http://db.usenix.org/events/usenix2000/wips.html
Work-in-Progress
Reports
Thursday, June 22, 2000,
4:00pm - 5:30pm
- Perl on the Itanium by Murray Nesbitt, ActiveState
- I will briefly discuss ActiveState's experiences in getting Perl
working well
under Windows, Linux, and Monterey on the 64-bit Intel Itanium; from
the
challenge of working with beta operating systems on beta hardware, to
the way in
which Perl's source level abstractions make the task of porting Perl to
a new
architecture less daunting than you might think.
- ttf2pt1: a TTF to Adobe Type 1 Font Converter by
Sergey Babkin, Santa Cruz
Operation
- ttf2pt1 is a font converter (TTF to Adobe Type 1) that also
attempts to clean
the outlines from defects and automatically generate Type 1 hints (all
kinds,
including hint substitution). The hint generator is the most advanced I
know of,
at least in Open Source Software.
- lodd: A Pipelining and In-Pipe Data Manipulation Tool by
Joseph Pingenot, Kansas State University
- lodd, or "logical dd", is a replacement for the ubiquitous dd. It
will contain
code to behave like dd, but extended arguments give it added
functionality. It
has the ability to manipulate multiple "channels", which is simply a
name for
the route data takes from one file descriptor to another. Its original
purpose
was to enable some basic pipe combination and elementary encryption
ability from
the command line. However, as things do, it grew beyond that. It would
be a
handy tool for more advanced pipelining. It will route messages from
two pipes
(or more) to another and the converse, as well as simple rerouting
(which could
be done in the shell). Full utilization of its possibilities will
require more
advanced shell pipelining capabilities, however. In order for lodd to
be able to
route between multiple pipelines, it needs also to have multiple
pipelines
connected to it. Naturally, it would have the ability to manipulate the
"channels" in transit. The manipulations I have in mind are conversions
from one
system to another, as well as bit-, byte-, and block-level
manipulations such as
rotations, xor, and other logic functions.
- vstack: Easily Catch Some Buffer Overrun Attacks by
Craig Metz, University of
Virginia
- Buffer overrun attacks are a classic security problem that won't
go away. They
work by overwriting a function's return address on a program's
execution stack
with a new value that causes the function's "return" to jump somewhere
else. Most normal C functions are called with a particular return
address and expect
that the return address initially on the stack is the same as the
return address
finally on the stack. For these functions, why not check to ensure that
this is
actually the case?
The vstack software keeps a parallel "virtual" stack containing
copies of the
saved return addresses and frame pointers. It edits the entry and exit
code of
normal C functions and inserts code to maintain this stack and to
perform this
check. If the check fails, instead of jumping through the suspicious
return
address, it transfers control to a fault handler. An x86 sample
implementation
is a few hundred lines of Perl that uses GCC to compile. It introduces
a very
small performance overhead, but easily catches and defeats the most
common
buffer overrun attacks.
- kq: Kernel Queues in FreeBSD by John-Mark Gurney,
FreeBSD
- Kernel Queues are a stateful method of event notification.
Instead of passing
which events to monitor each time as done with select(2) and poll(2),
the
program tells the kernel of which events it wants notification. The
kernel will
queue the events for the program to process and can include a pointer
to data
specified by the program for identification. Kernel Queues currently
support
events for file descriptors, processes, signals, aio and vnodes. This
interface
will be in forthcoming FreeBSD releases after 4.0.
- Autonomous Service Composition on the Web by Laurence
Melloul, Stanford
- The goal of our research is to build large-scale applications
through Web
service composition. Web services reside at service provider sites and
are
autonomous. Therefore, in order to compose them, client programmers
need not
integrate the code of the services. In fact, they can dynamically
specify their
composition requests as Web users currently fill in Web forms. I will
talk about
the advantages of autonomous service composition in general and explain
why it
is worth investigating on the Web.
- The Hummingbird File System by Liddy Shriver, Bell
Labs, Lucent Technologies
- Today, caching web proxies use general purpose file systems.
Server software
such as Squid or Apache, when running on a UNIX system, typically use
some
derivative of the 4.2BSD Fast File System (FFS). FFS was designed 15
years ago
for workload demands which are very different from that of a caching
web proxy.
Some of the differences are high temporal locality, relaxed persistence
and a
different read/write ratio. We have designed a file system for caching
web
proxies which we call Hummingbird. The design of this file system is
motivated
by the characteristics of web proxy workloads such as files being
accessed in
their entirety, small files on average, and repeatable reference
locality sets.
Results comparing Hummingbird to FFS, EFS, XFS, and FFS mounted
asynchronously
using web proxy access logs show that Hummingbird is 6-10 times faster.
- The Self-Certifying File System by Kevin Fu, MIT LCS
- The Self-Certifying File System separates key management from
file system
security. SFS file names effectively contain public keys, making them
self-certifying pathnames. Applications of SFS and its read-only
dialect include
a secure replacement for NFS, online certification authorities, and
secure
software distribution. SFS works on UNIX operating systems that
implement NFS3
correctly. See http://www.fs.net/
for more information.
NFS Version 4 Open Systems Project Andy Adamson, CITI, University of
Michigan
Short presentation of features and implementation of NFS version 4 on
Linux and
OpenBSD.
- Alfa-1: a Simulated Computer with Educational Purposes by
Alejandro Troccoli and Sergio Zlotnik, University of Buenos Aires
- The theoretical study of computer architecture and organization
usually give the
students an incomplete and sometime erroneous view of how a computer
system
works. The lack of practical experience can make that the underlying
complexity
of the subsystems and their interaction could not be completely
understood. The
main problems are related with the existence of several levels used
when
studying computer organization. The levels usually analyzed include
assembly
language, instruction set, microprogramming and digital logic. The
introduction
of higher levels (programming languages, Operating Systems) makes the
task even
more difficult. The tool GAD was used as a basis to develop a simulated
computer, allowing to experiment with the formal approach defined by
the DEVS
formalism. The model's architecture is mainly based in the
specification of the
Integer Unit of the SPARC processor. The tool is intended to be used in
undergraduate courses, and its use allowed the students to obtain a
complete
understanding of computer organization.
- Tellme Studio by Jeff Kellem, Tellme Networks
- Tellme Studio is Tellme's development environment that we just
announced. It
makes it easy to develop new voice applications using VoiceXML and
_javascript_
and requires only knowledge of VoiceXML and _javascript_--no special
hardware or
software is required. Tellme Studio is currently available to anyone.
- Interesting Passwords Found on a Conference Wireless Network
by Dug Song, CITI, University of Michigan
|
