client-server DBMS %A Delis,A. %A Roussopoulos, Nick %K client disk managers %K client resources %K client-server computing paradigm %K client-server systems %K Computational modeling %K Computer architecture %K concurrency control %K data pages %K Database systems %K distributed databases %K enhanced client-server DBMS %K Hardware %K Local area networks %K long-term memory %K main-memory caches %K Network servers %K operational spaces %K Personal communication networks %K server update propagation techniques %K Transaction databases %K update handling %K Workstations %K Yarn %X The Client-Server computing paradigm has significantly influenced the way modern Database Management Systems are designed and built. In such systems, clients maintain data pages in their main-memory caches, originating from the server's database. The Enhanced Client-Server architecture takes advantage of all the available client resources, including their long-term memory. Clients can cache server data into their own disk units if these data are part of their operational spaces. However, when updates occur at the server, a number of clients may need to not only be notified about these changes, but also obtain portions of the updates as well. In this paper, we examine the problem of managing server imposed updates that affect data cached on client disk managers. We propose a number of server update propagation techniques in the context of the Enhanced Client-Server DBMS architecture, and examine the performance of these strategies through detailed simulation experiments. In addition, we study how the various settings of the network affect the performance of these policies %B IEEE Transactions on Knowledge and Data Engineering %V 10 %P 458 - 476 %8 1998/06//May %@ 1041-4347 %G eng %N 3 %R 10.1109/69.687978 %0 Journal Article %J IEEE Journal on Selected Areas in Communications %D 1993 %T MANDATE: managing networks using database technology %A Haritsa,J. R %A Ball,M. O %A Roussopoulos, Nick %A Datta,A. %A Baras,J. S %K Communication networks %K database management systems %K enterprise communication networks %K Heart %K Information management %K interface %K internetworking %K Local area networks %K management functionality %K management information database %K managing networks using database technology %K MANDATE %K Manufacturing %K network operating systems %K open systems %K Optical fiber cables %K Research and development management %K Technology management %K telecommunication network management %K Transaction databases %K wide area networks %X There has been a growing demand for the development of tools to manage enterprise communication networks. A management information database is the heart of a network management system-it provides the interface between all functions of the network management system and, therefore, has to provide sophisticated functionality allied with high performance. The authors introduce the design of MANDATE (MAnaging Networks using DAtabase TEchnology), a proposed database system for effectively supporting the management of large enterprise networks. The MANDATE design makes a conscious attempt to take advantage of the special characteristics of network data and transactions, and of advances in database technology, to efficiently derive some of the required management functionality %B IEEE Journal on Selected Areas in Communications %V 11 %P 1360 - 1372 %8 1993/12// %@ 0733-8716 %G eng %N 9 %R 10.1109/49.257929 %0 Journal Article %J IEEE Transactions on Software Engineering %D 1993 %T Performance comparison of three modern DBMS architectures %A Delis,A. %A Roussopoulos, Nick %K client-server %K Computational modeling %K Computer architecture %K database management systems %K DBMS architectures %K design rationales %K functional components %K Indexes %K Local area networks %K Military computing %K Packaging %K Performance analysis %K performance evaluation %K RAD-UNIFY type %K simulation models %K simulation results %K Software architecture %K software architecture configurations %K software engineering %K Throughput %K Workstations %X The introduction of powerful workstations connected through local area networks (LANs) inspired new database management system (DBMS) architectures that offer high performance characteristics. The authors examine three such software architecture configurations: client-server (CS), the RAD-UNIFY type of DBMS (RU), and enhanced client-server (ECS). Their specific functional components and design rationales are discussed. Three simulation models are used to provide a performance comparison under different job workloads. Simulation results show that the RU almost always performs slightly better than the CS, especially under light workloads, and that ECS offers significant performance improvement over both CS and RU. Under reasonable update rates, the ECS over CS (or RU) performance ratio is almost proportional to the number of participating clients (for less than 32 clients). The authors also examine the impact of certain key parameters on the performance of the three architectures and show that ECS is more scalable that the other two %B IEEE Transactions on Software Engineering %V 19 %P 120 - 138 %8 1993/02// %@ 0098-5589 %G eng %N 2 %R 10.1109/32.214830 %0 Journal Article %J IEEE Transactions on Knowledge and Data Engineering %D 1991 %T A pipeline N-way join algorithm based on the 2-way semijoin program %A Roussopoulos, Nick %A Kang,H. %K 2-way semijoin program %K backward size reduction %K Bandwidth %K Computer networks %K Costs %K Data communication %K data transmission %K Database systems %K database theory %K Delay %K distributed databases %K distributed query %K forward size reduction %K intermediate results %K Local area networks %K network %K Parallel algorithms %K pipeline N-way join algorithm %K pipeline processing %K Pipelines %K programming theory %K Query processing %K Relational databases %K relational operator %K SITES %K Workstations %X The semijoin has been used as an effective operator in reducing data transmission and processing over a network that allows forward size reduction of relations and intermediate results generated during the processing of a distributed query. The authors propose a relational operator, two-way semijoin, which enhanced the semijoin with backward size reduction capability for more cost-effective query processing. A pipeline N-way join algorithm for joining the reduced relations residing on N sites is introduced. The main advantage of this algorithm is that it eliminates the need for transferring and storing intermediate results among the sites. A set of experiments showing that the proposed algorithm outperforms all known conventional join algorithms that generate intermediate results is included %B IEEE Transactions on Knowledge and Data Engineering %V 3 %P 486 - 495 %8 1991/12// %@ 1041-4347 %G eng %N 4 %R 10.1109/69.109109