Showing papers in "Journal of Internet Services and Applications in 2015"
TL;DR: The review reveals that several opportunities are available for utilizing big data in smart cities; however, there are still many issues and challenges to be addressed to achieve better utilization of this technology.
Abstract: Many governments are considering adopting the smart city concept in their cities and implementing big data applications that support smart city components to reach the required level of sustainability and improve the living standards. Smart cities utilize multiple technologies to improve the performance of health, transportation, energy, education, and water services leading to higher levels of comfort of their citizens. This involves reducing costs and resource consumption in addition to more effectively and actively engaging with their citizens. One of the recent technologies that has a huge potential to enhance smart city services is big data analytics. As digitization has become an integral part of everyday life, data collection has resulted in the accumulation of huge amounts of data that can be used in various beneficial application domains. Effective analysis and utilization of big data is a key factor for success in many business and service domains, including the smart city domain. This paper reviews the applications of big data to support smart cities. It discusses and compares different definitions of the smart city and big data and explores the opportunities, challenges and benefits of incorporating big data applications for smart cities. In addition it attempts to identify the requirements that support the implementation of big data applications for smart city services. The review reveals that several opportunities are available for utilizing big data in smart cities; however, there are still many issues and challenges to be addressed to achieve better utilization of this technology.
682 citations
TL;DR: The main challenges related to this kind of environment, some of the major threats, as well as solutions proposed in the literature that aim to deal with different security aspects are discussed.
Abstract: Network virtualization has become increasingly prominent in recent years. It enables the creation of network infrastructures that are specifically tailored to the needs of distinct network applications and supports the instantiation of favorable environments for the development and evaluation of new architectures and protocols. Despite the wide applicability of network virtualization, the shared use of routing devices and communication channels leads to a series of security-related concerns. It is necessary to provide protection to virtual network infrastructures in order to enable their use in real, large scale environments. In this paper, we present an overview of the state of the art concerning virtual network security. We discuss the main challenges related to this kind of environment, some of the major threats, as well as solutions proposed in the literature that aim to deal with different security aspects.
106 citations
TL;DR: The objective was to study the causality around social debt in practice in a large software company, and found many forces together causing social debt, represented them in a framework, and captured anti-patterns that led to the debt in the first place.
Abstract: Social debt is analogous to technical debt in many ways: it represents the state of software development organisations as the result of “accumulated” decisions. In the case of social debt, decisions are about people and their interactions. Our objective was to study the causality around social debt in practice. In so doing, we conducted exploratory qualitative research in a large software company. We found many forces together causing social debt; we represented them in a framework, and captured anti-patterns that led to the debt in the first place. Finally, we elicited best practices that technicians adopted to pay back some of the accumulated debt. We learned that social debt is strongly correlated with technical debt and both forces should be reckoned with together during the software process.
86 citations
TL;DR: This paper presents an approach where a social network is harnessed to perform RE activities such as elicitation, prioritization and negotiation and shows that a popular social network site can support distributed RE.
Abstract: Social networks have changed our daily life and they have the potential to significantly influence and support Requirements Engineering (RE) activities. Social network-based RE approaches will allow us to overcome limitations of traditional approaches and allow end users to play a more prominent role in RE. They are key stakeholders in many software projects. However, involving end users is challenging, particularly when they are not within organizational reach. The goal of our work is to increase end user involvement in RE. In this paper we present an approach where we harness a social network to perform RE activities such as elicitation, prioritization and negotiation. Our approach was applied in three studies where students used Facebook to actively participate in RE activities of different projects. Although there are limitations, the results show that a popular social network site can support distributed RE.
57 citations
TL;DR: This paper describes a platform for smart, city-wide crowd management based on participatory mobile phone sensing and location/situation specific information delivery that has been deployed at 14 events in three European countries and was used by well over 100,000 people.
Abstract: We describe a platform for smart, city-wide crowd management based on participatory mobile phone sensing and location/situation specific information delivery. The platform supports quick and flexible deployments of end-to-end applications for specific events or spaces that include four key functionalities: (1) Mobile phone based delivery of event/space specific information to the users, (2) participatory sensor data collection (from app users) and flexible analysis, (3) location and situation specific message multicast instructing people in different areas to act differently in case of an emergency and (4) post mortem event analysis. This paper describes the requirements that were derived through a series of test deployments, the system architecture, the implementation and the experiences made during real life, large scale deployments. Thus, until today it has been deployed at 14 events in three European countries (UK, Netherlands, Switzerland) and was used by well over 100,000 people.
