Traffic measurement is a critical component for the control and engineering of communication networks. We argue that traffic measurement should make it possible to obtain the spatial flow of traffic through the domain, i.e., the paths followed by packets between any ingress and egress point of the domain. Most resource allocation and capacity planning tasks can benefit from such information. Also, traffic measurements should be obtained without a routing model and without knowledge of network state. This allows the traffic measurement process to be resilient to network failures and state uncertainty. We propose a method that allows the direct inference of traffic flows through a domain by observing the trajectories of a subset of all packets traversing the network. The key advantages of the method are that (i) it does not rely on routing state, (ii) its implementation cost is small, and (iii) the measurement reporting traffic is modest and can be controlled precisely. The key idea of the method is to sample packets based on a hash function computed over the packet content. Using the same hash function will yield the same sample set of packets in the entire domain, and enables us to reconstruct packet trajectories. I.

A fault-scalable service can be configured to tolerate increasing numbers of faults without significant decreases in performance. The Query/Update (Q/U) protocol is a new tool that enables construction of fault-scalable Byzantine faulttolerant services. The optimistic quorum-based nature of the Q/U protocol allows it to provide better throughput and fault-scalability than replicated state machines using agreement-based protocols. A prototype service built using the Q/U protocol outperforms the same service built using a popular replicated state machine implementation at all system sizes in experiments that permit an optimistic execution. Moreover, the performance of the Q/U protocol decreases by only 36 % as the number of Byzantine faults tolerated increases from one to five, whereas the performance of the replicated state machine decreases by 83%.

This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." To learn the current status of any Internet-Draft, please check the "1id-abstracts.txt " listing contained in the Internet- Drafts Shadow Directories on ftp.is.co.za (Africa), ftp.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). This document describes the Cryptographic Message Syntax. This syntax is used to digitally sign or encrypt arbitrary messages. The Cryptographic Message Syntax is derived from PKCS #7 version 1.5. Wherever possible, backward compatibility is preserved; however, changes were necessary to accomodate attribute certificate transfer and key agreement techniques for key management. This drfat obosletes the previously released <draft-housley-smimecms-00.txt>. This draft is being discussed on the ’’ietf-smime’ ’ mailing list. To subscribe, send a message to:

No single encoding scheme or fault model is optimal for all data. A versatile storage system allows them to be matched to access patterns, reliability requirements, and cost goals on a per-data item basis. Ursa Minor is a cluster-based storage system that allows data-specific selection of, and on-line changes to, encoding schemes and fault models. Thus, different data types can share a scalable storage infrastructure and still enjoy specialized choices, rather than suffering from "one size fits all." Experiments with Ursa Minor show performance benefits of 2--3 when using specialized choices as opposed to a single, more general, configuration. Experiments also show that a single cluster supporting multiple workloads simultaneously is much more efficient when the choices are specialized for each distribution rather than forced to use a "one size fits all" configuration. When using the specialized distributions, aggregate cluster throughput nearly doubled.

Security is becoming one of the most urgent challenges in database research and industry, and the challenge is intensifying due to the enormous popularity of e-business. In this paper we study database security from a cryptographic point of view. We show how to integrate modern cryptography technology into a relational database management system to solve some major security problems. Our study shows that cryptographic support is an indispensable ingredient for a modern RDBMS to provide a secure environment for storing and processing huge amount of business data.

HTTP accounts for most of the bytes flowing over the Internet backbone (up to 75 percent, in one study [1]). This bandwidth demand requires continued investment in link and switch capacity, and leads to congestion, which increases user-perceived latency. At the edges of the Internet, which are often bandwidth-constrained, every extra byte transferred adds incremental delay; this is a particular problem for home users, most of whom do not yet have a cost-effective means to increase bandwidth above 56 kb/s. And every round-trip through the Internet adds delay, often several hundred milliseconds. Almost any computer system that suffers from latency or bandwidth problems can benefit from caching. The Web is no exception, and caching mechanisms have been part of HTTP almost since its inception. Caching is perhaps the one aspect of the Web most easily amenable to academic studies, and many research papers have been published. Web caching is also sufficiently useful to have led to the creation of a rapidly growing industry. Caching works when a reference stream has locality. Temporal locality exists when an item is referenced more than once — a cache can store the item on the first reference, and then return it for subsequent references. Traditionally, Web caches have exploited temporal locality, with a URL as the granularity of reference. Such a cache stores a response to a request for a URL, and then a subsequent request for the same URL yields a cache hit. Other caches in computer systems, such as CPU data caches, often reach hit rates approaching 100 percent, but numerous studies of actual Web reference streams report much lower hit rates, often 50 percent or less. Indeed, recent studies have shown intrinsic limits to the hit rates achievable with URL-granularity temporal locality: no matter how large the cache or user population, many references will never be cache hits. This article surveys some of the techniques proposed to

In response to the current need for fast, secure and cheap public-key cryptography largely induced by the fast development of electronic commerce, we propose a new on the fly signature scheme, i.e. a scheme that requires very small on-line work for the signer. It combines provable security based on the factorization problem, short public and secret keys, short transmission and minimal on-line computation. It is the first RSA-like signature scheme that can be used for both efficient and secure applications based on low cost or contactless smart cards.

Configuration management of compiled software artifacts (programs, libraries, icons, etc.) is a growing problem as software reuse becomes more prevalent. For an application composed from reused libraries and modules to function correctly, all of the required files must be available and be the correct version. In this paper, we present a simple scheme to address this problem: content-derived names (CDNs). Computing an object's name automatically using digital signatures greatly eases the problem of disambiguating multiple versions of an object. By using content -derived names, developers can ensure that only those software components that have been tested together are permitted to run together.

In this paper, we focus our attention on the problem of assigning initial secrets to users in adhoc network (respectively, sensors in a sensor network) so that they can use those secrets to ensure authentication and privacy during their communication. The goal of this assignment is to ensure that any two users can communicate securely with each other even though each user maintains only a small number of secrets. With this motivation, we present a protocol that maintains O ( √ n) secrets per user where n is the number of users in the system. We show that our secret distribution protocol suffices for privacy and authentication as well as secure multihop communication between two users. Furthermore, we show that the number of secrets maintained in this protocol is within a constant factor of the optimal. For the case where user capability prevents them from maintaining the necessary secrets, we propose two probabilistic protocols that maintain O(log n) secrets and where the probability of security compromise between two users is inversely proportional to the number of secrets they maintain. Thus, our protocols provide a continuum where the level of privacy and authentication depends upon user requirements and capabilities.

Abstract. In this paper a method for Partial RDF Encryption (PRE) is proposed in which sensitive data in an RDF-graph is encrypted for a set of recipients while all non-sensitive data remain publicly readable. The result is an RDF-compliant self-describing graph containing encrypted data, encryption metadata, and plaintext data. For the representation of encrypted data and encryption metadata, the XML-Encryption and XML-Signature recommendations are used. The proposed method allows for fine-grained encryption of arbitrary subjects, predicates, objects and subgraphs of an RDF-graph. An XML vocabulary for specifying encryption policies is introduced. 1