A5037708102- Security and Verification in Computing
- Caching and Content Delivery
- Distributed and Parallel Computing Systems
- Parallel Computing and Optimization Techniques
- Advanced Data Storage Technologies
- Internet Traffic Analysis and Secure E-voting
- Distributed systems and fault tolerance
- Access Control and Trust
- Service-Oriented Architecture and Web Services
- Real-Time Systems Scheduling
- Embedded Systems Design Techniques
- Cloud Computing and Resource Management
- Peer-to-Peer Network Technologies
- Advanced Malware Detection Techniques
- Network Security and Intrusion Detection
- Cryptography and Data Security
- IPv6, Mobility, Handover, Networks, Security
- IoT and Edge/Fog Computing
- Opportunistic and Delay-Tolerant Networks
- Advanced Database Systems and Queries
- Advanced Software Engineering Methodologies
- User Authentication and Security Systems
- Mobile Agent-Based Network Management
- Software-Defined Networks and 5G
- Logic, programming, and type systems
University of Tsukuba
2014-2025
Japan Science and Technology Agency
2005-2014
The University of Tokyo
2014
Tohoku University
2014
Toyohashi University of Technology
2005
Institute of Information Science
1997-2003
University of the Ryukyus
1995
Virtual machine monitors (VMMs), including hypervisors, are a popular platform for implementing various security functionalities. However, traditional VMMs require numerous components providing virtual hardware devices and sharing protecting system resources among machines (VMs), enlarging the code size of reducing reliability VMMs.This paper introduces hypervisor architecture, called parapass-through, designed to minimize hypervisors by allowing most I/O access from guest operating (OS)...
VPN Gate is a public relay service designed to achieve blocking resistance censorship firewalls such as the Great Firewall (GFW) of China. To resistance, we organize many volunteers provide service, with changing IP addresses. block their firewalls, authorities must find addresses all volunteers. prevent this, adopted two techniques improve resistance. The first technique mix number innocent into server list provided public. second collaborative spy detection. volunteer servers work together...
Journal Article Lysophosphatidylserine analogues differentially activate three LysoPS receptors Get access Akiharu Uwamizu, Uwamizu 1Department of Molecular and Cellular Biochemistry, Graduate School Pharmaceutical Sciences, Tohoku University, 6-3, Aoba, Aramaki, Aoba-ku, Sendai, Miyagi 980-8578, Japan; 2PRESTO, Japan Science Technology Corporation, 4-1-8, Honcho, Kawaguchi, Saitama 332-0012, 3Laboratory Organic Medicinal Chemistry, University Tokyo, 7-3-1, Hongo, Bunkyo-ku, Tokyo 113-0033,...
This paper proposes a novel method of achieving fast networking in hosted virtual machine (VM) environments. method, called socket-outsourcing, replaces the socket layer guest operating system (OS) with host OS. Socket-outsourcing increases network performance by eliminating duplicate message copying both OS and Furthermore, socket-outsourcing significantly enhances inter-VM communication within same since it enables packets to bypass protocol stack OSes. was implemented two representative...
We present a new access control model for XML Web-Services that provides users with two kinds of authorities: the authority to delegate their authorities other and create based on own authorities. developed this by introducing capability- Web services. A capability consists an object identifier list permitted operations object. map express as description in Services Description Language (WSDL). Delegation corresponds distribution capability, which is done passing WSDL description. Creation...
Virtualized environments are important building blocks in consolidated data centers and cloud computing. Full virtualization (FV) allows unmodified guest OSes to run on virtualization-aware microprocessors. However, the significant overhead of device emulation FV has caused high I/O overhead. Current implementations based paravirtualization can only reduce such partially. This paper describes Linsock approach that applies outsourcing method speed up by combining different OS host OS....
In this study, we describe obtaining hard real-time performance and rich Linux features together in a compounded operating system (cRTOS). This creates two realms with partitioning hypervisor: normal realm of swift RTOS (sRTOS). A process running the can use not only but also through remote calls. Unlike existing approaches for including PREEMPT_RT patch using interrupt-dispatching layers, approach requires no modifications to Linux.
