June 2012, Vol 1
HITech
Technical magazine of CSE Department, Heritage Institute of Technology
E d ito r : Pr of . R e s h m a R o ych oud h uri , A s s is ta n t Pr of es s o r, C S E
In This Issue: 1 . F or e w or d
Pa ge 2
b y Pr of. Par th a B a su ch owd h u r i, A s si st an t Pr ofes s or , CS E
2 . H a ck er s an d Sy st em S ec u r it y: A Ut i l it y -B ase d De c i s i on A n a ly s is M od el
Pa ge 4
b y Dr . Am it a va B a gc h i, Pr ofe ssor , C S E an d M r . S ou m y o D
M oitr a ,
R es ea r c h
S c ien tis t,
C arn e g i e
Me l l on
U n i v er s ity, Pitt sb u r gh , Pen n sy lva n ia, US
Pa ge 12
3 . E ss a y on A lan T u r ing b y F ir st Pla c e h old er of A lan T u r i n g Es sa y Wr i t in g C on te s t, M s. S at a ru pa G u h a, 4 t h Y ea r, BT e ch , C S E 4 . H a ve y ou e ver t h ou g ht wh at ot h e rs ar e
Pa ge 16
t h in k in g ?
b y D r. S u b h a sh is M a ju m d er , Pr of es s or an d H oD, C S E 5 . S y n ops is of " Em er g in g Tr en d s in A lg or it h ms " w or k sh op
Pa ge 19
b y Mr . S ou r a v D u t t a, 3 r d Y ear , BT e c h , C S E 6 . L i st of Pu b l icat ion s b y f a c u lt y a n d st u d en t s of C S E D e pa rt m en t of H I T [J a nu ar y t o J un e 2 0 1 2 ].
7 . A S i m p le U SB Devi c e D r iver on L i n u x p lat f or m s
b y Pr of. A r in d a m Ch at t e rje e, As s i st a n t Pr of e ss or , C S E
8 . S y n ops is of “ Fa u lt T oler a n t Sy st em s” w ork s h op b y Mr . K au st a v C h ou d h u r y, 1 s t Y e ar , MT e ch , C S E 9 . T e ln e t ove r S SL w it h Z -m od em
b y Mr . S ou m ab h o Ban er j ee, 3 rd Y e a r, BTe ch , CS E
Pa ge 21
Pa ge 22 Pa ge 27
Pa ge 32
1 0 . C r os sw ord
b y Pr of . R esh m a R oy c h ou d h u r i, As s i st a n t Pr ofe s s or, CSE
Dept. of CSE, Heritage Institute of Technology
Page 1
Pa ge 35
Foreword
Heritage
Institute
of
Technology
was
established by Kalyan Bharati Trust in 2001 at
B y P ro f . P a rth a Ba s u c ho wd hu ri , A s s i s tan t P ro f e s so r, CS E
Anandapur, Kolkata. In the depart ment of Computer Science and Engin eering, a team
"Computers ar e good at follow ing instru ct ions, but not at read ing your mind" - Dona ld E.
Dr. Knuth's quote suggests, exactly wher e the computer scient ists step in. Seeming ly their job is only to int er act with the comput ers But
their
cha lleng e
is
to
put
innovative featur es in a computer so that the computers can do whatever we th ink the computers can not do just yet - be it read ing one's mind or pred icting futur e. Simp ly put, the goal of studying a subject is to ma ke improvements subjects,
in
taught
th e as
f ield a
of
part
study.
of
a
The
degree
curriculum, are the build ing b locks of the computer science knowledge of a student. But unless this plethora of know ledg e is e xercised to successfully excute a hands-on project, justice is not done on the knowled ge at hand. Open
forum
and
good
environ ment
for.
teacher-student int eraction can only increase the int ens ity, magnit ude and quality of the work. This is th e model that the depart ment of Computer Science and Eng ineer ing at Heritage Institut e of T echnolog y has been follow ing f or years.
The
faculty
members
have
been
work ing w ith the st udents hand-in-hand to strike the r ight balance for an excellent work ing
environ ment
and
to
produce
successfu l comput er scientists, eng in eers and entrepreneurs.
staffs work tir elessly with the students to g ive them a learning exp erience of int ernat ional
Knuth
eff iciently.
cons ist ing of thirty teaching and techn ical
standard.
Laboratories
updated
computers with high-end configurat ion adds to
that
exp erience.
department
have
Research ers been
from
pub lish ing
the t heir
orig inal w orks in top ranked in ternation al conferences and jour nals. Collaboration with elite
nationa l
and
internat ional
inst itut es
provides students the exposure to keep up with
th e
state-of-the-art
in
the
subject.
Workshops, seminars and presentat ions are organized to encourage in dependent r esear ch. Students student
have chapter
recently to
for med
encou rage
an
ACM
t echn ical
activit ies with in the d epartment. The students organize technical events within th e inst it ute and also participate heavily in the techn ical events organized w it hin the inst itute as well as in other premiere academic inst itutes. This department
year, of
for
the
Computer
first
t ime,
Science
the and
Eng ineering has taken the init iat ive t o pub lish a technica l magazine to p rimar ily encour age the students to hone their technica l writ ing skills. The pu rpose is not to publish f inal form of orig ina l research work but to revis it s ome areas of interest in the f ield of Comp uter Scien ce and b ring int o light various infor mal yet technical art icles. Senior faculty memb ers such as Dr. Amitava Bagchi, D r. Subhashis Majumder
Dept. Of CSE, Heritage Institute of Technology
with
Page 2
and
Arindam
Chatterje e
h ave
contributed en cou rage
w ith
techn ica l
origin a l
research
art ic les
to
be able to d raw inte rest of the re ad e rs as th ey
works
in
h a ve dra wn min e. N on et hele ss, th e e dit o r- in -
r esp e ct iv e fie lds. Un d erg ra dua t e a nd gra du a t e
ch ief
stu dents of fer t h eir mix of r ev iew a rt ic les a s
R oy c h ou dh u r i,
w e l l a s cu rs or y o r i g i n a l wo r ks . To ma rk A la n
P ro f ess or
Turing centen ary y ear, the ACM cha pter at
Sc ien ce a n d En gin ee r i n g, ha s p ut f o r w a rd he r
The
had
best ef fo rts to ma ke t h is ma ga zin e a succe ss
c on du ct ed a n es s a y c on t est th is y ea r. Th e
a nd I wou ld like to t a ke t h is op po rtu n it y t o
es sa y t ha t won t h e firs t pla ce in t h at con t est is
tha n k h er on beh a lf o f th e depa rt men t . Ot h er
a proud inclus ion. Oth er than that, sum ma ry
tha n edit ing, d i git a l t yp eset t ing a n d sev er al
of th e workshop o rg a nized by ACM chapt er
other tasks rega rdin g the f ormat ion of the
ha s a lso be en pu blis h ed . I s inc er e ly hope tha t
ma ga zin e,
the ra n ge of th e a rt i c l es p ubl is h ed
ma ga zin e is a te ch nica l c rossw ord pu zzle,
He rita ge In st itu te
of
Techn ology
in
th is
e dit i on of the techn ica l ma ga zin e will
of
the in
tech n ica l who the
her
is
ma gaz in e, also
dep a rtmen t
an
Assistant
of
Computer
a dd e dcon t ribut ion
to
the
wh ich adds th e e le m ent of fun and ga mes t o the t echn i ca l knowled ge.
Wish y ou a ll a good readin g!
Dept. Of CSE, Heritage Institute of Technology
Reshma
Page 3
Hackers and System Security: A Utility-Based
Decision
Analysis
Model By
D r.
an d
A m it a va
Bagc h i,
So u m yo
Sc ie n t i s t,
D
Ca rn e gi e
P ro f e s so r,
Mo i t r a, Me llo n
CSE
Re se a rc h Un i ve rs i t y,
P it t sbu rgh , P e n n syl v an i a, US
A bst ract: The best way for an organizat ion to respond to the menace of hacking can be determined us ing two differ ent approach es, namely decision analysis and game theory. Under certain circumstances a game-theoretic may
provide
superior
strategic
alternatives in th e w ar against hackers. But game
theory
assumes
that
all
alt ernative
strateg ies available to the two antagonists are publicly known, which might not be true in rea lity. This paper presents a decision analysis framework where the hacker’s ut ility is made to depend on the degree of diff iculty in hacking, which can be expressed as a function of the organizat ion ’s secur ity paramet ers. We consider three types of hackers accord ing to their mot ivations, and mod el the expected utility H of a hypothet ica l compos it e hacker. H
point F is a lways maximized. Ar ea: Information Secur ity
M r.
solut ion
difficu lty level, to ensure that at the operating
determines
the
probab ility
of
hacking
through the Log it Model of qualitat ive choice, allowing us t o estimate the expected da mage in cur red by the organization as a result of hacking. If we also k now the cost of secur ity, we can derive the org anization’s ut ility F, a nd compare th e d ifficu lty levels at which H attains its minimu m value and F its maximum value. As the hacker’s profile changes, the organization
respon ds
by
modify ing
the
secur ity paramet ers and thereby changing the
1.Int roduction: Determin ing the appropr iate level of network security is an important issue for a ll organizat ions that make use of t he Internet. While inadequate security can cause great damage, excessive invest ment in secur ity is a waste of resources. We develop a decision analysis mod el t o help organ izat ions to decide on the optimal level of secur ity for their computer systems. We exp ress th is level in terms of common ly used security paramet ers, and
also
relate
it
to
the
not ion
of
t he
survivab ility of the system when attacked [Moit ra and Konda 2000]. The hacker’s ut ility and the organization’s utility can be viewed as funct ions of this level. Some recent stud ies [Cavusoglu
et
Raghunathan
al
2004,
2004]
Cavusoglu
and
adopted
an
have
interest ing game-the oret ic approach to the hacking p rob lem. These shed new light on t he issue
and
p rovide
network
administ rators
with mu ch needed d ecision p rocedures. But there is some uncertainty whether a game in the game-theor etic sense is being p layed at all.
