         Information Technology Research Update
 
               by Diomidis Spinellis
    Department of Management Science and Technology
   Athens University of Economics and Business (AUEB)
             http://www.dmst.aueb.gr/dds/
                  
                Volume 2 Issue 3
                May 7th, 2002

A free periodic newsletter providing summaries, analyses, insights, and
commentaries on information technology research brought to you by the
Information Systems Technology laboratory http://istlab.dmst.aueb.gr

In this issue:
- SANE 2002 Conference Report
- Mobile Applications Call for Papers

SANE 2002 Conference Report
---------------------------
The third international system administration and networking conference
(SANE 2002) took place in Maastricht, The Netherlands on the last week
of May 2002.  The conference, co-sponsored by USENIX and the NLnet
foundation, has evolved to be the European equivalent to the US-based
System Administration conferences (LISA).  A lively and colourful crowd
of  systems-related attendees - including the obligatory Unix elders -
copious amounts of food, wireless Internet connectivity, interesting
poster presentations, and a technical exhibition made the conference a
fun place to be.  Two parallel tracks of very interesting papers made
the selection of presentations a real challenge; the following summaries
are therefore only a subset of the conference's presentations.  The
conference's web page is at <http://www.nluug.nl/events/sane2002/>.
 
The conference's keynote address was made by Bill Cheswick who described
his Internet mapping work at Bell labs that resulted in founding the
Lumeta startup company.  Mapping the Internet is becoming more and more
difficult.  Drawing routes from one point to another on a geographical
map does not reveal any useful information in densely wired areas like
the North America and Europe: all that appears is a solid blob.  More
interesting are diagrams that depict the routes between different
networks, with networks arranged in a spring-like fashion with
well-connected networks appearing in the diagram's centre and leafs at
its periphery.  Colour is used to distinguish different network
providers, network addresses, or administrative domains (e.g.
countries).  Interestingly, directly representing the network IP address
using a (red, green, blue) triple results in a map drawing where a mouse
can directly determine the address of a given network by hovering over a
particular colour.  
The applications of this research are numerous.  Bill described how,
after the 9/11 events, he ever more frequently finds himself at meetings
in Virginia or Baltimore with individuals that refuse to identify
themselves or the government branch they are working for!  An animated
map of Yugoslavia network connectivity during NATO's bombardments was
especially interesting.  We could see network links appearing and
disappearing and total connectivity dropping as NATO started targeting
Yugoslavia's infrastructure.  "Son, you are making remote damage
assessment from your basement", remarked one general over his work.  Of
course, viewing only Internet addresses and domain names has its
limits.  The excitement of a discovery of a group of Yugoslavian hosts
(.yu) that proved to be extremely well connected, and reside somewhere
in Virginia, was slightly tempered when he found out that he had only
discovered the Yugoslavian embassy in the US.


Christine Hogan, co-author (with Tom Limoncelli) of the book "The
Practice of System and Network Administration" gave a talk on "Scheduled
Maintenance Windows".  This concept allows you to proactively plan your
system maintenance (and thereby manage your user's expectations).  A key
element in such an exercise is a flight director, the person you see in
historical space-flight films managing the entire operation in the
flight control center.  The flight director, knows the mission details,
but does not participate in the actual operations, thus distancing
herself from the task and keeping the clear head needed during the
maintenance window's stressful hours.  She is the one who will notice
that the maintenance operations are running behind schedule and will
command that the system should revert to its previous state (you did
keep a backup, didn't you?), thus averting service disruption.

Mark Burgess, from the Oslo University College, gave an
thought-provoking talk titled "System Administration as Communication
over a Noisy Channel".  Mark believes that Shannon's communication
theory can be used as the underlying foundation for explaining and
predicting a number of  phenomena related to the system administration
discipline.  And this is what science is all about.  Specifically, Mark
considers that a system's policy is communicated over a noisy channel,
in which the users of the system represent noise.  A significant result
of this view is that error correction techniques are needed to create
stable system administration tools.

Computer forensics, the study of the legal aspects of digital evidence,
are increasingly important to system administrators who will be called
to testify as experts in a court of law.  Vlasti Broucek, an experienced
system administrator who is currently researching this issue at the
University of Tasmania, outlined in a paper titled "Bridging the Divide:
Rising Awareness of Forensic Issues amongst Systems Admins" the main
challenges and techniques for preserving and effectively presenting
forensic evidence.  Computer forensics differs from IT security in that
it is typically conducted after an attack and its results will be
presented to an non-IT-literate audience.  Important aspects of digital
evidence include its legal admissibility, its validity, and the conduct
of the forensic analysis.  System administrators faced with the task of
collecting evidence should therefore minimise the handling of the
original data, account for any changes, comply with the rules of
evidence, and avoid embarrassment by not exceeding their knowledge and
skills.

A paper co-authored by George Gousios of the University of the Aegean,
and your correspondent, "A Comparison of Portable Dynamic Web Content
Technologies for the Apache Server" presented the main technologies for
providing dynamic content on the web (CGI scripts, PHP, mod_perl,
mod_python and Java
Servlets) and outlined the results of a series of benchmarks that
measured their performance.  FastCGI followed by mod_perl appeared to
score best in moving data out of the server, but Java servlets proved to
be the most resilient.  The paper received the conference's best
refereed paper award and is available online at
<http://www.dmst.aueb.gr/dds/pubs/conf/2002-SANE-DynCont/html/dyncont.html>.

