Abstract. Method look-up for dynamically typed object-oriented languag-es, such as SMALLTALK-80 o... more Abstract. Method look-up for dynamically typed object-oriented languag-es, such as SMALLTALK-80 or O~C, is usually implemented by a cached inheritance search. Unfortunately, this technique is slow. A selector-indexed dispatch table implementation ...
Method look-up for dynamically typed object-oriented languag- es, such as SMALLTALK-80 or OBJECTI... more Method look-up for dynamically typed object-oriented languag- es, such as SMALLTALK-80 or OBJECTIVE-C, is usually implemented by a cached inheritance search. Unfortunately, this technique is slow. A selector-indexed dispatch table implementation speeds up messages to within 10% of the speed of a statically typed language such as C++. We present a fast technique for generating compact selector-indexed dispatch tables.
Stack-based languages, such as PostScript, present a major challenge to static analysis technique... more Stack-based languages, such as PostScript, present a major challenge to static analysis techniques because of their almost unlimited polymorphism. We introduce a regular expression notation that is used to represent allowed combinations of types on the stack at different points in a Post-Script program. Our abstract interpretation algorithm may then be used to perform static type analysis. The analysis has applications in detecting probable errors in the Post-Script code or, ultimately, in permitting full or partial compilation of portions of code.
A transaction defines a locus of computation that satisfies important concurrency and failure pro... more A transaction defines a locus of computation that satisfies important concurrency and failure properties; these so-called ACID properties provide strong serialization guarantees that allow us to reason about concurrent and distributed programs in terms of higher-level units of computation (e.g., transactions) rather than lower-level data structures (e.g., mutual-exclusion locks). This paper presents a framework for specifying the semantics of a transactional facility integrated within a host programming language. The TFJ calculus supports nested and multi-threaded transactions. We give a semantics to TFJ that is parameterized by the definition of the transactional mechanism that permits the study of different transaction models.
The latter half of the 1990s has seen the emergence of the mobile agents paradigm for distributed... more The latter half of the 1990s has seen the emergence of the mobile agents paradigm for distributed applications programming. Mobile agents extend the concept of active objects to include code and data mobility. This yields a very flexible paradigm. Notably, network latency problems can be overcome by transporting a computation to the site housing the resources that the computation needs.
Abstract The Real-Time Specification for Java was released in 2000 and has continued to generate ... more Abstract The Real-Time Specification for Java was released in 2000 and has continued to generate sustained research and development efforts, having a number of implementations being provided by both software vendors and universities, and most importantly being ...
Software systems are becoming heterogeneous: instead of a small number of large programs from wel... more Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user's desktop may now consist of many smaller components that interact in intricate ways. Some components will be downloaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g. that personal data is not leaked to the net, but it is typically infeasible to verify that such components are well-behaved. Instead, they must be executed in a secure environment that provides fine-grain control of the allowable interactions between them, and between components and other system resources.
The paper gives an overview of RTJBench, a framework designed to assist in the task of benchmarki... more The paper gives an overview of RTJBench, a framework designed to assist in the task of benchmarking programs written in the Real-Time Specification for Java, but with potentially more general applicability. RTJBench extends the JUnit framework for unit testing of Java applica- tions with tools for real-time environment configuration, simple data processing and configurable graphical presentation services. We present design
Proceedings of the 12th IEEE Computer Security Foundations Workshop, 1999
Software systems are becoming heterogeneous: instead of a small number of large programs from wel... more Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user's desktop may now consist of many smaller components that interact in intricate ways. Some components will be downloaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g. that personal data is not leaked to the net, but it is typically infeasible to verify that such components are well-behaved. Instead, they must be executed in a secure environment, orwrapper, that provides fine-grain control of the allowable interactions between them, and between components and other system resources.
Software systems are becoming heterogeneous: instead of a small number of large programs from wel... more Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user's desktop may now consist of many smaller components that interact in intricate ways. Some components will be downloaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g. that personal data is not leaked to the net, but it is typically infeasible to verify that such components are well-behaved. Instead, they must be executed in a secure environment that provides fine-grain control of the allowable interactions between them, and between components and other system resources. In this paper, we consider the problem of assembling concurrent software sys- tems from untrusted or partially trusted off-the-shelf components, using wrapper programs to encapsulate components and enforce security policies. We introduce a model programming language, the box-π calculus, that suppor...
The Object Management Group's Common Object Request Broker Architecture (CORBA) aims to beco... more The Object Management Group's Common Object Request Broker Architecture (CORBA) aims to become the standard for application interoperability. But, in its present form, the architecture has some serious shortcomings, we address two of them in this report: The binding between server and client is exceedingly tight, thus any difference in interfaces renders the connection impossible. Second, in a commercial environment where the cost and quality of offered services varies, CORBA is lacking a contract negotiation service. We present remedies for these shortcomings based on previous work in the Cell framework as new CORBA ser- vices: an interface adaption service and a contract negotiation service
Abstract The Real-Time Specification for Java was released in 2000 and has continued to generate ... more Abstract The Real-Time Specification for Java was released in 2000 and has continued to generate sustained research and development efforts, having a number of implementations being provided by both software vendors and universities, and most importantly being ...