An
organizat ion
is
interested
in
min imizing total ex pected cost, not in the equilib riu m point of a game. In fact, there is in complet e infor mation in this situation. For either player, the opponent’s ut ility cannot be known accurately, nor can the set of strategies available
to
the
opponent
be
known
comp let ely, violatin g a basic p remise of game theory. The feasib le set of strateg ies may actually b e qu it e comp lex. Also, th ere are hackers of many hues, so only a many-player
Dept. Of CSE, Heritage Institute of Technology
Page 4
mod el is really applicable. Sin ce this is a non-
illega l int rus ions. When an IDS alarm in
zero sum ga me, it is not st raightf orward to
conjunct ion with manual checks f inds t hat
find the equilibrium point. The s equence of
hacking has taken place, corr ect ive act ion is
moves needs to be specif ied, and this is not
in itiated
obvious a pr ior i.
satisfactory operation, the secur ity hardwa re
In our d ecision-theoret ic opt imizat ion model, we d erive express ions for the ut ility of t he hacker
and
probability
of of
the
organization.
hack ing
then
The
becomes
a
funct ion of the ut ilit ies of the hacker when hacking and when not hacking. We show that the
opt imal
level
of
secur ity
from
t he
organization’s point of view is not necessar ily at
the
point
wh ere
a
hacker’s
ut ility
is
minimized. We also show how this opt imal point changes as the security parameters and the prof ile of th e hacker change. A nume rical examp le illustrates the main featur es of the mod el
and
to
minimize
software
are
damage.
To
ensure
supplemented
with
appropriate ru les an d procedures. Ind ividual hackers have vary ing skills and resources. So, given a system S, the perceived deg ree of difficu lty in hack ing S varies with the hack er. Of course, not a ll hackers are interest ed in hacking S. Wh en we ref er to the perceived degree
of
d iff icu lt y
of
S,
we
restr ict
cons ideration to th e set of hackers who are interested in hacking S. Let Δ be the perceived degree of diff iculty in hack ing S averaged over all hackers in th e set. Δ is a measure of the secur ity level of S; it is a posit ive r eal number in the doma in [0,1]. The organization installs a specif ic secur ity infrastructure to
2. The Level of Security: To ensure efficient
protect S ther eby sett ing the value of Δ. T he
operat ion, every mod ern organ ization makes
notion of the surviva bility σ of a system has
use of comput er resources. We ref er to the
been defin ed by Moit ra and Konda [2000] as
computer
“the d egr ee t o wh ich a system is ab le to
resources
of
an
organ ization includes
withstand an attack and still funct ion at a
software,
cer tain level at its new state after the attack”;
applicat ions software , Intern et websit es, and
σ is a rea l number in the domain [0,1]. Δ and
databases
The
σ are closely related and can in fact be
organization erects a security wall around the
id ent if ied; Δ looks at the system from t he
system to safeguard it fr om hackers. The
hacker’s
secur ity
organization’s p oint of view.
collect ively
as
the
computer
hardware, and
system.
systems
data
mechan isms
Th is
warehouses.
are
of
three
typ es:
prevent ive,
detect ive
and
correct ive.
prevent ive
mechanism
such
as
a
A
firew all
inhib its an unauthorized user f rom enter ing the system. A detect ive mechanism such as an Intrusion Detect ion
System
(IDS)
tracks
unusual
of
view,
and
σ
f rom
t he
3.The Hacker’s Utility: A hacker can have three d ist in ct reasons for hack ing: A.Monetary
gain
emb ezzlement,
or
information;
patterns of user beh avior to detect possible Dept. Of CSE, Heritage Institute of Technology
p oint
Page 5
through access
to
f raud,
confident ial
B.The menta l challenge of hack ing and a
Here, f1 + f2 + f3 > 1 always; since a hacker
desire to rise in t he est imation of ot her
can have more than one mot ive for hack ing, it
hackers;
is possib le that
C.Political or r eligiou s animosity towards t he
f1
organization b eing attacked.
H1 H H 0, 2 0, 3 0 .
In hacking of type A, the utility H of the
+
f2
+
f3
>
1.
We
know
th at
hacker decreases as the diff iculty level Δ
It follows that H varies with Δ as shown in Fig
in creases; in hacking of type B, H increases as
1. We expect this variat ion to be non- linear,
Δ in creases; and in hacking of type C, H does
and the value of H to be h igh both when Δ is
not depend on Δ.
small and when Δ is larg e. H is min imum at
Let
us
consid er
a
hypothetica l
“compos it e” hacker w ho has all th ree mot ives for hack ing S in the proport ions given b elow. In a particular situation, she can choose to
the point Δ = Δ1. If the organ izat ion is able to set Δ to Δ1, the hacke r has the least incent ive to engage in hack ing. Possib le funct ional forms for H1, H2 and H4 are
hack or not to hack. When she does not hack, she
has
an
expected
ut ility
H0
that
H1
is
independent of Δ. Wh en she hacks she has an
H 4 a '' b "
expect ed ut ility H = f1H1 + f2H2 + f3H3 wher e H lies in the domain (- ∞, +∞) and
1 , H2 a ' b ' 2 a b , ,
where a, b, a’, b’, a”, b” are posit ive constants
f1 is the p rop ort ion of hackers of type A (in
and 1 < ε < 2.
the set of hackers attack ing system S) Hacker's Utility (H)
18
f2 is th e proportion of hackers of type B
14 H 10a
f3 is th e proportion of hackers of type C
c
k
e
r
'
6 2 -2 -6
H1 is the ut ility of a hacker with mot ivat ion A
0
4
8
Secu rity Lev el (Δ)
12
alone H2 is the ut ility of a hacker with mot ivation B
Fig 1: Variation of H with Δ
alone H3 is the ut ility of a hacker with mot ivat ion C alone
1.0 d
0.5
0.0 0.0
Dept. Of CSE, Heritage Institute of Technology
Page 6
0.5
1.0
Fig 2: R OC Curve for Firewall
another real constant > 1. This also def ines an
4. Functional Form for Δ: We would lik e to express Δ as a function of the six princip al secur ity paramet ers [Cavusog lu et al 2004]:
ROC cu rve, and a figure of mer it for the I DS is dI, the closest distance this curve approaches the point (0,1); dI is a function of s. Since the diagonal in the ROC curve has a length of √2,
q1F the probab ility that the firewa ll stops an unauthorized user
q2F
we
the probability that authorized external
traffic passes th rough the f irewa ll
q1I
when an int rusion occurs
alarm wh en th ere is no int rusion of
probab ility
monitoring
of
manually
monitoring
manually
well kn own that in a firewa ll, the paramet ers F 2
q and q are re lated by an equation of th e form
1 q2F q1F
, wher e r is a constant > 1
the relat ionship is called an ROC curve ([Metz 1978], see Fig 2). We would like th e f irewall to operate at the point (0,1) in the graph, i.e.,
qF qF at the top left corner where 1 = 2 = 1, but in pract ice it can operat e only at a point on the ROC curve. A f igur e of mer it for th e f irewall is dF, th e closest d istance the R OC curve approaches the point (0,1); clearly, dF is a funct ion of r. Similarly, for the IDS, t he
q1I
the
and
equation of the form
q2I
are
related
1 q2I q1I
Dept. Of CSE, Heritage Institute of Technology
secur ity
inf rastructure,
to
vary
t he
and manual che cking to the value of Δ. T he close r a produ ct t erm gets to 1, the hard er it ignored
because
in
practice
there
is
of IDS alar ms. If we want to incorporate it, we can includ e an addit ional product term of the form
by
an
s , where s is
1 2 t
'
, where t’ is another pos it ive
constant.
r
[Yue and Bagchi 2003]. The graph that shows
parameters
want to assign to the diff er ent components of
frequent ly no manual check ing in the absence
when the IDS does not produce an alarm It is F 1
and tF, tI and t are also posit ive constants that
is to hack S. The cont ribut ion of ρ2 has been
when the IDS produces an alarm ρ2the
where c is a posit ive scaling constant,
re lat ive cont r ibut ions of the f irewall, th e I DS,
q2I the probability that the IDS generates no
probab ility
write
t dI I t . 1 .1 2
can be adjusted, depending on the weigh ts we
the probability that the IDS gives an alar m
ρ1the
can
t dF F c. 1 2
To determine dF we f irst min imize the expr ession y2r+(y-1)2 with respect to y where y is a positive real variable, and then take the square r oot. Assuming r = 5, this yields dF = 0.340 and (1- dF/ √2) = 0.725; s imilarly, assuming s = 10, we get dI =0.226 and (1dI/√2) = 0.841. 5.The Utility of the Organization : The utility F of the organizat ion can be expressed in t he form F = F1 + F2 wh ere F, F1 and F2 are all negative and dep end on Δ. Here, -F1 is a measure of the expected damage caused by hacking and -F2 is t he cost of the secur ity infrastructure.
Page 7
We can write F1 = -P.D, where P is the probability that hacking occu rs and D is the expect ed damage. To obtain an expression for P
we
make
Qualitative
use
of
Choice
the
Logit
[ McFadden
Theory 1980,
of
Ben-
Akiva and Lerman 1985, Train 1986]. This theory is based on the concept of ut ility and has been extensively applied to situat ions in which a person chooses one option from an exhaustive f inite set of mutually ex clus ive
F 0 at Δ = Δ2. Using the realist ic that funct ional f orms D e
home to a specif ied dest ination. In our case the
hacker
opt ions,
to
has
two
hack
or
mutually not
to
ex clusive
hack,
with
cor respond ing utilit ies H and H0. By the Logit Theory,
eH P H0 e eH .
P H is always posit ive
when H is f inite, so P varies with Δ in the same manner as H. The expect ed da mage D decreases as Δ increases. Thus F1 varies with Δ as shown in Fig 3. Since -F2 incr eases as Δ in creases, F varies with Δ as shown. F is maximu m at the p oint Δ = Δ2, and the organization wou ld want to operate at t his point. For a given set of parameter values, the F-Δ curve remains fix ed for an organization . Δ changes as the security level is adjusted, and the operating point moves along the F- Δ cu rve to a new posit ion. If the operat ing point is to the r ight of Δ2 the system is over-secu re a nd Δ should be decreased; if it is to th e left of Δ2 the system is unde r- secure and Δ should be in creased.
and
F2 e ,
P ( ) P e get at Δ = Δ2. Cavusog lu et
al
[2004]
implicit ly
assume
that
t he
parameters β and μ are both zero; this makes
P H = 0, which imp lies = 0 and forces Δ1 =
P Δ2. In our mode l we allow ≠ 0 at Δ = Δ2. If
the
second
t erm
in
the
RHS
of
t he
P P expr ession for exceed s the first, then < H 0, implying < 0. Th is can be t rue only for values of Δ less than Δ1; thus, Δ2 < Δ1. Simila rly, when the second t er m is smaller than the first, Δ2 is greater than Δ1. The system operates at Δ = Δ2, which for ces the hacker to op erate at the same point (Fig 3). Thus the hacker’s utility is not necessarily at its lowest at Δ2 but can be somewhat larger. 7.Tuning the System Security: If the system is operat ing at Δ = Δ2 and all paramet ers remain unchanged, then it is in a stable state and no adjustments in the secur ity set-up are needed. Ther e
are
two
s ituations,
how ever,
when
secur ity tuning might be required. In ord er to plot the H-Δ curve, th e parameters fk, 1 < k < 3, must f irst b e est imated. By an examination of th e user log files of S, we can in theory
Dept. Of CSE, Heritage Institute of Technology
where α, β, γ and μ a re posit ive constants, we
alternatives, as for e xample when buying a car or when s elect ing a travel route from
Relative Va lues of Δ1 and Δ2: We know
6.
