Systems Analysis and the Computer

The words ‘systems analysis’ are used in at least two senses in the literature. Whilst the general nature of the topic is well understood in the O.R. community, the nature of the term as used by computer scientists is less familiar. In this paper, the nature of systems analysis as it relates to computer-based systems is examined from the point of view that the computer system is an automaton embedded in a human system, and some facets of this are explored. It is concluded that O.R. analysts and computer analysts have things to learn from each other and that this ought to be reflected in their education. The important role played by change in the design of systems is also highlighted, and it is concluded that, whilst the application of techniques developed in the ‘artificial intelligence’ field have considerable relevance to constructing automata able to adapt to change in the environment, study of the human factors affecting the overall systems within which the automata are embedded has an even more important role.     

Optimal resource allocation for security in reliability systems

Recent results have used game theory to explore the nature of optimal investments in the security of simple series and parallel systems. However, it is clearly important in practice to extend these simple security models to more complicated system structures with both parallel and series subsystems (and, eventually, to more general networked systems). The purpose of this paper is to begin to address this challenge. While achieving fully general results is likely to be difficult, and may require heuristic approaches, we are able to find closed-form results for systems with moderately general structures, under the assumption that the cost of an attack against any given component increases linearly in the amount of defensive investment in that component. These results have interesting and sometimes counterintuitive implications for the nature of optimal investments in security.     

Topological design of telecommunication networks-local access design methods

Computer communication networks and telecommunication systems are growing at an explosive rate. Some of the major factors influencing this phenomenal growth rate have been technology driven, deregulation of the telecommunication industry and the breakup of AT&T, product and service introductions and competition, new application areas, price reductions and improved services. Corporations have discovered how to use telecommunication-based systems and computer networks as a strategic competitive weapon. Modern computer networks consist of backbone networks which serve as major highways to transfer large volumes of communication traffic, and local access networks which feed traffic between the backbone network and end user nodes. The design of the local access network is a complex process which builds on many difficult combinatorial optimization problems. This paper surveys many of the problems, presents the state of the art in solving them, and demonstrates a variety of solution procedures. The paper concludes with a list of open problems and areas open for further investigation.This research was partially supported by a Dean's grant for faculty research at the Owen Graduate School of Management, Vanderbilt University, Nashville, TN 37204, USA.     

A formal apparatus for modeling trust in computing environments

Recent research in computer systems security has evolved into trust issues, which are now becoming an important topic. The majority of approaches for trust modeling addressed trust by actually focusing on security, and some of them addressed also trust as such. This paper presents a formal apparatus that concentrates on trust as such. It is flexible enough to accommodate the driving factors behind trust and consequently different trust-focused methodologies and technologies. The basic goal of the work presented in this paper is the definition of qualitative trust modeling methodology for trust management in contemporary computing environments that efficiently complements existing quantitative methodologies. Further, an open conceptual model for trust management is presented that accommodates various qualitative and quantitative trust management methodologies. This model has also been implemented in the web services environment, and this is discussed in this paper as well.     

Probabilistic modeling of computer system availability

System availability is becoming an increasingly important factor in evaluating the behavior of commercial computer systems. This is due to the increased dependence of enterprises on continuously operating computer systems and to the emphasis on fault-tolerant designs. Thus, we expect availability modeling to be of increasing interest to computer system analysts and for performance models and availability models to be used to evaluate combined performance/availability (performability) measures. Since commercial computer systems are repairable, availability measures are of greater interest than reliability measures. Reliability measures are typically used to evaluate nonrepairable systems such as occur in military and aerospace applications. We will discuss system aspects which should be represented in an availability model; however, our main focus is a state of the art summary of analytical and numerical methods used to solve computer system availability models. We will consider both transient and steady-state availability measures and for transient measures, both expected values and distributions. We are developing a program package for system availability modeling and intend to incorporate the best solution methods.     