49 citations
TL;DR: In this paper, the authors explore how rival firms collaborate in the open source arena by employing a multi-method approach that combines qualitative analysis of archival data (QA) with mining software repositories and Social Network Analysis (SNA).
Abstract: Many software projects are no longer done in-house by a single organization. Instead, we are in a new age where software is developed by a networked community of individuals and organizations, which base their relations to each other on mutual interest. Paradoxically, recent research suggests that software development can actually be jointly-developed by rival firms. For instance, it is known that the mobile-device makers Apple and Samsung kept collaborating in open source projects while running expensive patent wars in the court. Taking a case study approach, we explore how rival firms collaborate in the open source arena by employing a multi-method approach that combines qualitative analysis of archival data (QA) with mining software repositories (MSR) and Social Network Analysis (SNA). While exploring collaborative processes within the OpenStack ecosystem, our research contributes to Software Engineering research by exploring the role of groups, sub-communities and business models within a high-networked open source ecosystem. Surprising results point out that competition for the same revenue model (i.e., operating conflicting business models) does not necessary affect collaboration within the ecosystem. Moreover, while detecting the different sub-communities of the OpenStack community, we found out that the expected social tendency of developers to work with developers from same firm (i.e., homophily) did not hold within the OpenStack ecosystem. Furthermore, while addressing a novel, complex and unexplored open source case, this research also contributes to the management literature in coopetition strategy and high-tech entrepreneurship with a rich description on how heterogeneous actors within a high-networked ecosystem (involving individuals, startups, established firms and public organizations) joint-develop a complex infrastructure for big-data in the open source arena.
49 citations
TL;DR: A cross-organizational collaboration ontology is mapped as a proof-of-concept evaluation to the eSourcing Markup Language (eSML) and the latter is tested in a feasibility case study to meaningfully support the automation of business collaboration.
Abstract: Meaningfully automating sociotechnical business collaboration promises efficiency-, effectiveness-, and quality increases for realizing next-generation decentralized autonomous organizations. For automating business-process aware cross-organizational operations, the development of existing choreography languages is technology driven and focuses less on sociotechnical suitability and expressiveness concepts and properties that recognize the interaction between people in organizations and technology in workplaces. This gap our suitability- and expressiveness exploration fills by means of a cross-organizational collaboration ontology that we map as a proof-of-concept evaluation to the eSourcing Markup Language (eSML). The latter we test in a feasibility case study to meaningfully support the automation of business collaboration. The developed eSourcing ontology and eSML is replicable for exploring strengths and weaknesses of other choreography languages.
48 citations
TL;DR: This paper discusses the Preference-based cLoud Service Recommender (PuLSaR) that uses a holistic multi-criteria decision making (MCDM) approach for offering optimisation as a brokerage service and deals with the fuzziness of imprecise metrics.
Abstract: Over the last few years, the vast increase of cloud service offerings that are available from heterogeneous cloud vendors, has made the evaluation and selection of desired cloud services, a cumbersome task for service consumers. In that respect, there is an increasing need for user guidance and intermediation during the service selection process but also during the cloud service consumption that should always refer to the best possible choice based on user preferences. In this paper, we discuss the Preference-based cLoud Service Recommender (PuLSaR) that uses a holistic multi-criteria decision making (MCDM) approach for offering optimisation as a brokerage service. The specification and implementation details of this proposed software mechanism are thoroughly discussed while the background method used is summarised. Both method and brokerage service allow for the multi-objective assessment of cloud services in a unified way, taking into account precise and imprecise metrics and dealing with their fuzziness. We cope with the fuzziness of imprecise metrics in the sense that this approach deals with linguistically expressed preferences and cloud service characteristics that lack a fixed or precise value and entail a level of vagueness which can only be captured using the Zadeh’s Fuzzy Set Theory. Furthermore, this paper reports on a number of experiments that were conducted in order to measure PuLSaR’s performance and scalability.