Page 8
id entify the p roport ions of hacking act ivity of
Step 1:
System websit e or database gets
types A,
changed, or better estimates of fk become available.
50.0 Δ1
H
0.0 0
5
10
15
Δ2
-100.0
H-Δ
is
curve
Step 4: Security Level (Δ)
The
(new
Δ1
is
With the h elp of the P- Δ p lot, the
new F-Δ curve is plott ed. Step 5:
3:
afresh
plotted against Δ.
F
-200.0
Fig
p lott ed
Using the new H- Δ curve, P is
Step 3:
F2
-150.0
Hacker’s prof ile changes, so the
obtained).
F1
-50.0
Step 2:
Utility
Function
F
and
th e
Operating Point Δ2
The new operating p oint Δ2 of
the system is det ermin ed. At this p oint t he new F has its maximum value. This is also the new op erating point of the hacker. 8. Numerical
Example:
We
illustrate
our
B and C. The numb er of b reak- in attempts at
mod el w ith a numerical example. Since not
any given organizat ion might not be large, so
much rea l lif e data on hacking is pub licly
to get larger samp les for est imation w e can
available, we make use of hypothet ical but
classify
and
realist ic data. For Ta ble 1, we have assumed
estimate the values of fk, 1 < k < 3, from t he
the following paramet er va lues: f1 = 0.6, f2 =
totals for each category. If more extens ive and
0.3, f3 = 0.1, H0 = 1, H3 = 50, α = 2000; β =
reliable data become available at a later time,
0.5; γ = 50, μ = 0.1, ε = 1, a = 0.001, b = 0.003,
the est imates can be revised. Chang ing t he
a’ = 0.7, b’ = 0.9, a” = 2, b” = 35. Tab le 2 uses
fk’s would in effect change the expr ession for
the
H,
parameters as ind icated.
organizat ions
which
means
into
the
categor ies
H-Δ
curve,
and
same
consequent ly the F- Δ curve, would have to be redrawn. A s imila r s ituation ar ises when t he
va lues
bu t
var ies
Δ
database is alt ered. T hat would, over a period thereby changing the fk va lues. In summa ry,
of
t he
f2.H f1.H1
2
H4
H
P
content or format of the system website or of t ime, attract a different mix of hackers,
some
46. 4
2
5.2
F1
F2
F
-
-
-
4
13.
0.3
80.
74.
154.
3
3
0
1
6
7
5.3
0.2 8
-82.4
128.3
the steps in t ime sequence in the decis ion process are as follows: 5
Dept. Of CSE, Heritage Institute of Technology
Page 9
37. 5
7.8
45
-45.9
6
31. 6
11. 0
0.6
0.2 7
-26.9
-91.1
118.0
7
27. 3
14. 7
-2.0
0.2 6
f2 high
0.2
0.7
0.1
2000
50
4
6
-16.0
100.7
116.7
f3 high
0.3
0.2
0.5
2000
50
9
7
8
24. 0
19. 0
-3.0
0.2 6
120.9
Base case – new α
0.6
0.3
0.1
1000
50
8
6
-9.6
111.3
9
21. 4
23. 8
128.8
Base case – new γ
0.3
0.1
2000
200
8
5
-5.9
123.0
0.6
-2.8
0.2 6
53
1 0
19. 4
29. 1
55
-1.5
0.2 7
-3.6
135.9
139.5
Ta b l e 2 : S e n si t ivi t y o f Δ1 a n d Δ 2 w i th r e s pec t t o si g ni fi ca n t m o de l pa r a m e ter s
1 1
17. 6
35. 0
57
0.6
0.2 7
-2.2
150.2
152.4
Table 2 shows how Δ 1 and Δ2 change as
1 2
16. 2
41. 4
59
3.6
0.2 8
-1.4
166.0
167.4
particular the pr oportions fk, 1 < k < 3, the
1 3
15. 0
48. 4
61
7.4
0.2 8
-0.9
183.5
184.3
We f ind that Δ1 is much more sensitive to
47
49
51
f1 high
0.8
0.1
0.1
2000
50
16
7
some
of
the
paramet ers
are
varied,
in
coeff icient α of D and the coefficient γ of F2. changes in fk, 1 < k < 3, than Δ2. However, Δ2 is more s ensitive to variat ions in the
Ta b le 1 : V ar i a ti o n o f H a n d F w i t h Δ
Table 1 shows that the hacker’s ut ility is relat ively high at a low secu rity level. But as the security level increases, the utility fa lls, going b elow the base level H0 (in the interval 0.6 < Δ < 1.1) and even becoming n egative.
damage and cost coeff icients than Δ1, as would
be
exp ected.
We
might
want
to
compare the value of Δ at the equilibrium point achieved und er the assumpt ions of game theory to the values of Δ1 and Δ2 comput ed
When the secu rity level increases further, t he
using ou r method.
utility rises again. Thus in some situat ions the
9.Conclusion: In this paper we have tried to
hacker’s ut ility is high er when she is not hacking than when she is hack ing. Simila rly, at
low
security
levels,
the
organization’s
utility has a relatively low value. It rises to a higher value as the security level increases, but
falls
as
the
security
level
increases
further. The point at which the hacker’s utility is lowest does not coin cide with t he point at which the organization’s ut ility is highest (N.B. Δ1 = 0.8, Δ2 = 0.7. so Δ1 > Δ2). f1
Base case
0.6
f2
0.3
f3
0.1
Coef of D (α)
Cost coef (γ)
Δ1
2000
50
8
enumerate the d ifferent reasons for hack ing, and then model a ut ility function hypothetical
“comp osit e”.
for a
hack er.
T he
parameters of this utility funct ion can be interpret ed in ter ms of hacker mot ivations, and the probability of hackin g can b e d erived from it. We have also proposed the concept of “the degree of d ifficu lty in hacking” a g iven system and expressed it in ter ms of the secur ity parameters of the system. Fina lly, we
Δ2
have developed a u tility funct ion for t he organization
7
in
te rms
of
its
secur ity
parameters and show n how the organization can deter mine the level of security that is b est
Dept. Of CSE, Heritage Institute of Technology
Page 10
for itself. A numer ical example illustrates h ow
Metz C E (1978), Basic Principles of ROC
the opt ima l level of secur ity changes with key
Analysis, Seminar in Nuclear Medicin e, 8,
mod el paramet ers.
283-298
R eferences:
Moitra S D and Konda S L (2000), The Survivability
Ben-Akiva M and Lerman S R (1985), Discr ete
Emp irical
Choice Analysis: Theory and Application to
(2004), A Model for Evaluating I T Security
Raghunathan
S
R eport
Carnegie-Mellon
Theory, Economet r ics and an Applicat ion to Aut omobile Demand, MIT Press
(2004),
Conf igu ration of Detect ion Software: A Comparison of D ecision and Game Theory Approaches, D ecis ion Analysis 1, 131-148
Yue
W
and
Bagchi
Informational
Asset s
A
(2003), with
Protect ing
Firewa lls
at
Minimu m Cost, Proc WITS-2003, Works hop on
McFadden D (1980), Econometric Models of
Information
Technology
and
Seattle, WA, Dec 13-14, 2003, 31-36
Probab ilist ic Choice a mong Products, Jr of Business, 53, 513-529
Dept. Of CSE, Heritage Institute of Technology
Technical
An
Train K (1986), Qualitative Choice Ana lysis:
Investments, Comm ACM, 47, 87-92 and
Analys is,
Systems:
University
Cavusog lu H, Mishra B and Raghunathan S
H
Network
CMU/SEI-2000-TR-021,
Predict Travel Demand, MIT Press
Cavusog lu
of
Page 11
Systems,
Alan
Turing
Essay
Writing
Scient ific Specia list, h e is wasting his t ime at
Contest
a Public School.”
F i rst P lac e H o lde r, M s. S at a ru p a Gu h a, 3 r d
However, he won every possib le pr ize for
Y ea r, B Te c h, CS E
On a serene morning of June, 1954, a halfeaten apple lay besid e a man, convict ed of t he death of the father of comput er science, Alan Tur ing. His d emise, b elieved to b e the result of cynanide
poisonin g,
was
a
rather
b leak
accolade for the man who happened to be one
mathe matics while at school, and learnt deep mathe matics on h is own. He f ound specia l interest in Chemistry too and carried out selfdesigned
experiments
which
gr eatly
disp leased his t eachers. Flow ering under t he str ict
d iscouragement
of
his
inst ructors,
Turing cont inued
of the g reatest p ioneers of the computer f ield.
undeterred to spread himself int o the more
Mathematician,
crystanalyst,
prolif ic rea lms of scientif ic knowled ge. While
computer scient ist : Alan Tu ring encompassed
still being a school student, he had a lready
an wider spectrum of proficiency than that
read
procla imed by these f ew mere tags.
Eddington’s quantum mechanics. Not on ly did
Born
of
Br it ish
logician,
parents,
Ju lius
Mathison
Tur ing, memb er of t he Indian Civil Service, and Ehel Sara Stoney, on June 23, 1912 in
Einstein’s
papers
on
relat ivity
and
he grasp them, he even extrapolated Einstein’s quest ioning of Newton’s laws of mot ion fr om a text in which this was never made elicit.
England, Alan Tur ing was admitt ed to St.
Thankfully for Turin g, Cambr idg e prove d to
Michaels at the age of s ix and later to
be a better p lace to fit in for unconvent ional
Sherbourne School. From the very onset of his
people like h im. Entering into King’s College,
school education, he showed signs of gen ius
Camb ridg e to study mathematics, he could
and an unabashed int er est for science in
now
general, amd mathematics in part icular. His
mathe matical
first day of ter m coincided with the 19 26
developed a penchant for recreating th e works
General Strike in B ritain, but so det er mined
of previous scient ists. He proved th e cent ral
was he to attend th at he rode h is b icy cle
limit theorem, desp it e the fact that he had
unaccompanied more than 60 miles to sch ool,
failed to f ind out that it had already been
stopping overn igh t at an inn. However when
proved
it came to skills of the right brain, he suffered
dissertation earned him th e honou r of being
miserably.
elect ed a fellow at King’s in the same year.
