1

QoS Feature Development and Deployment for Distributed Heterogeneous Systems

Eric Wohlstadter

University of California, Davis

2

Remote Collaboration Tool (RCT) [Walters, Amsler]

Open source remote classroom software Developed at UCDavis (http://davinci.cs.ucdavis.edu) Interactive collaboration: chat, blackboard, audio 3-Tier Architecture Java Client and C++ Server

Server Relational Storage

Client Network

3

Need to Adapt Applications

Example QoS Requirements Security Availability Differentiated Service

Example Feature Implementation Client Puzzle Protocol (CPP)

4

Adapt RCT to Resist DOS Attacks

QoS Requirement:Protect server from malicious DOS attack

ServerClient Relational Storage

Network

5

Adapt RCT to Resist DOS Attacks

ServerClient Relational Storage

QoS Requirement:Protect server from malicious DOS attack

Network

6

Client Puzzle Protocol (CPP)[Dwork, Naor, Dean]

Old System

Malicious client overloads server cpu resources

Legitimate service rendered impractical

Server issues cryptographic puzzle:Hash(random) = digest

Clients “pay” cpu resources:Hash(x) == digest?

New SystemPuzzle(Client )

Puzzle(Server )

7

Adapt Remote Procedure Call (RPC)

Start Server Active

Success

Start

Server ActiveSuccess

Server CPP Active

Client CPP Active

Old System

New System

8

RCT Interfaces

+sendLine()

«interface»BlackboardService

+login()+logout()

«interface»Authorization

+join()+leave()

«interface»InteractiveService

+sendMsg()

«interface»ChatService

Interfaces:Divide programmer effort for scalable development process

Reduces costsImproves quality

9

Hard to develop QoS features on distributed applications

Features affect many interfacesBreaks encapsulationDifferent for each application

Features affect client and serverNeed to ensure consistent deploymentNeed to support platform heterogeneity

Interaction model (RPC) is too rigid

10

Outline

Related Work :

Aspect Oriented Programming Adaptlets Policy Overview Future Work

11

Aspect Oriented Programming [Kiczales et. al.] Language for encapsulating crosscutting features Crosscutting

Related changes in two or more interfaces Advice

New code to change (“wrap”) existing functions Pointcut

Existing functions that need changing

Startloginactive

Success

login advice active

login advice active

12

Puzzle Protocol Crosscuts RCT

+sendLine()

«interface»BlackboardService

+login()+logout()

«interface»Authorization

+join()+leave()

«interface»InteractiveService

+sendMsg()

«interface»ChatService

+makePuzzle()+puzzleChallenge()+puzzleResponse()

«interface»Puzzle Protocol

Pointcut

Advice

13

Adding Authorization

Success

Start

Server Active

Server CPP advice active

Client CPP active Server Authorization advice

active

Client Authorizationactive

Server CPP advice active

Server Authorization adviceactive

14

Applying AOP to RCT

AOP Model imposes total ordering

Requirements dictate partial ordering

Server < Authorization < CPPClient < Authorization < CPP

1. Call

2. CPP Error

3. CPP Response/Call

4. Authorization Error

5. Authorization Response/Call

15

Desiderata

Client/Server AOP Client/Server deploymentEffective use of multiple aspectsSupport for heterogeneity

16

Outline

Background

Adaptlets Policy Overview Future Work

17

Adaptlet DevelopmentApplication

ProcessAdaptletProcess

Interface

Code

Interface

Code

Application Adaptlet

18

Adaptlet DevelopmentApplication

ProcessAdaptletProcess

Interface

Code

Interface

Code

Application Adaptlet

Adaptlet Compiler

Pointcuts

AdaptedApplication

19

Example: Client-Puzzle Adaptlet

adaptlet CPP{

server { advice void puzzle( ) : Authorization.*( ) && Service.join(); data(thread) PuzzleResponse solution;};

client { request puzzleChallenge(in PuzzleChallenge ch);};

};

1. Server can block client requests that access database2. Server can issue puzzles to client3. Client can respond with solutions

1.

2.

3.