Page 1. Assessment of uncertainty in protein backbone NMR assignments using Bayesian model averag... more Page 1. Assessment of uncertainty in protein backbone NMR assignments using Bayesian model averaging Olga Vitek ∗ Jan Vitek Bruce Craig ∗ Chris Bailey-Kellogg Abstract Nuclear magnetic resonance (NMR) spectroscopy ...
The 2001 workshop on information security system rating and ranking 4] discussed different aspect... more The 2001 workshop on information security system rating and ranking 4] discussed different aspects of security metrics. What should we count and what do the numbers mean as pertaining to software security metrics was one of the challenge problems discussed by security experts at the 2003 UW-MSR Summer Institute 7]. The development of meaningful security metrics was chosen as a grand challenge at the onference on rand Research hallenges consecutively in 2002 5] and 2003 8]. This exemplifies the immediate need for ...
Abstract MEDIA is platform that allows the commercialization and dissemination of electronic docu... more Abstract MEDIA is platform that allows the commercialization and dissemination of electronic documents under similar conditions as printed documents, using an agent - based, distributed, and secure plat - form Documents in the MEDIA system are encapsulated within agents which the reader must execute in order to access their contents Thus, the document producer can include instructions that will ensure
Abstract. Method look-up for dynamically typed object-oriented languag-es, such as SMALLTALK-80 o... more Abstract. Method look-up for dynamically typed object-oriented languag-es, such as SMALLTALK-80 or O~C, is usually implemented by a cached inheritance search. Unfortunately, this technique is slow. A selector-indexed dispatch table implementation ...
Method look-up for dynamically typed object-oriented languag- es, such as SMALLTALK-80 or OBJECTI... more Method look-up for dynamically typed object-oriented languag- es, such as SMALLTALK-80 or OBJECTIVE-C, is usually implemented by a cached inheritance search. Unfortunately, this technique is slow. A selector-indexed dispatch table implementation speeds up messages to within 10% of the speed of a statically typed language such as C++. We present a fast technique for generating compact selector-indexed dispatch tables.
Stack-based languages, such as PostScript, present a major challenge to static analysis technique... more Stack-based languages, such as PostScript, present a major challenge to static analysis techniques because of their almost unlimited polymorphism. We introduce a regular expression notation that is used to represent allowed combinations of types on the stack at different points in a Post-Script program. Our abstract interpretation algorithm may then be used to perform static type analysis. The analysis has applications in detecting probable errors in the Post-Script code or, ultimately, in permitting full or partial compilation of portions of code.
A transaction defines a locus of computation that satisfies important concurrency and failure pro... more A transaction defines a locus of computation that satisfies important concurrency and failure properties; these so-called ACID properties provide strong serialization guarantees that allow us to reason about concurrent and distributed programs in terms of higher-level units of computation (e.g., transactions) rather than lower-level data structures (e.g., mutual-exclusion locks). This paper presents a framework for specifying the semantics of a transactional facility integrated within a host programming language. The TFJ calculus supports nested and multi-threaded transactions. We give a semantics to TFJ that is parameterized by the definition of the transactional mechanism that permits the study of different transaction models.
The latter half of the 1990s has seen the emergence of the mobile agents paradigm for distributed... more The latter half of the 1990s has seen the emergence of the mobile agents paradigm for distributed applications programming. Mobile agents extend the concept of active objects to include code and data mobility. This yields a very flexible paradigm. Notably, network latency problems can be overcome by transporting a computation to the site housing the resources that the computation needs.
Abstract The Real-Time Specification for Java was released in 2000 and has continued to generate ... more Abstract The Real-Time Specification for Java was released in 2000 and has continued to generate sustained research and development efforts, having a number of implementations being provided by both software vendors and universities, and most importantly being ...
Software systems are becoming heterogeneous: instead of a small number of large programs from wel... more Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user's desktop may now consist of many smaller components that interact in intricate ways. Some components will be downloaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g. that personal data is not leaked to the net, but it is typically infeasible to verify that such components are well-behaved. Instead, they must be executed in a secure environment that provides fine-grain control of the allowable interactions between them, and between components and other system resources.
The paper gives an overview of RTJBench, a framework designed to assist in the task of benchmarki... more The paper gives an overview of RTJBench, a framework designed to assist in the task of benchmarking programs written in the Real-Time Specification for Java, but with potentially more general applicability. RTJBench extends the JUnit framework for unit testing of Java applica- tions with tools for real-time environment configuration, simple data processing and configurable graphical presentation services. We present design
Proceedings of the 12th IEEE Computer Security Foundations Workshop, 1999
Software systems are becoming heterogeneous: instead of a small number of large programs from wel... more Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user's desktop may now consist of many smaller components that interact in intricate ways. Some components will be downloaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g. that personal data is not leaked to the net, but it is typically infeasible to verify that such components are well-behaved. Instead, they must be executed in a secure environment, orwrapper, that provides fine-grain control of the allowable interactions between them, and between components and other system resources.