He
was
crit icised
for
his
handwriting, struggle d at English, so much so that his headmaster once wrote to his mother:
seamlessly
in
pursue
log ic.
It
1922
his was
by
interest here
that
Lindenberg.
in he
This
In his path-breaking paper “On Computable Numbers,
with
an
Applicat ion
to
the
“If he is to stay at Public School, he must aim
Entscheidungsp rob lem” (submitted on 28 M ay
at becoming edu cated. If he is to b e solely a
1936) Turing reformu lated Kurt G ödel’s 19 31 results
Dept. Of CSE, Heritage Institute of Technology
Page 12
on
the
limits
of
proof
and
computation,
rep lacing
Gödel’s
universal
arithmet ic-based for mal language with what
of prob lems that cannot be solved by a Turing mach ine.
became renowned as Turing machines. He proved that such a simp le for mal machine would
be
capable
of
performing
any
conceivable mathematical computation if it cou ld be rep res ented as an algorith m. Perh aps the most r emarkable feature of Turing’s work on
Turing
mach ines
was
that
he
was
describ ing a modern
During the Second World War, Turing was a leading part icipant in th e b reak ing of German ciphers at Bletch ley Park, th e s ite of the
Unit ed
King dom’s
establishment,
th e
ma in
Government
de cryption Code
and
Cypher School, wh ere ciphers and codes of several
Axis
countries
were
decrypted.Turing’s brilliant id eas in solving
computer before technology had reached the
codes, and developing computers to assist
point
realistic
break them, may have saved more lives of
proposit ion. He went on to p rove that ther e
military p ersonnel in the cours e of the war
was no solution to the Entscheidungsp rob lem
than
by first show ing that the halt ing problem for
mathe matician
Tur ing mach ines is undecidab le. A lbeit, his
developed th e ‘Bomb e’, a mach ine based on
proof was published after Alonzo Church’s
earlie r work by Polis h mathemat icians, which
equ ivalent
from late 1940 was decod ing a ll messages
where
constr uct ion
was
proof, T ur ing
was
a
unaware of
From 1936 to 1938 he was actively res earch
Advanced Chur ch. played
work
Study, While
with
at
the
Pr inceton, at
the
Institute und er
Princeton, id ea
of
for
Alonzo
Turin g
had
const ructing
a
computer. Once back at Cambridge in 1938 he started
to
build
an
other.Together W
G
with
another
Welchman,
Turing
sent by the Ger man ‘Enigma’ mach ines, which
Chur ch’s wor k at th e time.
doing
any
analogue
mechan ical
device to investigate the Riemann hypothesis, the biggest unsolved prob lem in mathemat ics. In addit ion to his pu rely mathemat ica l work, he studied cryptology and also built thr ee of four stages of an elect ro-mechan ical b in ary mu lt iplie r.In June 19 38 he obtained his PhD from Princeton.His dissertation (Systems of Logic Based on Ordina ls) ushered in the concept of ordinal logic and the notion of relat ive computing, where Turing mach ines are augment ed w ith oracles, allowing a study
Dept. Of CSE, Heritage Institute of Technology
could generate a constantly changing code that was imp ossible for the code b reakers to decipher in a t imely fashion. In July 1942, Turing devised a techniqu e termed ‘Tur ing ery’ for use against th e Lorenz cipher messages produced
by
Geheimsch reiber
the (secre t
Germans’ wr iter)
new
mach ine.
Turing and his fellow scient ists worked with a device
called
COL OSSUS.
The
COLOSSUS
quick ly and efficient ly deciphered th e German codes. COLOSSUS wa s essent ially a bunch of servomotors and metal, but it was one of the first steps toward the dig ita l computer.Turing travelled to the Unit ed States in Novemb er 1942 and worked w it h U.S. Navy cryptanalysts on Naval Enig ma and bombe const ruct ion in Washington, and assisted at Bell Labs with the development of secu re speech devices.
Page 13
After Wor ld War II, Turing took up long
that still plagues artificial int ellig ence today.
distance runn ing as a means of relieving t he
He w rote a paper in 1950 descr ibing what is
stress that he had
now known as the “Turing Test. ” The t est
been expe riencing lately and rea lised that he actually excelle d at it. He obtain ed record times in b oth the 3 and 10 mile races in t he Walton Athlet ic Club. Typical
cons isted of a person asking quest ions via keyboard to both a person and an intellig ent mach ine. He believed that if the person could not tell the machine apart from the person after
a
reasonable
amount
of
time,
the
of h is log ical nature, his somet imes used his
mach ine was somewhat intelligent. This test
athlet ic ability to run between locations for
has become the ult imate test of the art if icia l
his lectures.
inte lligence communit y.
Tur ing went on to work for the National
An aspect of h is life that most often re mains
Physical
unacknowledged
Tur ing went on to work for the National Physical Laboratory (NPL) and worked on developing the Automatic Comput ing Engin e (ACE), one of the f irs t attempts at creat ing a true digital computer. It was during th is t ime that he began to explore the relat ions hip betwe en computers and nature. He wrote a paper called “Int elligent Machinery” which was later pub lished in 1969. This was one of the
f irst
t imes
the
concept
of
art if icia l
int ellig ence was raised. He on ce joked“No,
I’ m
not
powerfu l
interested
bra in.
All
I’m
in
developin g
after
is
just
a a
mediocre brain, something like th e Pres ident of the American Te lephone and Teleg raph Company.” Tur ing created
that
would
mach ines
cont ribut ion
to
Biology. By 1951 he was working on the applicat ion
of
mathemat ica l
theory
to
biolog ical forms. In 1952 he pub lished t he first
part
of
his
theoret ical
study
of
morphog enesis, the develop ment of pattern and
form
in
living
interested
in
how
developed
part icu lar
organisms.He
and
why
shapes.
was
organisms There
are
millions of cells in a person or a tree, and yet all know what shape to be. Tu ring yearned to unravel th is mystery. Alan Tur ing would probably have laughed off the idea of being a philosoph er. He called himself a mathemat ician. But his 1950 paper ‘Comput er mach iner y and Intelligence’ has become one of the most cit ed works in mod ern
ref lect
the
be
mathe matical concept of computability into
int ricate
tradit ional prob lems of mind and body, free-
could
processes of the human brain. He d iscussed the
his
philosophica l lit erature. He brought the new
b elieved that
is
poss ibility
of
such
machin es,
acknowledg ing the diff icu lty peop le would have acceptin g a machine that would pos e a threat to their own int ellig ence, a prob lem
Dept. Of CSE, Heritage Institute of Technology
will and determinism. A
victim
prejudice, house
of
social
Alan
arrest
stigma
Tur ing
and
was
forced
to
and
relig ious
p laced take
under regular
oestrogen injections after being convict ed of
Page 14
homosexuality, then a punishiable offence
went awfully wrong. Whatever the reason be,
under B rit ish law. He is believed to have
his death went on to resonate some of his own
brought death upon himself at the age of 41
words-
through a self-administered dose of p oison, although h is mother mainta ined that his death was caused by a chemical exper iment that
Dept. Of CSE, Heritage Institute of Technology
â&#x20AC;? Science is a differentia l equat ion. Relig ion is the boundary cond it ion.â&#x20AC;?
Page 15
Have
you
ever
thought
what
others
to
anticipate
he r
next
move.
A
others are thinking?
badminton p layer will pract ice hard to ensure
B y Dr. Su bh a s hi s M aju md e r, P ro f e s s o r an d
possible, whether she is h itt ing a drop or a
H o D, C SE
that her body action remains as similar as toss or a smash. This will give h er opponen t a
The answer to this question is defin itely yes,
fract ion of a second less to p red ict where her
but the more pert inent quest ion is how much
next shot w ill g o. Somethin g very s imilar was
or to what ext ent. Unless one can read others’
observed
minds at least to some extent, even s imple d ay
military st rateg ist in his famous treatis e ‘T he
to day operations will not prog ress. Take for
Art of War’, “… when able to attack, we must
examp le, when the cars are passing throu gh
seem unable; wh en using our forces, we must
an unmanned crossin g, wh ich does not ha ve
seem inactive, when we are n ear, we must
any traffic lights, f requent collisions would
make the enemy believe we are far away…”.
have
not
As your compet it or might be thin k ing so ma ny
pred ict what other drivers are going to do.
things, you also need to think what she is
They do so by judging the speed of the car, t he
think ing
lane in which the car is approach ing, t he
compet it ion of t oday’s corporate world.
happened,
if
the
drivers
could
angle at which the ca r is kept when it stopped at
the
crossing;
somet imes
an
eyeball
int eract ion among th e d rivers also h elps in the p rocess.
by
Sun
if
Tzu,
you
the
have
great
to
Chin ese
survive
the
I would lik e to ment ion some excerpts fr om Sun
Tzu’s
general
another
who
w ins
famous a
quote
battle
“…the
make
many
calcu lations in h is temp le …. The genera l who
Reading others' mind is extr emely important if
loses a battle makes but few calcu lations
you have to survive in games or sports. A
beforehand. Thus do many calculations lead to
batsman
correct ly
victory and few calculations to defeat. …”. In
whether the next ball is going to b e a bouncer
most of our rea l life situations also, failu re to
or a slower, has alr eady made her job much
plan is same as planning for failu re. You may
easier. While taking a penalty in foot ball, t he
have conceived one of the best products t hat
shooter is t rying to pred ict wh ich sid e t he
are possib le in a particu lar domain, but unless
goalkeeper is going to dive and the goa lkeeper
you
on the other hand is trying to f igure out
compet itor
which side the shot will come. Players t ry to
similar in a lesser t imef rame, you may be
observe very hard the body languages of their
risk ing
opponents, wher e they look or what els e they
pushing your R&D t eam to implement it.
who
has
anticipated
do befor e the crunch action if that can g ive the slightest clue about what is going to come next. Now, if there is espionage, there will be counter-esp ionage. So, a good player will always try to strategize how she can stop Dept. Of CSE, Heritage Institute of Technology
successfully can
your
evaluate come
up
company’s
whether w ith
future
your
something a
lot
by
Ther e are nu merous such examp les that led to the failure of very established technology companies b ecause of wrong st rateg ies. Now, how will you know w hat your comp et itors are
Page 16
They are not going to tell you f or
type of the puzzle. All my f riends with whom I
sure. That’s where comes in the power of
shared it later, appreciated its specia lty. I
think ing by the top strateg ists. You need to
admit I came across very few such pu zzles
figure it out from the symptoms that are
that make you think what other peop le are
availab le.
think ing.
doing?