34 citations
TL;DR: This paper presents the design of a lightweight access control solution that enhances end-user privacy, eliminates the need for developing complex adaptation protocols, and offers data owners flexibility to switch among Cloud providers, or to use multiple, different Cloud providers concurrently.
Abstract: Cloud computing has become the focus of attention in the computing industry. However, security concerns still impede the widespread adoption of this technology. Most enterprises are particularly worried about the lack of control over their outsourced data, since the authentication and authorization systems of Cloud providers are generic and they cannot be easily adapted to the requirements of each individual enterprise. An adaptation process requires the creation of complex protocols, often leading to security problems and “lock-in” conditions. In this paper we present the design of a lightweight access control solution that overcomes these problems. With our solution access control is offered as a service by a third trusted party, the Access Control Provider. Access control as a service enhances end-user privacy, eliminates the need for developing complex adaptation protocols, and offers data owners flexibility to switch among Cloud providers, or to use multiple, different Cloud providers concurrently. As a proof of concept, we have implemented and incorporated our solution in the popular open-source Cloud stack OpenStack. Moreover, we have designed and implemented a Web application that enables the incorporation of our solution into Google Drive.
31 citations
TL;DR: The main features of the SDG-Pro framework include programming abstractions: Software-Defined Gateways, Intents, Intent Scopes, and Data and Control Points, as well as provisioning and governance APIs that allow for programmatic management of software- definitions throughout their entire lifecycle.
Abstract: Recently, emerging IoT cloud systems create numerous opportunities for a variety of stakeholders in terms of optimizing their existing business processes, as well as developing novel cross-organization and cross-domain applications. However, developers of such systems face a plethora of challenges, mainly due to complex dependencies between the application business logic and the underlying IoT cloud infrastructure, as well as difficulties to provision and govern vast, geographically distributed IoT cloud resources. In this paper, we introduce SDG-Pro – a novel programming framework for software-defined IoT cloud systems. The main features of our framework include programming abstractions: Software-Defined Gateways, Intents, Intent Scopes, and Data and Control Points, as well as provisioning and governance APIs that allow for programmatic management of software-defined gateways throughout their entire lifecycle. The SDG-Pro framework enables easier, efficient and more intuitive development of IoT cloud applications. It promotes the everything-as-code paradigm for IoT cloud applications in order to provide a uniform, programmatic view on the entire development process. To illustrate the feasibility of our framework to support development of IoT cloud applications, we evaluate it using a real-world case study on managing fleets of electric vehicles.
27 citations
TL;DR: It is argued that the local nature of P2P systems is key for scalability regardless whether a system is eventually deployed on a single multi-core machine, distributed within a data center, or fully decentralized across multiple autonomous hosts.
Abstract: Peer-to-peer (P2P) systems have been widely researched over the past decade, leading to highly scalable implementations for a wide range of distributed services and applications. A P2P system assigns symmetric roles to machines, which can act both as client and server. This alleviates the need for any central component to maintain a global knowledge of the system. Instead, each peer takes individual decisions based on a local knowledge of the rest of the system, providing scalability by design. While P2P systems have been successfully applied to a wide range of distributed applications (multicast, routing, storage, pub-sub, video streaming), with some highly visible successes (Skype, Bitcoin), they tend to have fallen out of fashion in favor of a much more cloud-centric vision of the current Internet. We think this is paradoxical, as cloud-based systems are themselves large-scale, highly distributed infrastructures. They reside within massive, densely interconnected datacenters, and must execute efficiently on an increasing number of machines, while dealing with growing volumes of data. Today even more than a decade ago, large-scale systems require scalable designs to deliver efficient services. In this paper we argue that the local nature of P2P systems is key for scalability regardless whether a system is eventually deployed on a single multi-core machine, distributed within a data center, or fully decentralized across multiple autonomous hosts. Our claim is backed by the observation that some of the most scalable services in use today have been heavily influenced by abstractions and rationales introduced in the context of P2P systems. Looking to the future, we argue that future large-scale systems could greatly benefit from fully decentralized strategies inspired from P2P systems. We illustrate the P2P legacy through several examples related to Cloud Computing and Big Data, and provide general guidelines to design large-scale systems according to a P2P philosophy.