20

Adaptlet Advice Dispatched Advice Bound by pointcuts

1. RCT.login

2. puzzle

CPP.puzzle

> RCT.login

Authorization > RCT.login

CPP Auth

Router Router

3. verifyAND

21

Adaptlet Request RPC Extension Multiple embedded adaptlet calls Maintains call context

4. CPP.challenge + Authorization.identify

5. challenge 6. identify

Router Router

CPP AuthCPP Auth

22

Adaptlet Data RPC Extension Scoped distributed state

Per-thread Per-Adaptlet

7. RCT.login + CPP.solution = value+ Authorization.identity = value

Router Router

CPP AuthCPP Auth

8. solution = value9. identity = value

23

10. puzzle

CPP Auth

Router Router

11. verify

CPP Auth

Adaptlet Data RPC Extension Scoped distributed state

Per-thread Per-Adaptlet

12. login

24

Adaptlet CompilationAdaptlet Interface

Adaptlet Stub

Application Interface

Pointcuts

Application

Stub Compiler

Query Engine

Weaver New App

Adaptlet

25

Adaptlets

Adaptlets

Stubs

Java Client Application Adaptlets

Stubs

C++ Server Implementation

Heterogeneity and Consistency

Middleware Middleware

ByteCode Custom Stubs

Weaver

Windows Binary

26

MeasurementsSec/Call versus added Advice or Request

00.00010.00020.00030.00040.0005

1 2 3 4 5 6 7 8 9 10

# Advice or Request

Se

co

nd

s

OriginalAdviceRequest

Averaged over 10 trials of 10000 callsInitial overhead : 80%Additional request overhead: 1.6%Internet Ping Delay from Portland to SF: 70ms

27

Adaptlet Details Applied to Remote Collaboration Tool

Mobility [unpublished] Puzzle Protocol [Tech Report] Performance Monitoring [ICSE 2003] Caching [DOA QoS Workshop 2004]

Adaptlets are RPC extensions Deployed consistently Flexibly deployed

28

Outline

Background Adaptlets

Policy Overview Future Work

29

GlueQoS Problem:

Web Services span policy administration boundaries Feature agreement must be resolved at runtime

Example:Server policy:

1. Client rewarded ½ puzzle size for authentication

2. CPP is required if server load is over %50

Client policy:

1. Never use authentication

2. CPP puzzle size < 18

30

Start with WS-Policy

Web Service protocol policiesAssertions

XML text Text is opaque

N-ary operators ExactlyOne OneOrMore All

31

GlueQoS WS-Policy Middleware Resolve policies for client and server at runtime

ExactlyOne (xor) OneOrMore (or) All (and)

Structure assertions with types Provide operators to build policies from input However … resolution is NP-Complete

Solvable in under .01ms for under 100 variables 1000 randomly generated HARD instances tested with

Zchaff[Fu] using fixed-clause method (k=3)

32

Policy Elements Assertions (WS-Policy)

e.g. CPP Typed Parameters

Enumerated types Real values with unary interval constraintse.g. CPP[10 < size < 18]

Policy constructorsParameter values

e.g. CPP[size = cpu]Conditional clauses

e.g. CPP if (cpu > .5)

33

Policy Protocol

PolicyManager

SAT Verifier

Client Policies

InputCallbacks

Session Protocol

PolicyManager

SAT Solver

Server Policies

Session Protocol

Web ServicesMiddleware

Web ServicesMiddleware

InputCallbacks

Resolve Configuration

1. Client sends policy2. Server solves policies3. Server sends solution4. Client verifies solution

34

Two Feature Server Policy

let cpu = cpuUsage( ),puzzleMax = 16

in(1) ((CPP[size = cpu*puzzleMax/2] and Authentication)(2) xor CPP[size = cpu*puzzleMax](3) xor (Authentication if (cpu < .5)))

1. Client rewarded ½ puzzle size for Authentication2. No Authentication requires full puzzle size3. CPP is required if server load is over %50

35

Satisfiability Convert into k-SAT

Possible exponential blow-up Convert parameterized assertions into

unique variables ex. (CPP[size > 10] xor Authentication) and

(CPP[size = 8])becomes

(A xor Authentication) and B and (A implies not(B)) and (B implies not(A))

Proof by induction on number of variable instances with parameters

36

GlueQoS Status Implemented for Apache Axis

Property of IBM Integration with Adaptlets [in progress] GlueQoS provides

Resolution engineStructured policies for parameterizationWS-Policy construction

37

Outline

Background Adaptlets Policy Overview

Future Work

38

Future Work Research focus

Adaptive Distributed Systems Global Battlesphere Initiative Knowledge Plane

K-App Middleware

DeploymentPolicies

ComponentMetadata

FormalAnalysis/Testing

Knowledge Plane

ComponentsMiddleware

39

Thank you … Adaptlets

International Conference on Software Engineering, 2003.Wohlstadter E. , Jackson S., and Devanbu P.,

International Conference on Software Engineering: Formal Software Demonstration, 2004.Wohlstadter E. , Jackson S., and Devanbu P.

GlueQoS Policy International Conference on Software Engineering, 2004.

Wohlstadter E., Tai S., Mikalsen T., Rouvellou I., and Devanbu P.

Data and Knowledge Engineering: Special Issue on Contract-based Coordination and Collaboration, 2004Tai S., Mikalsen T., Wohlstadter E., Desai N., Rouvellou I.