The
in vestments
that
your
compet itors are making over the years, the me rg ers
and
acquisit ions
that
your
compet itors are going through might g ive
Puzzle : In a village t here are some villag ers
point ers to what you a re look ing for.
who are squint-eyed (tera). The prob lem is to
Given that we have spent enough efforts to mot ivate
our
top ic,
the
mor e
import ant
quest ion to answer is whether it is possible to
determine who the squint-eyed p ersons among the villag ers are. Now the re are some g iven cond it ions you have t o assume.
train oneself to successfully think in advance
1) A villager can never know wheth er she
what others are thinking. Modern psychology
herself is squ int-eyed (assume that there are
must have some answers but that is not my
no mir rors and there is no lak e where she can
cup of t ea. On a differ ent not e, I would
see her face).
ment ion the name of a book here – ‘Men are from Mars Women are from V enus’, wh ich is a must read for a ll would be husbands and wives and maybe usef ul also for the vet erans. It will t each you or at least g ive you a few
2) A villager can see whether another villager is squint- eyed or not, but they cannot or are not
allowed
to
communicate
among
themselves by any means.
important tips about how the other gen der
3) All the villagers of that village know t hat
thinks – a very imp or tant knowledge t o avoid
there is at least one villager who is squin t-
collis ions on the road of Lif e. As a comp uter
eyed.
scient ist, I would suggest to read a few initia l pages from any good book on randomized algorith ms. There is a concept of adversary, and in your a lgorith m you try to strategize in a randomized fashion so that your phantom adversary cannot guess what you are going to do next. I will be brief here as I do not want to turn this into a lecture in algorith ms. However,
it
is
def init ely
step
will go and stand in a queue say at 10:00 AM every morn ing and all of th em will be ab le to see each other. If at the end of the day anybody is sure that she herself is squinteyed, she should step out of the queue say at 6:00 PM.
toward
If nobody steps out, t hen all the village rs will
stopping other people from anticipating your
again stand in queue next morning and t his
thoughts. I will f in ish this with a puzzle that I
will cont inu e. So this process cont inu ed and it
came across in the f inishing days of my school
was found that suddenly at the end of a
lif e. Solving it gave immense p leasure no
cer tain day (say 40th), some villag ers came
doubt but what really attracted me was the
out together and it was found exactly those
Dept. Of CSE, Heritage Institute of Technology
a
Now a protocol is d ef ined. All the villag ers
Page 17
villag ers who were sq uint-eyed came out. T he
Note: The answer w ill obviously come in t he
question is â&#x20AC;&#x201C; how was this possible? Can you
next newsletter. However, if you are impat ient
t ell - what was the numb er of villagers who
to get your answer verif ied, please write to me
w ere squint-eyed? Explain your answer.
your exp lanation cle arly. I am available at :
Hint: To solve this puzzle, you have to assume
subhashis.majumder@heritageit.edu
that the villagers w ere quit e intelligent, at least intelligent enough to solve th is puzzle.
Dept. Of CSE, Heritage Institute of Technology
Page 18
Computer Aided D es ign techniques that have
Emerging Trends in Algorithms S y n o p s i s by M r. So u rav Du tt a, 3 r d Ye ar, B Tec h , CSE
The ACM stud ent cha pter in association with the
Department
of
Comput er
Science
of
Her itage Inst itute of Technology organ ised a two day refresher cou rse on 27th and 29th of February,
2012.
It
was
the
first
event
organised by A CM student chapter after its formation in January 2012.
field of Algorith m design. It was a huge success as it saw participation fr om both and
attendees
from
faculties. both
More
Her itage
than Inst itut e
100 of
Technology as well as from other colleges attended the two da y long event. The k ey speakers were Dr. Bh argab Bhattacharya, Dr. Susmita Sur- Kolay, Dr. Mandar Mitra and Dr. Subhas
Chandra
Nandy,
called
labonach ip,
which
is
capable
of
chemica l analysis or med ical d iagnosis. Th ese ch ips are likely to bring a comp lete parad igm shift in the area of biochemical diagnost ics, DNA detect ion, or drug design system, to name a few. Dr. Bhattacharya has a fathom research experien ce on nano bioch ips and during the refresher course, he spoke about several a lgor ithmic issues of design and t est
The event focused on the new t rends in t he
students
enabled the develop ment of a t iny device
all
f rom
Indian
of a dig ital microf luid ic b iochip and their impact on various r eal lif e situations. Dr. Susmita Sur-Kolay shared her knowledge on Elect ron ic
D esign
Automation
for
VLSI
physical des ign, fault modelling and testing,
synthesis of quantum comput ers, and graph algorithms.
She
dis cussed
many
physical
limitat ions in VLSI like overheat ing or power
usage, strict er des ign ru les and th e t echn iques used to ove rcome these limitations lin e.
Statistical Inst itute, Kolkata
On the second day Dr. Mandar Mit ra spoke on
Information Ret r ieval (IR). IR addresses the problem of
f ind ing
useful inf ormat ion
in
response to a userâ&#x20AC;&#x2122;s query or informat ion need. Automated information ret rieval systems are used to redu ce what has been called
information overload. Many universit ies and public lib raries use IR systems to provide access
to
books,
journa ls
and
other
documents. Web s earch engines are poss ibly the most familiar examples of IR systems. He discussed On day one Dr. Bharghab Bhattacharya, the much await ed sp eaker of the event grabb ed the crowdâ&#x20AC;&#x2122;s attention by his talks. He spoke on recent
advances
in
Microf luid ics
Dept. Of CSE, Heritage Institute of Technology
some
of
the
as
well
basic
models
and
as
methods
for
techniques used in I R (such as the Vector Space
Mode l),
evaluat ing the eff ect iveness of these mod els and techniques.
and
Page 19
Dr.
Subhas
Chandra
Nandy
was
the
last
speaker of th e event. He discussed one of t he important
areas
Optimization pract ical
of
computer
Prob lems.
geomet ric
There
science
are
opt imizat ion
and disk graphs, maximu m clique prob lem of rectangle int ersect ion graphs and d isk graphs
â&#x20AC;&#x201C;
many
problems
which are computationally hard. Some of t he standard paradig ms
for
desig ning
approximat ion alg orithm for those problems were
d iscussed.
demonstrated
by
Some him
of
are
th e
the art
problems gallery
opt imization problems, maximum independent set p roblems for r ectangle inte rsection graphs
Dept. Of CSE, Heritage Institute of Technology
Page 20
List of Publications by faculty and
students
of
Joydeep Das, Subhashis Majumder, and Prosenjit Gupta, Voronoi Based Location
CSE
Aware Collaborative Filt ering, pp. 179-
Department of HIT [January to
183, 3rd IEEE National Confer ence on
June 2012].
Emerging Trends and Applicat ions in Computer
Science(NCET ACS),
March
2012.
Arpan
Chowdhury,
Basuchaudhuri,
Partha
and
Srinathan,
Subhashis
Agarwal,
Majumder, Spread of Informat ion in a
Points
Socia l Network us ing Influent ial Nodes,
Lecture
Not es
in
Biswajit Sanyal, Prosenjit Gupta, and Subhashis
Majumder,
Top-K
Range-
Agg regate Qu eries on Categorical Data, pp.
143-147,
3rd
IEEE
National
Conferen ce on Emerging Trends and App lications
in
Computer
Science(NCETACS), March 2012.
Dept. Of CSE, Heritage Institute of Technology
Page 21
Ag gregate
in
the
Plane, 6th
J.
Maximal
pp.
52—63,
Workshop
on
Computer Science, Vol. 7157, February
Science,
2012.
7302, Spr inger, May 2012.
Range
and
2012, Springer Verlag Lecture Notes on
PAKDD(2),
C omputer
Kot hapalli,
Algorith ms and Computation, WALCOM
Discovery and Data Mining - 16th Conference,
K.
Proceed ings,
pp. 121-132, Advances in Knowledge Pacif ic-As ia
A. S. Das, P. Gupta, A. K. Kalavagattu, K.
Hardware Acceleration using M itr ion- C Satarupa
Guha,
J.
M.
Manasa,
and
Trisha Nandy, presented at All Ind ia Inter
Eng ineering
College
Academic
Meet, organized by Forum of Scient ists, Eng ineers 2012.
and
Technologists,
March
A Simple USB Device Driver on
with d river (more on this late r). The “.p robe”
Linux platforms
and “.disconnect” f ields refer to the funct ions
B y P ro f . A rin d am C h at te rjee , A s s i st an t
unloading respect ively. The USB driver is then
to be called dur ing dr iver modu le loading and
P ro f e s so r, CS E
regist ered with a call to usb_ reg ist er, in t he
Introduction:
driver’s in it function, as shown here
For the last decade or so, USB devices are
static int __init usb_first_init(void) { int result; /* register this driver with the USB subsystem */ result = usb_register(&first_driver); if (result < 0) { err("usb_register failed for the "__FILE__ "driver." ,"Error number %d", result); return -1; } return 0; } module_init(usb_first_init);
ruling the world of comput er I/O devices. Be it ca mera, prin ter, pen drive or net connector devices, USB devices are omn ipr esent now. But many
of
these
devices
cannot
function
properly , especially with the Linux platforms, wher e even simple d evice drivers for these USB devices may not exist. Th is art icle is aimed at beg inn ers in Linux pr ogra mming and sys admins who want to boost their power over Linux p latforms by understanding h ow to write s imple USB device drivers on L inux. R egist ration The first thing a Linux USB driver needs to do is reg iste r itself with the Linux USB subsystem (part of Linux kernel). This part (of the
D eregist ration: usb_unreg ist er funct ion: static void __exit usb_first_exit(void) { /* deregister this driver with the USB subsystem */ usb_deregister(&first_driver); } module_exit(usb_first_exit);
driver) is resp onsible for provid in g the OS
Please not e the use of the usb_dr iver st ructu re
with
(here named as “first_ driver”) in the ca lls to
some informat ion about which devices
the dr ive r supports; what are the funct ion s to call when a support ed device is inserted or removed fr om the system etc.
usb_reg ist er and usb_dereg ister funct ions. USB Device Ope rations: After registering a USB device driver with t he
static struct usb_driver first_driver = { .name = “firstusb”, .probe = first_probe, .disconnect = first_disconnet, .fops = &first_fops, .minor = USB_FIRST_MINOR_BASE, .id_table = first_table,};
OS, the ne xt task the driver undertakes is to prepare the device to be used by the OS for further
“.name” f ield gives a name to this driver module;
op erat ions.