TL;DR: An overview of the design, deployment and utilization of the CitySDK Tourism API, which aims to provide access to information about Points of Interest, Events and Itineraries, was provided.
Abstract: Tourism is a major social and cultural activity with relevant economic impact. In an effort to promote their attractions with tourists, some cities have adopted the open-data model, publishing touristic data for programmers to use in their own applications. Unfortunately, each city publishes touristic information in its own way.
TL;DR: This paper proposes a new solution that adds a spatial dimension to the cache replacement process, called SACS, which measures the distance between objects in terms of the number of links necessary to navigate from one object to another.
Abstract: As the web expands its overwhelming presence in our daily lives, the pressure to improve the performance of web servers increases. An essential optimization technique that enables Internet-scale web servers to service clients more efficiently and with lower resource demands consists in caching requested web objects on intermediate cache servers. At the core of the cache server operation is the replacement algorithm, which is in charge of selecting, according to a cache replacement policy, the cached pages that should be removed in order to make space for new pages. Traditional replacement policies used in practice take advantage of temporal reference locality by removing the least recently/frequently requested pages from the cache. In this paper we propose a new solution that adds a spatial dimension to the cache replacement process. Our solution is motivated by the observation that users typically browse the Web by successively following the links on the web pages they visit. Our system, called SACS, measures the distance between objects in terms of the number of links necessary to navigate from one object to another. Then, when replacement takes place, objects that are distant from the most recently accessed pages are candidates for removal; the closest an object is to a recently accessed page, the less likely it is to be evicted. We have implemented a cache server using SACS and evaluated our solution against other cache replacement strategies. In this paper we present the details of the design and implementation of SACS and discuss the evaluation results obtained.
TL;DR: This article introduces an entity of service composition called Self-Controlled Component (SCC), including, since the design step, functional and non-functional specifications, and proposes the concept of Virtual Private Service Network and Virtual Service Community that allows for the management of the service composition.
Abstract: Cloud computing and Future Internet promise a new ecosystem where everything is "as a service", reachable and connectable anywhere and anytime, everyone succeeding to get a service composition that meets his needs. But do we have the structure and the appropriate properties to design the service components and do we have the means to manage, at run-time, the personalised compositions corresponding to Service Level Agreement? In this article we introduce an entity of service composition called Self-Controlled Component (SCC), including, since the design step, functional and non-functional specifications. SCCs benefit both from the strong structure, explicit composition, and autonomic management of component-oriented programming, from the highly dynamic composition, and from the discovery capacities of service-oriented computing. Self-control mechanisms are then attached automatically to SCCs to enable autonomic application management during execution. The objective of this new concept is to provide strong Quality of Service (QoS) guarantees of composed applications. We illustrate the approach using an example called Springoo, to how in the context of a legacy application the contributions and benefits of our solution. For the management of the service composition we propose the concept of Virtual Private Service Network (VPSN) and Virtual Service Community (VSC) that allows us to model the personalised Service Level Agreement (SLA) where user requirements and provider offers converge on a QoS contract.
TL;DR: This paper presents an approach for characterizing the co-development of real-world BIS with respect to direct participation from different kinds of contributors, and focuses on the intersection of these subsystems, present appropriate metrics and a multilayered analysis scheme.
Abstract: Business information systems (BIS) comprise technological (e.g. programs), informational (e.g. content) and social artifacts (e.g. collaboration structures). Typically, such systems are constantly and collectively developed (co-developed) further by a variety of individuals within the organization. By recognizing these varying types of actors (concerning their goals, technical expertise and language means) and their predominantly developed artifact type, one can distinguish two types of subsystems: technical subsystems wherein the development of the system behavior is conducted by software developers; and business subsystems dominated by end-users developing informational artifacts. So far, co-development structures within and between these subsystems are not well understood, especially the aspect that – potentially driven by appropriate measures such as the provision of domain-specific languages – co-development might shift between these subsystems. This paper presents an approach for characterizing the co-development of real-world BIS with respect to direct participation from different kinds of contributors. This multilayered approach allows us to analyze the co-development with programming languages, domain-specific languages and end-user tools. The approach is suited to assess the direct participation of individuals from different subsystems in the development of evolving BIS. We focus on the intersection of these subsystems, present appropriate metrics and a multilayered analysis scheme. Contributions to artifacts are analyzed using social network analysis to detect structural properties of continuous co-development. The application to Learn@WU, a real-world BIS, demonstrates how end-user enabling technologies have shifted the co-development effort of the system from a small group of developers to a several orders of magnitude larger group of contributors. We observed an increase of direct participation over time on both informational and executable artifacts, while the number of technical experts was more or less constant. Our approach may act as a trigger for the application and further development of rigorous instruments for assessing co-development of BIS.