Modeling networked systems using the topologically distributed bounded rationality framework

In networked systems research, game theory is increasingly used to model a number of scenarios where distributed decision making takes place in a competitive environment. These scenarios include peer‐to‐peer network formation and routing, computer security level allocation, and TCP congestion control. It has been shown, however, that such modeling has met with limited success in capturing the real‐world behavior of computing systems. One of the main reasons for this drawback is that, whereas classical game theory assumes perfect rationality of players, real world entities in such settings have limited information, and cognitive ability which hinders their decision making. Meanwhile, new bounded rationality models have been proposed in networked game theory which take into account the topology of the network. In this article, we demonstrate that game‐theoretic modeling of computing systems would be much more accurate if a topologically distributed bounded rationality model is used. In particular, we consider (a) link formation on peer‐to‐peer overlay networks (b) assigning security levels to computers in computer networks (c) routing in peer‐to‐peer overlay networks, and show that in each of these scenarios, the accuracy of the modeling improves very significantly when topological models of bounded rationality are applied in the modeling process. Our results indicate that it is possible to use game theory to model competitive scenarios in networked systems in a way that closely reflects real world behavior, topology, and dynamics of such systems. © 2016 Wiley Periodicals, Inc. Complexity 21: 123–137, 2016     

Unstructured adaptive meshes: bad for your memory?

The most important performance bottleneck in modern high-end computers is access to memory. Many forms of hardware and software support for reducing memory latency exist, but certain important applications defy these. Examples of such applications are unstructured adaptive (UA) mesh problems, which feature irregular, dynamically changing memory access. We describe a new benchmark program, called UA, for measuring the performance of computer systems when solving such problems. It complements the existing NAS Parallel Benchmarks suite that deals mainly with static, regular-stride memory references. The UA benchmark involves the solution of a stylized heat transfer problem in a cubic domain, discretized on an adaptively refined, unstructured mesh. We describe the numerical and implementation issues, and also present some interesting performance results.     

A network efficiency measure with application to critical infrastructure networks

In this paper, we demonstrate how a new network performance/efficiency measure, which captures demands, flows, costs, and behavior on networks, can be used to assess the importance of network components and their rankings. We provide new results regarding the measure, which we refer to as the Nagurney–Qiang measure, or, simply, the N–Q measure, and a previously proposed one, which did not explicitly consider demands and flows. We apply both measures to such critical infrastructure networks as transportation networks and the Internet and further explore the new measure through an application to an electric power generation and distribution network in the form of a supply chain. The Nagurney and Qiang network performance/efficiency measure that captures flows and behavior can identify which network components, that is, nodes and links, have the greatest impact in terms of their removal and, hence, are important from both vulnerability as well as security standpoints.     

基于身份的动态数字签名方案

数字签名是解决信息安全问题的重要途径,用于鉴别用户身份.随着计算机、网络的发展,安全的用户数字签名显得尤为重要.目前,现代的数字签名技术正向智能化、密码化、多因素、大容量和快速响应方向发展.结合数论中的中国剩余定理及RSA公钥体制,提出了一种基于身份的动态数字签名方案.     

IDES: influence diagram based expert system

Influence diagrams have been used effectively in applied decision analysis to model complex systems, identify probabilistic dependence and characterize the flow of information. Their graphical representation and intuitive framework are particularly effective in representing knowledge from experts with diverse backgrounds and varying degrees of technical proficiency. They allow both a symbolic representation of the system interrelationships and a quantitative measure that can be of discrete or continuous functional form. By exploiting this abstraction hierarchy, successive degrees of specification can be made by several individuals, each encoding his or her expert knowledge of the problem and bounds on critical parameters. It is proposed that an interactive computer program that automates this influence diagram technology would provide an excellent tool for building expert systems. This paper describes such a modeling tool: the IDES (Influence Diagram Based Expert System) developed at the University of California at Berkeley as a modeling tool for building expert systems requiring reasoning with uncertain or incomplete information. The Diagnostician's Problem is presented as a tutorial for describing the IDES solution procedure.     