Immed iate ly
b elow
we
descr ibe th e initia lization which should t ake place once the device is regist ered. Then we immed iately dea l with the case when the
A set of file operations (“.fops”) funct ion
device will be d iscon nected / r emoved
point ers
the system
enable this user-space interaction
Dept. Of CSE, Heritage Institute of Technology
Page 22
fr om
During registration:
The cor respond ing fu nct ion prot otypes are declared as shown below :
static int first_probe(struct usb_interface *interface, const struct usb_device_id *id)
The dr iver now needs to ve rify that this device is actually one that it can accept. If so, it returns 0. If not,
or if any error occurs durin g init ialization, an er rorcod e (such as -ENOMEM or -ENODEV) is returned f rom
static int first_open(struct inode *, struct file *); static int first_release(struct inode *, struct file *); static ssize_t first_read(struct file *, char *, size_t, loff_t *); static ssize_t first_write(struct file *, const char *, size_t, loff_t *);
Open: The first_open f unct ion w ill be ca lled from a user program t rying to ta lk t o the device. The first funct ion called w ill be open,
the probe funct ion. [Her e also not e the use of
as the p rog ram tries t o op en th e device for
the cor respond ing funct ion d ef ined in the
I/O. A code exa mple is g iven below:
“.prob e”
field of
the usb_dr iver
struct ure
def ined at the top.] During d isconnect: When the device is removed from the USB bus, the dis connect funct ion ( as declared in t he “.disconne ct” f ield in the usb_dr iver structu re)
static int first_open(struct inode *inode, struct file *file) { /* increment our usage count for the module */ ++first->open_count; /* save our object in the file’s private structure */ file->private_data = dev;
} b) After the open fun ction is called, the
is called with the d evice pointer. The driver
read and writ e fun ct ions are ca lled to
needs to clean any private data that has been
receive and send data to the device. But
allocated at this t ime. The driver unregist ers
before we g o to the d etails of the read
itself from the devfs subsystem with the devfs_unreg ister call.
and write funct ions, let us look into an
Other device op erations:
re levant in USB context .
important
The fou r most import ant operations the d evice needs to support are : open , close (called “release” here) , read and write. The follow ing
con cept
called
URB
very
USB urbs: [ I am more or less copying f rom Resource # 8]
is a def in ition of th e file op erat ions st ructure
=> 'What is an URB?'
(to be included in the .fops field in t he
The bas ic idea of th e new d river is message
usb_dr iver structure):
passing, the message itself is called USB Request Block, or URB for short.
struct file_operations first_fops = { .read = first_read, .write = first_write, .open = first_open, .release = first_release };
=> The URB st ructure Some of the fie lds in an URB are: struct urb
Dept. Of CSE, Heritage Institute of Technology
Page 23
It does everything usb_unlink_ur b does, and
{ // (IN) device and pipe specify the endpoint queue struct usb_device *dev; // pointer to associated USB device unsigned int pipe; // endpoint information unsigned int transfer_flags; // ISO_ASAP, SHORT_NOT_OK, etc. // (IN) all urbs need completion routines void *context; // context for completion routine void (*complete)(struct urb *); // pointer to completion routine // (OUT) status after each completion
in addition it waits until after the URB has been returned and the comp let ion handler has finished.
Thus you can be sure that when
usb_kill_urb() returns, the URB is t otally idle. => What about the comp let ion handler? The hand ler is of the following type typedef void (*usb_complete_t)(struct urb *,
// (IN) buffer used for data transfers : : : // (OUT) sometimes only part of CTRL/BULK/INTR transfer_buffer is used : : : // Only for PERIODIC transfers (ISO, INTERRUPT) // (IN/OUT) start_frame is set unless ISO_ASAP isn't set : : :
struct pt_regs *) i.e., it gets the URB that caused the complet ion call, p lus the reg ist er values at the time of t he correspond ing int er rupt (if any). Since the context para met er is included in the URB, you can
// ISO only: packets are only "best effort"; each can have errors : : : < parts deleted for simplicity > };
pass
handler.
informat ion Now
we
are
to in
the a
complet ion position
to
understand the w rit e f unct ion in detail:
=> How t o sub mit an URB?
In the first_w rite f unct ion, we rece ive a
Just call
send to the
point er to some data that the user wants to
int usb_sub mit_urb(struct urb
*urb, int mem_flags)
device and the size of the data
=> How t o cancel an already runnin g URB?
Write
There are t wo ways to cancel an URB you've
static ssize_t first_write(strucfile *filp, const char *buffer,
submitted but wh ich hasn't been retu rned to
size_t len,
your d river yet. For an asynchronous cancel, ca ll
loff_t *off) {
/* we can only write as much as 1 urb will hold */ bytes_written = (count > first->bulk_out_size) ? first->bulk_out_size : count;
int
usb_unlink _urb(struct urb *u rb).
/* copy the data from user space into our urb */
It removes the urb f rom the int erna l list and
copy_from_user(first->write_urb>transfer_buffer, buffer, bytes_written);
fre es all a llocated HW descriptors. Note that the URB will not normally have fin ished w hen
/* set up our urb */
usb_unlink _urb() returns; you must still wait
usb_fill_bulk_urb(first->write_urb,first->dev, usb_sndbulkpipe(first->dev, first>bulk_out_endpointAddr),
for the comp let ion handler to b e called. To cancel an URB synchronous ly, call usb_kill_urb(struct ur b *urb)
Dept. Of CSE, Heritage Institute of Technology
void
first->write_urb->transfer_buffer, bytes_written, first_write_bulk_callback, first); /* send the data out the bulk port */
Page 24
Hotplug:
result = usb_submit_urb(first->write_urb); if (result) {
To enable the linux- hotplug system to load
err("Failed submitting write urb, error %d", result);
the driver automatically when the device is plug ged in, you
} }
When the wr ite urb is f illed up with t he proper
infor mation
using
t he
usb_fill_bulk_urb funct ion, we
need to create a MODULE_DEVICE_TABLE. T he following code t ells the hotp lug scr ipts t hat this
point th e urb’s completion ca llback to call our own f irst_w rite_bulk_ callback funct ion
module
supports
a
single
device
w it h
a
specif ic vendor and pr oduct I D: /* table of devices that work with this driver */
R ead: The read funct ion works a bit diff erent ly from
static struct usb_device_id first_table [] = {
the wr ite funct ion in that we do not use an
{ USB_DEVICE(USB_FIRST_VENDOR_ID, USB_FIRST_PRODUCT_ID) },
urb t o t ransfer
{ } /* Terminating entry */
data from the device t o the dr iver. Instead we
};
call the usb_bulk _msg function, which can be
MODULE_DEVICE_TABLE (usb, first_table);
used to send or receive data from a device without havin g to create urbs and handle urb
Background: In
comp let ion callback f unctions.
Heritage
projects
static ssize_t first_read(struct file *filp, char *buffer, /* The buffer to fill with data */ size_t length, /* The length of the buffer */ loff_t *offset) /* Our offset in the file */
Inst itut e
were
department
of
Technology,
undertaken
regarding
USB
in
th e
device
t wo CSE
dr ivers
during th e 2011 – ’12 season. One project was on writ ing a USB based Print er Driver for
{ /* do an immediate bulk read to get data from the device */
a HP pr int er for which no known dr iver ex ists
retval = usb_bulk_msg (first->dev,
on Linux platforms. Another was a USB based traffic light simulator. Many more projects
usb_rcvbulkpipe (first->dev,first>bulk_in_endpointAddr),
based on USB / L inux are in the pip eline.
first->bulk_in_buffer, first->bulk_in_size, &count, HZ*10);
Conclusion:
/* if the read was successful, copy the data to user space */
In this art icle an attempt has been made to
if (!retval) {
show the basics of writing a simp le USB
if (copy_to_user >bulk_in_buffer, count))
(buffer,
first-
retval = -EFAULT; else retval = count; }}
device dr iver on Linux. This code cannot be comp iled and used as it is – but a working prototype can be bu ilt ve ry easily from t his code.
Also
transfer
Dept. Of CSE, Heritage Institute of Technology
Page 25
–
this
su pports
neither
only
int er rupt
bulk
d ata
dr iven
nor
isochron ous data. But once again these can be
*Prog ramming Guide for Linux USB Device
done very easily by mod ifying this code.
Drivers: http://usb.cs.tum.edu/usbdoc *USB Home Page: http://www.usb.org; USB on
Resources
Wik ipedia: http://en.wik ipedia.org/wik i/USB
*Writing USB Device Drivers: Greg Kroah-
*Linux
Hartman
http://www.mjmwired.net/kernel/Docu mentati
*The Linux USB Project: http://www.lin uxusb.org/ (http://www. linux-usb.org) *Linux
Hotplug
Project:
(http://linux-
hotplu g.sourceforge.n et) *Linux
USB
Working
Devices
on/usb/URB.txt;
*Writ ing
for a
USB
Linux
:
Kerne l
Driver for an Unknown USB Device: Matthias
List:
*Character Device D rivers (from the Linux Kernel Module Progra mming Guid e) : http://tldp.org/LDP/ lk mpg/2.4/html/ c577.ht m
http://www.qbik. ch/usb/devices/ (http://www.qbik.ch/usb/devices )
Dept. Of CSE, Heritage Institute of Technology
doc
Vallent in
http:// linux-
hotplu g.sourceforge.n et/
Kernel
Page 26
Fault-Tolerant Systems
cause transient failu res by perturbing t he
S y n o p s i s b y M r. Kau s ta v C ho u d hu ry, 1 s t
damage to the hard ware system. Messages
system state without causing any permanent
Y ea r, M Te c h, CSE
The
following
““Dist ribut ed
is
propagating from one process to another may a
Systems
synopsis and
of
the
Networ ks”
workshop conduct ed by Prof. Sukumar Ghosh, Prof essor,
Depart ment
of
Comp uter
Science, Univers ity of Iowa, USA and
Prof.
Somprakash
be lost in transit. F inally, even if hardware
does not fail, s oftwar e may fail due to code corrupt ion, system intrus ions, imp roper or
unexpected changes in the specif icat ions of the system, or environ menta l changes.
Failu res are a part of any system — the real issue is the f requency of the failures and the ir
Bandyopadhyay, Professor, Management Infor mation System group, IIM, Kolkata held on 22.03.2012
consequences.