TL;DR: PaaSHopper is presented, a middleware platform for developing and operating multi-tenant SAAS applications in a multi-PaaS environment that enables the SaaS provider to have fine-grained control over the execution of applications and the storage of application data, while offering the tenant some degrees of customization and self-service as well.
Abstract: Offering Software-as-a-Service (SaaS) applications on top of a Platform-as-a-Service (PaaS) platform is a promising strategy as the SaaS provider does not need to acquire and maintain private cloud infrastructure, and it enables him/her to enjoy the benefits of cloud scalability and flexiblity as well. However, as this entails losing some control over the application and its data, SaaS providers are in practice reluctant to migrate to a PaaS platform entirely. To alleviate such concerns of vendor lock-in, the concept of a multi-cloud involves integrating and combining multiple cloud environments, private as well as public, but also involving multiple providers and different technologies. This has the added benefit that it further improves overall availability, flexibility and scalability. Current support for multi-cloud applications however is limited. This paper presents PaaSHopper, a middleware platform for developing and operating multi-tenant SaaS applications in a multi-PaaS environment. It enables the SaaS provider to have fine-grained control over the execution of applications and the storage of application data, while offering the tenant some degrees of customization and self-service as well. Driven by stakeholder-specific policies, the middleware dynamically decides which requests and tasks are executed in a particular part of the multi-PaaS environment. We validated this work in the context of four realistic SaaS application cases on top of a multi-cloud consisting of a local JBoss Application Server cluster, Google App Engine, and Red Hat OpenShift.
TL;DR: The proposed Action Slicing mechanism allows FlowVisor to limit which actions can be used by each virtual network controller, thus extending the virtual network definition, and can effectively neutralize the discovered vulnerabilities.
Abstract: In a virtualized environment, different virtual networks can operate over the same physical infrastructure. Each virtual network has its own protocols and share the available resources, thus highlighting the need of resource isolation mechanisms. Investigating the isolation mechanisms provided by FlowVisor, we have discovered vulnerabilities previously unknown regarding addressing space isolation. We show that, in the presence of a malicious controller, FlowVisor’s isolation can be broken allowing different attacks. This paper addresses these vulnerabilities by proposing an Action Slicing mechanism, that allows FlowVisor to limit which actions can be used by each virtual network controller, thus extending the virtual network definition. Our experimental results show that using the proposed Action Slicing mechanism can effectively neutralize the discovered vulnerabilities.
TL;DR: A solution to automatically generate cross-layer parsers and composers that abstract network messages into a uniform representation independent of the middleware used and is validated through a case study in the area of conference management.
Abstract: Given the highly dynamic and extremely heterogeneous software systems composing the Future Internet, automatically achieving interoperability between software components —without modifying them— is more than simply desirable, it is quickly becoming a necessity. Although much work has been carried out on interoperability, existing solutions have not fully succeeded in keeping pace with the increasing complexity and heterogeneity of modern software, and meeting the demands of runtime support. On the one hand, solutions at the application layer synthesise intermediary entities, mediators, to compensate for the differences between the interfaces of components and coordinate their behaviours, while assuming the use of the same middleware solution. On the other hand, solutions at the middleware layer deal with interoperability across heterogeneous middleware technologies but do not reconcile the differences between components interfaces and behaviours at the application layer. In this paper we propose a unified approach for achieving interoperability between heterogeneous software components with compatible functionalities across the application and middleware layers. First, we provide a solution to automatically generate cross-layer parsers and composers that abstract network messages into a uniform representation independent of the middleware used. Second, these generated parsers and composers are integrated within a mediation framework to support the deployment of the mediators synthesised at the application layer. More specifically, the generated parser analyses the network messages received from one component and transforms them into a representation that can be understood by the application-level mediator. Then, the application-level mediator performs the necessary data conversion and behavioural coordination. Finally, the composer transforms the representation produced by the application-level mediator into network messages that can be sent to the other component. The resulting unified mediation framework reconciles the differences between software components from the application down to the middleware layers. We validate our approach through a case study in the area of conference management.