Assuring consistency in mixed models

Information systems security defines three properties of information: confidentiality, integrity, and availability. These characteristics remain major concerns throughout the commercial and military industry. Ordinary users have taken these features as basis for their businesses. Furthermore, users may find it necessary to combine policies in order to protect their information in a suitable way. However, inconsistencies may arise as a result of implementing multiple secrecy and privacy models; and therefore, render these services unsecure. In this paper, we propose an approach to detect and report inconsistencies when choosing mixed models for integrity and security. It is based on specifying the policies in first order logic and applying formal analysis. We demonstrate the feasibility of our proposition by applying it to the Clark Wilson and role based access control models. We use the Alloy language and analyzer to formalize the mixed model and check for any inconsistencies.     

Modeling and analyzing the performance of aviation security systems using baggage value performance measures

Aviation security is an important concern of national interest.Baggage screening security devices and operations at airportstations throughout the United States address this concern.Determining how and where to assign (deploy) such devices canbe quite challenging. Moreover, even after such systems arein place, it can be difficult to measure their effectiveness.Uncovered flight segment (UFS) and uncovered passenger segment(UPS) performance measures provide a useful framework for measuringthe effectiveness of a baggage screening security device deploymentto a given station. However, the optimization models associatedwith these measures do not consider baggage screening strategiesthat permit partial screening of flights. To allow for suchstrategies, as well as to identify baggage screening securitysystem models where the decision to screen each individual selecteebag is made individually (rather than collectively by flight),this paper introduces performance measures in which each selecteebag is assigned an individual value. In particular, the flightsegment baggage value (FSBV) assigns a value to each selecteebag based upon the proportion of the flight segment that thebag covers. The passenger segment baggage value (PSBV) assignsa value to each selectee bag based on the proportion of thepassenger segments that the bag covers. For each of these measures,an associated decision problem and integer programming modelare introduced. In addition, several results are presented detailingboth optimization techniques for the models associated witheach measure and the relationships between the baggage valuemeasures and other baggage screening security system measures.A real-world example using actual flight data from the officialairline guide is presented to illustrate an application of thesemodels and results.     

Reliability Analysis of the Retrial Queue with Server Breakdowns and Repairs

Retrial queues have been widely used to model many problems arising in telephone switching systems, telecommunication networks, computer networks and computer systems, etc. It is of basic importance to study reliability of retrial queues with server breakdowns and repairs because of limited ability of repairs and heavy influence of the breakdowns on the performance measure of the system. However, so far the repairable retrial queues are analyzed only by queueing theory. In this paper we give a detailed analysis for reliability of retrial queues. By using the supplementary variables method, we obtain the explicit expressions of some main reliability indexes such as the availability, failure frequency and reliability function of the server. In addition, some special queues, for instance, the repairable M/G/1 queue and repairable retrial queue can be derived from our results. These results may be generalized to the repairable multi-server retrial models.     

Application of contract-based security assertion monitoring framework for telecommunications software engineering

Telecommunication software systems, containing security vulnerabilities, continue to be created and released to consumers. We need to adopt improved software engineering practices to reduce the security vulnerabilities in modern systems. Contracts can provide a useful mechanism for the identification, tracking, and validation of security vulnerabilities. In this work, we propose a new contract-based security assertion monitoring framework (CB_SAMF) that is intended to reduce the number of security vulnerabilities that are exploitable across multiple software layers, and to be used in an enhanced systems development life cycle (SDLC). We show how contract-based security assertion monitoring can be achieved in a live environment on Linux. Through security activities integrated into the SDLC we can identify potential security vulnerabilities in telecommunication systems, which in turn are used for the creation of contracts defining security assertions. Our contract model is then applied, as runtime probes, against two common security related vulnerabilities in the form of a buffer overflow and a denial of service.     

A survey on retrial queues

Queueing systems in which arriving customers who find all servers and waiting positions (if any) occupied may retry for service after a period of time are called retrial queues or queues with repeated orders. Retrial queues have been widely used to model many problems in telephone switching systems, telecommunication networks, computer networks and computer systems. In this paper, we discuss some important retrial queueing models and present their major analytic results and the techniques used. Our concentration is mainly on single-server queueing models. Multi-server queueing models are briefly discussed, and interested readers are referred to the original papers for details. We also discuss the stochastic decomposition property which commonly holds in retrial queues and the relationship between the retrial queue and the queue with server vacations.     

