Resource Control for Java Database Extensions

نویسندگان

  • Grzegorz Czajkowski
  • Tobias Mayr
  • Praveen Seshadri
  • Thorsten von Eicken
چکیده

While object-relational database servers can be extended with user-defined functions (UDFs), the security of the server may be compromised by these extensions. The use of Java to implement the UDFs is promising because it addresses some security concerns. However, it still permits interference between different users through the uncontrolled consumption of resources. In this paper, we explore the use of a Java resource management mechanism (JRes) to monitor resource consumption and enforce usage constraints. JRes enhances the security of the database server in the presence of extensions allowing for (i) detection and neutralization of denial-of-service attacks aimed at resource monopolization, (ii) monitoring resource consumption which enables precise billing of users relying on UDFs, and (iii) obtaining feedback that can be used for adaptive query optimization. The feedback can be utilized either by the UDFs themselves or by the database system to dynamically modify the query execution plan. Both models have been prototyped in the Cornell Predator database system. We describe the implementation techniques, and present experiments that demonstrate the effects of the adaptive behavior facilitated by JRes. We conclude that, minimally, a database system supporting extensions should have a built-in resource monitoring and controlling mechanism. Moreover, in order to fully exploit information provided by the resource control mechanisms, both the query optimizer and the UDFs themselves should have access to this information.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Resource Control for Database Extensions

While object-relational database servers can be extended with user-defined functions (UDFs), the security of the server may be compromised by these extensions. The use of Java to implement the UDFs is promising because it addresses some security concerns. However, it still permits interference between different users through the uncontrolled consumption of resources. In this paper, we explore t...

متن کامل

Java Security Extensions for a Java Server in a Hostile Environment

The Java (TM) Virtual Machine is being used more frequently as the basic engine behind dynamic web services. With the proliferation of network attacks on these network resources, much work has been done to provide security for the network environment. Continuing work on firewalls, intrusion detection, and even access control have provided numerous insights and capabilities for protecting web re...

متن کامل

Attribute Grammar-Based Language Extensions for Java

This paper describes the Java Language Extender framework, a tool that allows one to create new domain-adapted languages by importing domain-specific language extensions into an extensible implementation of Java 1.4. Language extensions may define the syntax, semantic analysis, and optimizations of new language constructs. Java and the language extensions are specified as higher-order attribute...

متن کامل

Computer Tools for the Management of Lexicon-Grammar Databases

Lexicon grammar is a systematic method for the analysis and the representation of the elementary sentence structures of a natural language; its product: large collections of syntactic electronic dictionaries or lexicon-grammar tables (LGTs). In order to describe a language, very long term collaborative work is required. However, the current computer tools for the management of LGTs do not fulfi...

متن کامل

Protected Resource Access for Mobile Agent-based Distributed Computing

This paper describes the mobile agent paradigm for distributed computing, and outlines the security-related issues encountered in supporting it. One of the major requirements is the provision of access control mechanisms for server resources. Several possible designs are discussed, and one such proxy-based design, which we have developed in conjunction with the Ajanta mobile agent system, is de...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1999