Diane Lark from Hewlett Packard presented work on a similar problem in a
talk titled "Simulating Web Workloads".  The major  insight behind her
and her colleagues work was the self-similarity behind many internet
traffic patterns.  They therefore used the SURGE network traffic
generator to overcome the deficiencies of  SPECWeb96 and Webstone. 
Through those tests they observed that web serving is a memory intensive
operation that puts relatively less stress on the processor.  They found
out that a 1GHz server processor can serve the equivalent of 3000 users.

Your correspondent presented his work relating to the integration of
home appliances, in a paper titled "The Information Furnace:
User-friendly Home Control".  The Information Furnace is a
basement-installed PC-type device that integrates existing consumer
home-control, infotainment, security, and communication technologies to
transparently provide user-friendly access and value-added services. A
modern home contains a large number of sophisticated devices and
technologies. Access to these devices is currently provided through a
wide variety of disparate interfaces. As a result, end-users face a
bewildering array of confusing user-interfaces, access modes, and
affordances. In addition, as most devices function in isolation,
important opportunities to exploit synergies between their
functionalities are lost. The information furnace distributes data,
provides services, and controls an apartment's digital devices. Emphasis
is placed on user-friendliness and on exploiting the synergies that
inevitably come up when these technologies and services are housed under
a single roof. The prototype implementation outlined integrates on a
FreeBSD server the distribution of MP3-encoded music to DNARD/NetBSD
thin clients, an answering machine, a burglar alarm, an Internet router,
a fax server, a backup server, and intelligent control of a PBX.   The
paper is available on line at
<http://www.dmst.aueb.gr/dds/pubs/conf/2002-SANE-DynCont/html/dyncont.html>.

As indicated by the talk's attendance, a highlight of the conference was
the talk of Kirk McKusick (chief architect of the Berkeley Unix and
co-author of the "The Design and Implementation of the 4.[34] BSD Unix
Operating System" books) titled "Running fsck in the background".  Kirk
has a talent for simplifying the presentation of highly technical
information.  The fsck program, equivalent to the Microsoft scandisk or
chkdisk ones, verifies and fixes the integrity of Unix file systems. 
Running such a program on a large disk (e.g. 100GB) can take hours, an
unacceptable proposition for production servers.  The problem was solved
by taking a virtual snapshot of a disk (by temporarily suspending
running system calls), maintaining the snapshot current by monitoring
disk updates, and running fsck on that frozen snapshot.  Snapshots could
also be useful for backing-up system state, and running a dump (backup)
operation on a live system.  Memorable quote: "I could write a special
version of fsck, but I have already written fsck once, and I did not
want to do that again".

Cor Bosman from XS4ALL gave a talk on installing and maintaining
clusters of servers using PXE and Rsync.  Installing software on a large
number of servers can be a tricky proposition.  Cor explained how he
used the PXE remote booting standard supported by most modern Ethernet
cards to transparently load and install FreeBSD on server clusters.  The
procedure is so smooth, that having PXE booting enabled on the BIOS of a
Windows machine will make it install FreeBSD on the fly - "a software
upgrade", as Cor described it.

Mark Overmeer  gave a talk on E-mail processing with Perl.  It turns out
that many of the Perl modules that deal with mail are unsupported,
buggy, and lack important functionality.  In addition, correctly
processing mail elements is a lot more difficult that what it appears to
be.  MIME encapsulation, multi-part messages, different presentation
mechanisms, varying mail user agents, latitude in the mail header
specification, and non-conforming implementations conspire to make the
implementation of robust mail processing software a Herculean task. 
Mark worked on overcoming this situation by implementing a complete,
robust, and reusable mail processing module (available on
http://www.cpan.org) that other developers can import when building
mail-handling applications.  Thanks Mark!

The conference ended with an entertaining talk by Jos Visser titled
"Welcome to the Tribe: Socio-and anthropological phenomena at Unix
hacker Conferences" discussing the audience, conference, elders,
mythology, economics, ethics, values, and moral code, humour and
entertainment, enemies, nutcases and outcasts, gadgets, women (section
intentionally left blank), and status aspects of the hacker culture.  At
the same time Peter Salus, on a more sombre atmosphere, gave a talk on
"The Types of Internet Trauma: 1994-2002" where he presented how the
Northridge earthquake, hurricane Floyd, fibre cuts, denial of service
attacks, and the 9/11 WTC incident affected the Internet's
connectivity.  Overall the network fared well re-routing packets and
compensating in real time.


Mobile Applications Call for Papers
-----------------------------------
The IEEE Internet Computing magazine has issued a call for papers for
a special issue on Mobile Applications (Mar./Apr. 2003).  The
submissions deadline is September 2nd 2002.

Recent advances in hardware and software technologies have created a
plethora of mobile devices with a wide range of communication,
computing, and storage capabilities. While new mobile applications
running on these devices give mobile users easy access to remote
contents and services regardless of where they are, the applications
designers face many design challenges. This special issue covers all
aspects of mobile applications.  Topics of interest for technical papers
include, but are not limited to the following:

- Security of mobile applications
- Mobile middleware platforms
- Design of user interface for mobile devices
- Mobile multimedia applications
- Mobile enterprise applications
- Peer-to-peer mobile computing
- Hybrid systems that seamlessly transfer between cellular and wireless
LAN systems
- Emerging standards and transition issues
- Robustness and Quality of Service (QoS) issues 
- Performance studies of mobile applications
- Studies of existing mobile applications

http://www.computer.org/internet/call4ppr.htm#v7n2