Software systems are becoming heterogeneous: instead of a small number of large programs from wel... more Software systems are becoming heterogeneous: instead of a small number of large programs from well-established sources, a user's desktop may now consist of many smaller components that interact in intricate ways. Some components will be downloaded from the network from sources that are only partially trusted. A user would like to know that a number of security properties hold, e.g. that personal data is not leaked to the net, but it is typically infeasible to verify that such components are well-behaved. Instead, they must be executed in a secure environment that provides fine-grain control of the allowable interactions between them, and between components and other system resources. In this paper, we consider the problem of assembling concurrent software sys- tems from untrusted or partially trusted off-the-shelf components, using wrapper programs to encapsulate components and enforce security policies. We introduce a model programming language, the box-π calculus, that suppor...
The Object Management Group's Common Object Request Broker Architecture (CORBA) aims to beco... more The Object Management Group's Common Object Request Broker Architecture (CORBA) aims to become the standard for application interoperability. But, in its present form, the architecture has some serious shortcomings, we address two of them in this report: The binding between server and client is exceedingly tight, thus any difference in interfaces renders the connection impossible. Second, in a commercial environment where the cost and quality of offered services varies, CORBA is lacking a contract negotiation service. We present remedies for these shortcomings based on previous work in the Cell framework as new CORBA ser- vices: an interface adaption service and a contract negotiation service
Abstract The Real-Time Specification for Java was released in 2000 and has continued to generate ... more Abstract The Real-Time Specification for Java was released in 2000 and has continued to generate sustained research and development efforts, having a number of implementations being provided by both software vendors and universities, and most importantly being ...
Page 1. Assessment of uncertainty in protein backbone NMR assignments using Bayesian model averag... more Page 1. Assessment of uncertainty in protein backbone NMR assignments using Bayesian model averaging Olga Vitek ∗ Jan Vitek Bruce Craig ∗ Chris Bailey-Kellogg Abstract Nuclear magnetic resonance (NMR) spectroscopy ...
The 2001 workshop on information security system rating and ranking 4] discussed different aspect... more The 2001 workshop on information security system rating and ranking 4] discussed different aspects of security metrics. What should we count and what do the numbers mean as pertaining to software security metrics was one of the challenge problems discussed by security experts at the 2003 UW-MSR Summer Institute 7]. The development of meaningful security metrics was chosen as a grand challenge at the onference on rand Research hallenges consecutively in 2002 5] and 2003 8]. This exemplifies the immediate need for ...
Abstract MEDIA is platform that allows the commercialization and dissemination of electronic docu... more Abstract MEDIA is platform that allows the commercialization and dissemination of electronic documents under similar conditions as printed documents, using an agent - based, distributed, and secure plat - form Documents in the MEDIA system are encapsulated within agents which the reader must execute in order to access their contents Thus, the document producer can include instructions that will ensure
Managed languages such as Java and C\# are being considered for use in hard real-time systems. A ... more Managed languages such as Java and C\# are being considered for use in hard real-time systems. A hurdle to their widespread adoption is the lack of garbage collection algorithms that offer predictable space-and-time performance in the face of fragmentation. We introduce SCHISM/CMR, a new concurrent and real-time garbage collector that is fragmentation tolerant and guarantees time-and-space worst-case bounds while providing good throughput. SCHISM/CMR combines mark-region collection of fragmented objects and arrays (arraylets) with separate replication-copying collection of immutable arraylet spines, so as to cope with external fragmentation when running in small heaps. We present an implementation of SCHISM/CMR in the Fiji VM, a high-performance Java virtual machine for mission-critical systems, along with a thorough experimental evaluation on a wide variety of architectures, including server-class and embedded systems. The results show that SCHISM/CMR tolerates fragmentation better than previous schemes, with a much more acceptable throughput penalty.
A transaction defines a locus of computation that satisfies important concurrency and failure pro... more A transaction defines a locus of computation that satisfies important concurrency and failure properties. These so-called ACID properties provide strong serialization guarantees that allow us to reason about concurrent and distributed programs in terms of higher-level units of computation (e.g., transactions) rather than lower-level data structures (e.g., mutual-exclusion locks). This paper presents a framework for specifying the semantics of a transactional facility integrated within a host programming language. The TFJ calculus, an object calculus derived from Featherweight Java, supports nested and multi-threaded transactions. We give a semantics to TFJ that is parametrized by the definition of the transactional mechanism that permits the study of different transaction models. We give two instantiations: one that defines transactions in terms of a versioning-based optimistic concurrency model, and the other which specifies transactions in terms of a pessimistic two-phase locking protocol, and present soundness and serializability properties for our semantics.
Uploads
Papers by Jan Vitek