Visibility preserving terrain simplification— an experimental study

The terrain surface simplification problem has been studied extensively, as it has important applications in geographic information systems and computer graphics. The goal is to obtain a new surface that is combinatorially as simple as possible, while maintaining a prescribed degree of similarity with the original input surface. Generally, the approximation error is measured with respect to distance (e.g., Hausdorff) from the original or with respect to visual similarity. In this paper, we propose a new method of simplifying terrain surfaces, designed specifically to maximize a new measure of quality based on preserving inter-point visibility relationships. Our work is motivated by various problems of terrain analysis that rely on inter-point visibility relationships, such as optimal antenna placement.

We have implemented our new method and give experimental evidence of its effectiveness in simplifying terrains according to our quality measure. We experimentally compare its performance with that of other leading simplification methods.     

On a new class of probability distributions

Multicomponent systems are widely used in computer science. The reliability of these systems plays a very important role in efficient working. These systems are not always supposed to follow the standard probability distributions and so pseudo-distributions can be thought of as suitable alternatives. In this work we have defined a new bivariate pseudo-Weibull distribution. Some standard properties of the distribution have been studied. The distributions of the order statistics and concomitants have also been obtained.     

Fair resource allocation for different scenarios of demands

This paper considers a resource allocation problem, which objective is to treat fairly all the system users. Usually the requests cannot be entirely predicted, but the manager can forecast the request evolution, this leading to a set of possible scenarios. Such a problem arises for instance in network bandwidth allocation as well as in storage space management. It also appears in the management of computer systems, such as computational grids or in cloud computing, when teams share a common pool of machines. Problems of fair resource sharing arise among users with equal access right but with different needs.Here the problem is tackled by a multi-criteria model, where one criterion is associated to one scenario. A solution is a policy, which provides an allocation for each scenario. An algorithm is proposed and analysed that lists all solutions which are Pareto optimal with regard to the different possible user request scenarios. The algorithm is used offline, but can be adapted, with some additional hypothesis, to be used online.     

On recent results of ergodic property for p-adic dynamical systems

Theory of dynamical systems in fields of p-adic numbers is an important part of algebraic and arithmetic dynamics. The study of p-adic dynamical systems is motivated by their applications in various areas of mathematics, physics, genetics, biology, cognitive science, neurophysiology, computer science, cryptology, etc. In particular, p-adic dynamical systems found applications in cryptography, which stimulated the interest to nonsmooth dynamical maps. An important class of (in general) nonsmooth maps is given by 1-Lipschitz functions. In this paper we present a recent summary of results about the class of 1-Lipschitz functions and describe measure-preserving (for the Haar measure on the ring of p-adic integers) and ergodic functions. The main mathematical tool used in this work is the representation of the function by the van der Put series which is actively used in p-adic analysis. The van der Put basis differs fundamentally from previously used ones (for example, the monomial and Mahler basis) which are related to the algebraic structure of p-adic fields. The basic point in the construction of van der Put basis is the continuity of the characteristic function of a p-adic ball. Also we use an algebraic structure (permutations) induced by coordinate functions with partially frozen variables.     

Internet commerce security: issues and models for control checking

When a corporation begins exchanging business transactions over the Internet, the Internet becomes part of the corporate computer network. With access now available not only to the employees, but potentially to anyone else on the Internet, the scope of security concerns expands significantly. A variety of useful security software is available for controlling unauthorized intrusion, data corruption, and other potential vulnerabilities. These controls are subject, however, to vulnerability or inadequacy. The consequent losses can be mitigated by checking their performance periodically. This paper addresses current Internet commerce security problems and outlines selected optimization models and artificial intelligence methods that can be useful in scheduling the monitoring of related controls.