The
comput er
system
ENIAC had a mean time between fa ilu res (MTBF) of five minut es. The rea l inte rest on
dependable comput in g started f rom the t ime of space exp lorat ion , where the cost of a
ABSTRACT:-
A fault is the manifestation of an unexpected behavior, and fault-tolerance is a mechanis m that masks or restores the expected behavior of a system follow ing the occu rrence of faults. Attention to fault-tolerance or dependability has drastically increased over recent years due to our increased dependence on computers to perform critical as well as noncritical tasks. Also, the increase in the scale of such systems indirectly contributes to the ris ing number of faults. Advances in hardware engineering can make the individual components more dependable, but it cannot eliminate faults altogether. Bad system des igns can a ls o contribute to failures.
failur e is unacceptab ly high. The w idesp read
use of computers in the financial world as we ll
as
reactors,
in
crit ical
systems
lik e
nuclear
air-t raffic
control
or
patient
monitoring systems where human lives are direct ly affected, have ren ewed interest in t he study of fault-tolerance. 2. CL ASSIFI CATION OF FAULTS:The major classes of f ailur es ar e as follows: Crash failure:-
A
process
und erg oes
cr ash
failur e, when it permanently ceases to execute its act ions. This is an ir revers ible change.
Ther e are severa l variat ions in this class. In
1. INTRODUCTION:-
one variat ion, crash failures ar e t reated as reversib le, that is, a process may play dead for
Histor ically, models of failu res have been
a finit e period of time, and then resume
specificat ion of a system. A VLSI design er may
are
wher e
are
detect ed w ith t otal ce rtainty, s ince th ere is no
regardless of input variat ions. A dip in t he
can execut e its act ions. In a synchronous
link ed with the level of abstract ion in the focus on stuck-at-0 and stuck-at-1 faults the
outputs
of
certain
gates
permanent ly stuck to either a 0 or a 1, power supply voltage or radio interferences
due to a lightning, or a cosmic shower can
Dept. Of CSE, Heritage Institute of Technology
operat ion, or it may be repaired. Such fa ilu res called
napping
failur e.
In
an
asynchronous mod el, crash failures cannot be lower bound of the s peed at which a process system where processor speeds and channe l delays are bounded, crash failure can be
Page 27
detect ed using t imeout. When other corr ect
processes fail t o receive the heartbeat s ignal within a predef ined timeout period, they conclude that the process has crashed.
sendin g a sequence of messages to a receiver process. If the receiver does not receive one or more of the messages sent by the transmitt er,
then an omission failure occurs. In real life, be caused
in IBM’s DB2 production code are supposedly nondete rminist ic
in
nature
and
are
t hus
transient. Gray and Reuter est imated in 19 93
Omission failure:- Consider a t ransmitter p rocess
this can
testing phase. For instance, over 99% of b ugs
either
by
transmitter
that there are 2 t o 3 bugs every 1000 lin es of code. Byzantine
failur e:-
Byzantine
failu res
represent the weakest of all the failure mod els that
allows
every
conceivable
for m
of
malfunct ion, or due to the prop ert ies of the
er roneous behavior. As a specif ic example,
medium. For examp le, limit ed buffer capacity
assume that process i forwards the valu e of a
in the routers can cause some commun ication systems
to
drop
communication,
packets.
mes sages
In
are
wir eless
lost
when
collis ions occu r in the MAC layer, or the receiving n ode moves out of range.
local variab le to each of its neighbors. Then the followin g are examples of inconsist ent behaviors: • Two d ist inct neighbors j and k receive values
Transient failure:- A transient fa ilu re can pert urb
x and y, where x != y.
the state of processes in an arb itrary way. The
• Every ne ighbor receives a valu e z where z !=
agent
x.
indu cing
t his
fa ilure
may
be
momentarily act ive (lik e a power surge, or a me chanical shock, or a lightning), but it can make a last ing effect on the globa l state. In
• One or mor e neigh bors do not receive any data from process i.
fact, omission failu res are specia l cases of
Some poss ible causes of the above kind of
transient failures, when the channel states are
byzantine failu res are (1) Total or par tia l
pertu rbed. Transient faults can occur due to
breakdown of a link joining i with on e of its
effects gamma
of
environmental hazards
rays,
whose
duration
in
such
as
neighbors, (2) Software p rob lems in process i,
t ime
is
(3)
Hardware
synchronizat ion
p rob lems—
limited. Transient failures are also caused by
assume that every neighbor is conn ect ed to
an overloaded power supply or weak batteries.
the same bus, and reading the same copy sent
Hardware faults ar e not the only sour ce of
out by i, but since the clocks are not perf ectly
transient faults. T ransient failu res can result
synchronized, they may not read the value of
due to state corruption that occurs when
x exact ly at the same t ime. If th e va lue of x
software components fail. Gray called th em
varies with time, then different n eighbors of I
Heisenbugs , a class of temporary internal
may rece ive different values of x from process
faults that is intermit tent in nature. They are
i. (4) Malicious act ions by pr ocess i.
essent ially permanent faults whose cond it ions of activat ion occur rarely or are not easily reproducible, and so diff icult to d etect in t he Dept. Of CSE, Heritage Institute of Technology
Software failure:- There are several primary reasons that lead to software failure:
Page 28
(1) Coding errors or human errors: As an
year 2000 dawned. The prob lem was with
examp le, on Sept ember 23, 1999, NASA lost
inadequate
the
spacecraft
were wr itten in th e 20th centu ry for f inancial
because one engin eering t eam used metr ic
inst itut ions, power p lants or process contr ol
units
systems, the year 19xy was most often cod ed
$125
million
while
Mars
another
orbiter
used
Eng lish
units,
leading to a navigat ion f iasco, causing it to burn in the atmosphere.
landed
f lawlessly
on
the
Mart ial
surface on July 4, 1997. Howeve r, later its communication failed due to a des ign flaw in the
real-t ime
wh en
progra ms
as xy, so 1999 wou ld appear as 99. Security failure:-
(2) Software des ign errors: Mars pathfinder mission
specif ica tions:
embedded
software
k ernel
VxWorks. The prob lem was later diagnosed to be caused du e to priority inversion, when a medium p riority task could preempt a high
Virus and other kinds of malicious software creeping into a computer system can lead to unexpected
behaviors
that
manif est
themselves as fault. Various kinds of intrusion lead
to
failures
eavesdropping
or
â&#x20AC;&#x201D;
these
stealing
of
include passwords,
leading to a compromised system.
priority on e.
Some failu res ar e repeatable, wh ereas
(3) Memory leaks: The execut ion of prog rams suffers from th e deg enerat ion of the run-t ime system due to memory leaks, leading t o a system crash.
others are not. Failu res caused by incorr ect software are oft en repeatable, whereas those due to transient hardware ma lfunct ions or due to race cond it ions may not be so and therefore not det ect ed dur ing debu gg ing. In
of
the doma in of software failur es, Heisenb ugs
specificat ion: Assume that a system runn ing
are diff icult to detect. Finally, human errors
prog ram S is producing the int ended results.
play a big role in system failure. In November
If the system suddenly fails to do so even if
1988, much of th e long-distance service along
there is no hardware failur e or memory leak,
the
then
construct ion
(4)
Prob lem
there
with
may
the
be
inadequacy
a
problem
with
East
Coast
was
crew
disrupted
accidentally
when
a
sever ed
a
specificat ions. If {P}S{Q} is a theore m in
major f iber opt ic cable in New Jers ey; as a
prog ramming log ic, and the precondit ion P is
result, 3,500,000 call attempts were b locked.
inadvertent ly weakened or a ltered, then ther e
On Sept ember 17, 1991 AT&T technicians in
is no guarantee that the postcond it ion Q w ill
New York attend ing a seminar on warning
always hold !
systems failed to respond to an activated alarm for s ix hours. The resu lt ing p ower
The Y2K Prob lem:-
failur e b lock ed n early 5 million domest ic and
A classic example of software failure is the
internat ional ca lls, and paralyzed a ir t rave l
so-called Y2K bug that rocked the wor ld and
throughout
kept
1,170 flights to be canceled or delayed.
millions
of
service
providers
in
an
uneasy suspense for several months as the Dept. Of CSE, Heritage Institute of Technology
Page 29
the
Nor theast,
causing
near ly
applicat ions where t he failur e can endanger
3. FAULT-TOLERANT SYST EMS:We designate a system that does not tolerate failures as a fault-in tolerant system. In s uch systems, the occurr ence of a fault violates some liven ess or safet y property. Let P b e t he set of configu rations for the fault- intoler ant system. Given a set of fault act ions F, the fault span Q corresponds to the lar gest set of configurat ions that the system can get into. It is a measure of how bad the system can become. The following two condit ions are tr ivially true:
human lif e or cause massive loss of property. An aircraft must be able to f ly even if one of its eng ines ma lfunct ions. A patient monitoring system in a hospital must not r ecord pat ient data incorrectly even if some of the sensors or inst ruments
malfun ction,
potent ially
cause
an
since
this
improper
dose
can of
med icine to be ad ministered to the pat ient and endanger
her/his
life.
Masking
tolerance
preserves both liveness and safety propert ies of the or igina l system. Nonmasking t olerance:- In nonmasking fault-
1. P ! Q.
tolerance, faults may temp orarily affect t he
2. Q is closed under t he actions of both S and
applicat ion and violate the safety property,
F.
t hat i s, P !
A system is called F-tolerant (i.e., faulttolerant with respect to the fault act ions F), when
the
system
returns
to
its
or iginal
configurat ion ( i.e., P holds) after a ll F-actions stop execut ing. There are four major types of fault-tolerance:
for rout ing table computation broke the cycle
that
packets
eventually
reached
t he
are
things
eventually
happen. Masking tolerance:- When a fault F is masked, has
d ifferent In of
types
backward the
system
of
nonmasking
er ror are
recovery, period ically
recorded on an incorrupt ible form of storage,
g ood
no
impact
on
t he
applicat ion, that is, P = Q. Masking tolerance in
the
snapshots
things never happen. The essence of a liven ess
important
trap a few packets. However the algor ithms
tolerance.
A safety property int uit ively imp lies that bad
is
failur e create a cyclic path in the rout es, and
Ther e
• Graceful degradation
occurrence
from a source to a dest ination nod e. Let a
an increase in the message propagation delay.
• Fa il-safe tolerance
its
is restored. Cons ider the r out ing of pack ets
dest ination. The net impact of the failu re was
• Nonmask ing tolerance
is
compromised, and eventually normal behavior
and
• Masking tolerance
property
Q. How ever , l i veness i s not
many
Dept. Of CSE, Heritage Institute of Technology
safety-critical
called
stable
storage.
When
a
failure
is
detect ed, the system rolls back to the last conf igurat ion saved on the stable storage ( to undo the effect
of
the failu re), and the
computation progresses from that point. In forward error recovery, when a fault occurs, the system does not look back or t ry a rerun, since
minor
in consequent ia l,
Page 30
g lit ches as
long
are as
cons idered the
normal
operat ion recovery
is
restored.