TL;DR: The main contribution of this paper is the definition and application of an analytical model for dimensioning inter-data center network capacity in order to achieve some given performance levels, assuming some simple multiple virtual machine live migration strategies.
Abstract: The idea of pay-per-use computing incarnated by the cloud paradigm is gaining a lot of success, both for entertainment and business applications. As a consequence, the demand for computing, storage and communication resources to be deployed in data center infrastructures is increasing dramatically. This trend is fostering new forms of infrastructure sharing such as cloud federations, where the excess workload is smartly distributed across multiple data centers, following some kind of mutual agreement among the participating cloud providers. Federated clouds can obtain great advantages from virtualization technologies and, in particular, from multiple virtual machine live migration techniques, which allow to flexibly move bulk workload across heterogeneous computing environments with minimal service disruption. However, a quantitative characterization of the performance of the inter-data center network infrastructure underlying the cloud federation is essential to guarantee user’s quality of service and optimize provider’s resource utilization. The main contribution of this paper is the definition and application of an analytical model for dimensioning inter-data center network capacity in order to achieve some given performance levels, assuming some simple multiple virtual machine live migration strategies. An extensive set of results are provided that allow to understand the impact of the many parameters involved in the design of a cloud federation network.
TL;DR: This paper developed a learning recommendation system that expands the capabilities of existing composition algorithms to facilitate adaptivity and consequently reduces functional discrepancy and implemented the proposed functionality in terms of a prototypical composition framework.
Abstract: On-the-fly composition of service-based software solutions is still a challenging task. Even more challenges emerge when facing automatic service composition in markets of composed services for end users. In this paper, we focus on the functional discrepancy between “what a user wants” specified in terms of a request and “what a user gets” when executing a composed service. To meet the challenge of functional discrepancy, we propose the combination of existing symbolic composition approaches with machine learning techniques. We developed a learning recommendation system that expands the capabilities of existing composition algorithms to facilitate adaptivity and consequently reduces functional discrepancy. As a representative of symbolic techniques, an Artificial Intelligence planning based approach produces solutions that are correct with respect to formal specifications. Our learning recommendation system supports the symbolic approach in decision-making. Reinforcement Learning techniques enable the recommendation system to adjust its recommendation strategy over time based on user ratings. We implemented the proposed functionality in terms of a prototypical composition framework. Preliminary results from experiments conducted in the image processing domain illustrate the benefit of combining both complementary techniques.
TL;DR: In this paper, the JISA Editors invite five leading scientists from three continents (Raouf Boutaba, David Hutchison, Raj Jain, Ramachandran Ramjee, and Christian Esteve Rothenberg) to give their opinions about what is really new in SDNs.
Abstract: Software defined Networks (SDNs) have drawn much attention both from academia and industry over the last few years. Despite the fact that underlying ideas already exist through areas such as P2P applications and active networks (e.g. virtual topologies and dynamic changes of the network via software), only now has the technology evolved to a point where it is possible to scale the implementations, which justifies the high interest in SDNs nowadays. In this article, the JISA Editors invite five leading scientists from three continents (Raouf Boutaba, David Hutchison, Raj Jain, Ramachandran Ramjee, and Christian Esteve Rothenberg) to give their opinions about what is really new in SDNs. The interviews cover whether big telecom and data center companies need to consider using SDNs, if the new paradigm is changing the way computer networks are understood and taught, and what are the open issues on the topic.
TL;DR: The social networking platform presented in this paper integrates social networking with automated deployment of applications on multi-clouds and with knowledge drawn from community-sourced information repositories, and leverages two such repositories, the PaaSage repository and Chef Supermarket.
Abstract: A new discipline at the intersection of the development and operation of software systems known as DevOps has seen significant growth recently. Among the wide range of tasks of DevOps professionals, we focus on that of selecting appropriate cloud deployments for distributed applications. Despite the advent of automated software deployment and management frameworks, reasoning about good deployments still requires interaction with experts, often through discussions on online technical forums and social networks.