In conventional egress network access control (NAC) using lists (ACLs), modifying ACLs is a heavy task for administrators. To enable rapid configuration without large amount of effort by administrators, we introduce capabilities to NAC. our NAC, user can transfer his/her rights (capabilities) other persons asking realize capability-based use DNS messages and IP options carry capabilities. A resolver the client sends name, domain service name as query cache server, which issues according...
The recent interest in runtime attestation requires modeling of a program’s behavior to formulate its integrity properties. In this paper, we study the possibility employing static source code analysis derive models commodity operating systems kernel. We develop precis
Most existing collaborative applications on the Web require centralized servers for storing shared data and relaying communication messages among browsers. This paper proposes building a distributed browser as platform Web-based to address these problems wit
Recently, the variety and vastness in networks have increased rapidly. To keep stable reliable, network administrators to understand nature of traffic flows. In this paper, we propose a method analyze using firewall logs. The characteristics our are 1) use aggregate flow information, 2) cardinality information Here, shows number servers/clients, contributes finding P2P software Intranet viruses. experimental results confirm that session level acquired by proposed can find other types applications.
Since centralized Social Networking Services (SNSs) inherently have privacy concerns, researchers are working on decentralized SNSs for solving them. However, it is very difficult to replace all the roles of with decentralize ones. This paper describes Friend News System, a messaging system that works together SNS while maintaining necessary level privacy. an implementation Usenet using existing small groups. It inherits architecture, robustness, and rich news readers from Usenet. allows...
This paper proposes an anti-spam scheme that uses capability-based access control. In this scheme, rights to bypass spam filters are represented as capabilities, and email message containing a valid capability bypasses the filter goes straight receiver's inbox. As result, false positive problem inherent in existing is eliminated. allows user delegate another person compatible with systems applications. It was implemented client, Mozilla Thunderbird, along tool, basket, provides API for...
As centralized social networking services (SNSs) or online networks (OSNs) have inherent privacy concerns, researchers are working on decentralized SNSs as alternatives for addressing these problems. However, it is very difficult to decentralize all the functions of SNSs. This paper describes a SNS using virtual private (VPNs) that work together with In this SNS, members can share information friends through VPNs while hiding from run applications and servers their PCs, allow access contents...
Object-stacking is a model for structuring object-based systems and mechanism integrating multiple servers. The paper describes the object-stacking structure of distributed operating system based on this model. In object-stacking, objects are classified into stackable bottom objects. These have uniform interfaces. Each holds identifiers other or as lower Functions implemented by calling their Bottom provided system. Complex created stacking those each server provides single high-level...
Portable (standards-compliant) systems software is usually associated with unavoidable overhead from the standards-prescribed interface. For example, consider POSIX Threads standard facility for using thread-specific data (TSD) to implement multithreaded code. The first TSD reference must be preceded by pthread/spl I.bar/getspecific( ), typically implemented as a function or macro 40-50 instructions. This paper proposes method that uses runtime specialization'facility of Tempo program...
Kernel scripting is a technique to run an extension code in script language operating system kernel. Conventional kernel has two limitations. First, it affects entire and only privileged users are allowed install new script. This prohibits developers from running their own application-specific the Second, its performance not sufficient for some time-sensitive applications. In this paper, we address these problems. Our call allows without root privilege. runs with less overhead because use...
Network-booting is widely adopted in universities that have to maintain many client computers. In conventional network-booting systems, the primary bottleneck disk image distribution servers and network these servers. To eliminate this bottleneck, peer-to-peer (P2P) methods must work. However, existing P2P methods, including BitTorrent, do not work well for because they are highly optimized distributing an entire large file, while requires certain parts of a file. present study, aiming solve...
Conventional mobile applications are built based on a client-server modal and require central servers for storing shared data processing confidential information. If the accessed by an attacker, curious administrator or government, private information will be revealed because is often stored in form of cleartext. This paper presents Grouper, framework developing without trusted servers. To provide object synchronization among devices, Grouper uses secret sharing scheme to create several...