Forward
mod ify files, but can on ly read the f iles t hat
guarantee
recove ry
already exist. One can also argue that it is a
eventually
systems
that
from an arbitrary initia l state are kn own as self-stabilizing systems. Fail-safe
t olerance:-
fail-safe system. References:-
A
fail-safe
system
relaxes the t olerance requirement by only avoid ing those fau lty configurat ions that may have catastrophic consequences, even when
[1] Sukumar Ghosh, Dist r ibut ed Systems - An Algorith mic Approach , 2006 CRC Press (ISBN 158488564).
failures occur. Given a safety specif icat ion P,
The material dis cussed is an abridg ed version
a fail-safe system preserves P desp ite t he
of [1]. Pr of. Suku mar Ghosh is a visit ing
occu rrence of failures. However, there is no
faculty at Her itage Institut e of Technology
guarantee that liven ess will be preserved.
and
Somet imes, halt ing p rog ress and leaving the
Dist ributed Comput ing. For more d etails log
system in a safe state may be the best possible
on to, http://www.d ivms.uiowa.edu/~ghosh/.
teaches
a
one-semester
course
on
way to cope w ith failures. The ground cont rol system of the Ariane 5 launcher was desig ned to mask all sing le faults, but when two
Related W orks:-
successive component failures occur, it would
[1] Arora, A. and Ku lkarni, S.S., Component
postpone the launch (this is safer than a
based design of mu ltit ole rance, IEEE T rans.
mishap in the space).
Software Eng ineering, 24 (1), 63–78 (January
Graceful degradation:- There are systems that
1998).
neither mask, nor fu lly recover f rom the eff ect
[2] Arora, A. and Gouda, M.G., Closur e and
of failu res, but exh ibit a degraded behavior
convergence: A f oundation of fault-tolerant
that falls short of the nor mal b ehavior, but is
comput ing. IEEE T rans. Software Eng., 19(11),
still cons idered acceptable. The notion of
1015–1027 (1993).
acceptability
is
hig hly
subject ive,
and
is
ent irely dependent on the user runn ing the applicat ion.
Some
examples
of
deg raded
behavior are as follows: Wh ile routing a message between two points in a networ k, a prog ram computes the shortest path. In the
[3] Ezh ilchelvan, P.D . and Srivastava, S., A characterization of Symposium
on
faults in systems.
Reliability
in
5th
D istr ibut ed
Software and Database Systems, pp. 215–2 22 (1986).
presence of a failure, if this progra m returns
[4]
another path which is not the shortest path
tolerant
but one that is margina lly longer than the
asynchronous environ ments. A CM Comput ing
shortest one, then this may be considered
Surveys, 31(1), 1–26 (1999).
acceptable. An operating system may switch to a safe mode when users cannot create or
Dept. Of CSE, Heritage Institute of Technology
Page 31
Gaertner,
F.C.,
Fundamenta ls
distribut ed
of
fault
comput ing
in
Telnet over SSL with Z-modem
prog ram t o machine specif ic language fr om
B y M r. So um abh o Ba n e rje e , 4 t h Ye a r,
termina l, so that it looks as if the input is
NVT and submits the program to a pseud o-
B Tec h , CSE
given by the user on the same comput er. Then
the computation is carried out and result is
Introduction: The
sent to the oth er s id e follow ing same pattern.
purp ose
of
this
project
t elnet
and
SSL
is
to
provid e secure information exchange usin g a comb ination
of
prot ocols
betwe en two systems. For file ex change in
bulk, Zmodem f ile t ransfer prot ocol has also been integ rated into t he softwar e.
Now a day when the cost of technology is much reduced, this protocol is used for d ata
transfer on ly. t elnet uses several command asDO,DONâ&#x20AC;&#x2122;T,WILL,WONT
and
severa l
sub
opt ions to negot iate the types of ter minal,
speed of data, and other opt ions w ith t he
Vital components:-
other side. But there is a prob lem with t his
a) T elnet:-
type
Telnet is
too. Telnet as such does not take care of any
a net wor k
protocol used
on
the Inter net or local area networ ks to provide a
bid irect ional
in teract ive
communications
facility
virtua l terminal connect ion. int erspersed
in with
text-or iented using
User
a
data
Telnet
is
cont rol
infor mation in an 8-bit byte orie nted d ata connect ion
over
th e Transmission
Control
Pr otocol (T CP). As in the past times comput er mach ines were qu iet cost ly, there wer e one cent ral mach ine with a pr ocessor and there was several terminals wit h a monitor and a key
board forming a ter mina l through wh ich the end users connected the central server to users
had
the
prog rams
and
The
(network
Sock ets
Layer
usually
over T CP and is short to say, SSL is r ecogn ized as the bottom line in security, which stands for
secu ring th e communicat ions b etween
servers-to-client and server-to-server, load balancin g devices. Th e protocol is compos ed of two layers. ď&#x201A;ˇ
they
virtual
ter mina l) character set, common standard for
transmission, and sen ds it through the link to the centra l server. On the other sid e w hen
telnet receives the prog ram it t ranslates the
Dept. Of CSE, Heritage Institute of Technology
Secu re
capable of secu ring any protocol that works
to it. When the te lnet receives the program it NVT
D ata
abbreviated as SSL is an excellent prot ocol
the telnet for the result and hand the progr am a
and
b) Secured Socket Layer(SSL):-
the reviva l of the program th e ter mina l asked
to
Integ rity,
Signat ure,
any file transfer.
prog ram will run in the ir own machine. On
it
Data
Elect ronic
Confid ent iality. Moreover it cannot handle
submitted the m to t he terminal as if t he
converts
secur ity,
Authent ication,
carry out their computational works. Here t he end
of
Page 32
SSL Handshake Prot ocol a llows the server
and client t o authent icate each other and to negot iate an en cryption a lgorith m and cryptographic k eys before the application
protocol transmits or receives its f irst byte of data. SSL Record Protocol is layered on top of
ď&#x201A;ˇ
some
re liab le
transport
prot ocol
(e.g.,
TCP). The SSL Recor d Protocol is used for encapsulat ion
of
various
higher- level
protocols. When an SSL client in it ially connects to an SSL server, th ey perfor m a handshake to
establish security attr ibutes and exchange cert ificates as shown in the figu re1.
SSL is a layered prot ocol. At each layer, messages
may
include
fie lds
for
length,
description, and cont ent. SSL takes messages
to be transmitt ed, fragments the data into
manageable blocks, optionally comp resses the
cons ist of a header followed by 1 or more d ata sub packets. In the absence of t ransmission er rors, an entire f ile can be sent in on e d ata frame. With equiva lent binary (efficient) and hex (applicat ion f riendly) frames, the sending prog ram can send an "invitat ion to rece ive " sequence to act ivate the receiver without crashing
the
re mote
applicat ion
with
unexpected cont rol characters. Frames begin with a header wh ich may be 16bit CRC b inary, 16bit CR C hex or 32 b it binary. A typical ZMODEM sending
session program
starts w ith
with the
ca lling
names
of
t he the
desir ed file(s) and opt ion(s). The sending prog ram may send the str ing "rz\ r" to invoke the
receiving
p rog ram
from
a
poss ible
command mode. Th e "rz" followed by carr iage retu rn act ivates a ZMODEM receive program
data, applies a MAC, encrypts, and transmits
or command if it were not already active. The
the
sender may then display a message intended
resu lt.
Received
data
is
decrypted,
ver ified, decompressed, and reassemb led, t hen delivered to higher level clients. Thus it has following
advantages
Authent ication,
Elect ron ic
Data
Signature,
Integrity,
Conf ident iality etc.
Data 1.
provides
a
general
purpos e
cases, the file lengt h may be unknown, as data
Int eg ration:-
it canâ&#x20AC;&#x2122;t send any files as a whole and the lack
applicat ion to file transfer protocol. In some when
requ ested, etc.
One of th e basic problems of th e telnet is t hat
c) Z-modem:Zmode m
for human consumpt ion, as a list of th e f iles
is
obtain ed
from
a
of security. On the other hand SSL is being used quiet successfully with other protocols which were lacking security e.g. HTTP to secure the underlying data
process.
Var iable length data sub packets used in ZMODEM solves this prob lem. In ZMODEM, the length of data sub packets is denoted by end ing
each
sub
packet
w ith
an
escape
sequence s imilar to BISYNC and HDLC. The end result is a ZMODEM header containing a "f rame
type",
fou r
bytes
of
supervis ory
infor mation, and its own CRC. Data frames
Dept. Of CSE, Heritage Institute of Technology
Page 33
exchange & zmodem can be used for the file transfer.
done by a pipe or a file where zmodem writes and telnet
We here had used the OpenSSL crypto libraryâ&#x20AC;&#x2122;s APIs to
reads from. When telnet receives anything it sends it
create a upper layer SSL read write functions and
through the underlying security of SSL and then
replaced the send() and recv() functions of telnet to
through TCP/IP stack to other side where the data is
integrate them and form telnet-SSL. Then integrate
received by SSL and handed over to telnet. Then telnet
zmodem with it so that whenever a user asks it to file
delivers the data to the zmodem which writes them in a
transfer, zmodem takes it, breaks it into parts and asks
file and on completion informs the users that the data
the telnet program to transfer it. This integration can be
transfer is complete.
Dept. Of CSE, Heritage Institute of Technology
Page 34
CROSSWORD
ACROSS 3. The __ diagram is used to depict in what order and how processes A
and B operate with one another.
4. Process A and Process B both want resource R.
What should be used to control access?
5. Here nothing is exact,
what is important is the degree of truthfulness
1. This is a kind of selection control technique used in C 2. Itâ&#x20AC;&#x2122;s a technique to reduce dependency and redundancy in DBMS. DOWN 1. This is a java programming language class. As the name implies, it serves a client request and receives a response from the server
2. ___ is a technique in computer architecture that allows subsequent instructions to be fetched while the processor performs operations, queue them in a buffer until the time when the instruction operation can be performed.
3. These are used in browsers to remember the user activities or the state of the website. 4. This is a network flow control mechanism with a funny name that reminds one of a common house hold item!
5. This is one of the most primitive software engineering models with a name that reminds one of hill stations and valleys
Solution will be published in the next issue. However, if you donâ&#x20AC;&#x2122;t want to wait till then, you can also mail me your answers @ reshma.roychoudhuri@heritageit.edu . Also, you are requested to contribute for this magazine. Please mail your contributions and also queries, suggestions and letters to the editor to the above mentioned email id
Dept. Of CSE, Heritage Institute of Technology
Page 35