TL;DR: This work compares the prestige of developers with socio-economic data and finds that prestigious developers tend to be located in the most economically developed regions of Brazil, and are likely to follow others in the same state they are located in.
Abstract: Brazil is an emerging economy with many IT initiatives from public and private sectors. To evaluate the progress of such initiatives, we study the geographical distribution of software developers in Brazil, in particular which of the Brazilian states succeed the most in attracting and nurturing them. We compare the prestige of developers with socio-economic data and find that (i) prestigious developers tend to be located in the most economically developed regions of Brazil, (ii) they are likely to follow others in the same state they are located in, (iii) they are likely to follow other prestigious developers, and (iv) they tend to follow more people. We discuss the implications of those findings for the development of the Brazilian software industry.
TL;DR: The identification of AS neighborhood types and SpamBands may simplify the combat against spam, focusing efforts at the sources as a whole, possibly improving blacklists by grouping machines found in a same AS or Spam Bands.
Abstract: Despite the continuous efforts to mitigate spam, the volume of such messages continues to grow and identifying spammers is still a challenge. Spam traffic analysis is an important tool in this context, allowing network administrators to understand the behavior of spammers, both as they obfuscate messages and try to hide inside the network. This work adds to that body of information by analyzing the sources of spam to understand to what extent they explain the traffic observed. Our results show that, in many cases, an Autonomous System (AS) represents an interesting neighborhood to observe, with most ASes falling into four basic types: heavy and light senders, which tend to have many or very few spammer machines respectively, frequent small offenders, where spammer machines appear every now and then but disappear in a short time, and conniving ASes, where most machines do not send spam, but a few are heavy, continuous senders. Not only that, but also by grouping machines based on the campaigns that they send together, we define the notion of SpamBands. Those bands identify groups of machines that are probably controlled by the same spammer, and our findings show that they often span multiple ASes. The identification of AS neighborhood types and SpamBands may simplify the combat against spam, focusing efforts at the sources as a whole, possibly improving blacklists by grouping machines found in a same AS or SpamBands.
TL;DR: It is found that service-oriented concepts can be used to build open, flexible, and collaborative virtual networking environments and some of the existing open source virtual routing solutions are only suitable for building small to medium size virtual networking infrastructures.
Abstract: Network virtualization is considered as a promising way to overcome the limitations and fight the gradual ossification of the current Internet infrastructure. The network virtualization concept consists in the dynamic creation of several co-existing logical network instances (or virtual networks) over a shared physical network infrastructure. We have previously proposed a service-oriented hierarchical business model for virtual networking environments. This model promotes the idea of network as a service, by considering the functionalities offered by different types of network resources as services of different levels – services that can be dynamically discovered, used, and composed. In this paper, we propose an open, virtual, multi-services networking architecture enabling the realization of our business model. We also demonstrate the operation of our architecture using a virtualized QoS-enabled VoIP scenario. Moreover, virtual routing and control level performance was evaluated using proof-of-concept prototyping. Several important findings were made in the course of this work; one is that service-oriented concepts can be used to build open, flexible, and collaborative virtual networking environments. Another finding is that some of the existing open source virtual routing solutions such as Vyatta are only suitable for building small to medium size virtual networking infrastructures.
TL;DR: This thematic series puts together papers that employ the concept of social networks either in studying software development from an empirical approach or use the concept as a central basis for developing software tool support.
Abstract: In the Internet age, the concept of social network is emerging as both a useful means for understanding software development activities and a concept for designing software tools to support these activities. Employing Social Networking is useful in part, because it brings a focus to stakeholders in software development including developers, their managers, their support staff, QA analysts, requirement engineers, etc. Social networks represent how people communicate, coordinate, cooperate, and develop working relationships. The concept is also useful as it reflects the network-centric organization for dealing with highly inter-dependent artifacts–including complex source code, systems and subsystems, requirement and specification documents, etc. However, the knowledge on social network in software engineering is spread across the literature and the term social network is used for multiple purposes, such as social networking sites, social capital, interpersonal connections, and social structures. This thematic series puts together papers that employ the concept of social networks either in studying software development from an empirical approach or use the concept as a central basis for developing software tool support. Readers will find in this issue a centralized resource for research in this area.