16382
[no title]
The FoundationDB Record Layer is an open source library
that provides a record-oriented datastore with semantics
similar to a relational database, implemented on top of FoundationDB, an ordered, transactional key-value store. The
Record Layer provides a lightweight, highly extensible way
to store structured data. It offers schema management and a
rich set of query and indexing facilities, some of which are
not usually found in traditional relational databases, such
as nested record types, indexes on commit versions, and indexes that span multiple record types. The Record Layer is
stateless and built for massive multi-tenancy, encapsulating
and isolating all of a tenant’s state, including indexes, into a
separate logical database. We demonstrate how the Record
Layer is used by CloudKit, Apple’s cloud backend service, to
provide powerful abstractions to applications serving hundreds of millions of users. CloudKit uses the Record Layer
to host billions of independent databases, many with a common schema. Features provided by the Record Layer enable
CloudKit to provide richer APIs and stronger semantics, with
reduced maintenance overhead and improved scalability.
filetype:pdf  foundationdb  apple  paper  comp-sci  database  scale  design  experience 
4 weeks ago
[no title]
The fastest plans in MPP databases are usually those with
the least amount of data movement across nodes, as data
is not processed while in transit. The network switches
that connect MPP nodes are hard-wired to perform packetforwarding logic only. However, in a recent paradigm shift,
network devices are becoming “programmable.” The quotes
here are cautionary. Switches are not becoming general purpose computers (just yet). But now the set of tasks they can
perform can be encoded in software.
In this paper we explore this programmability to accelerate OLAP queries. We determined that we can offload
onto the switch some very common and expensive query
patterns. Thus, for the first time, moving data through
networking equipment can contribute to query execution.
Our preliminary results show that we can improve response
times on even the best agreed upon plans by more than 2x
using 25 Gbps networks. We also see the promise of linear
performance improvement with faster speeds. The use of
programmable switches can open new possibilities of architecting rack- and datacenter-sized database systems, with
implications across the stack.
filetype:pdf  paper  comp-sci  database  networking  hardware  optimisation  datacenter  design 
4 weeks ago
ACLs don't
The ACL model is unable to make correct access decisions for interactions involving more than
two principals, since required information is not retained across message sends. Though this
deficiency has long been documented in the published literature, it is not widely understood. This
logic error in the ACL model is exploited by both the clickjacking and Cross-Site Request
Forgery attacks that affect many Web applications.
filetype:pdf  paper  web  infosec  vulnerability  security 
6 weeks ago
Macaroons: Cookies with Contextual Caveats for Decentralized Authorization in the Cloud
Controlled sharing is fundamental to distributed
systems; yet, on the Web, and in the Cloud, sharing is still
based on rudimentary mechanisms. More flexible, decentralized
cryptographic authorization credentials have not been adopted,
largely because their mechanisms have not been incrementally
deployable, simple enough, or efficient enough to implement
across the relevant systems and devices.
This paper introduces macaroons: flexible authorization credentials for Cloud services that support decentralized delegation
between principals. Macaroons are based on a construction that
uses nested, chained MACs (e.g., HMACs [43]) in a manner that
is highly efficient, easy to deploy, and widely applicable.
Although macaroons are bearer credentials, like Web cookies,
macaroons embed caveats that attenuate and contextually confine
when, where, by who, and for what purpose a target service
should authorize requests. This paper describes macaroons and
motivates their design, compares them to other credential systems,
such as cookies and SPKI/SDSI [14], evaluates and measures a
prototype implementation, and discusses practical security and
application considerations. In particular, it is considered how
macaroons can enable more fine-grained authorization in the
Cloud, e.g., by strengthening mechanisms like OAuth2 [17], and
a formalization of macaroons is given in authorization logic.
web  security  paper  filetype:pdf  authentication  authorisation 
6 weeks ago
« earlier      
2011 2012 2016 abuse advertising advice advocacy agile ai algorithms amazon analysis analytics android api apple architecture art article aws benchmark book books brexit browser business career children clojure cloud code communication community comp-sci comparison concurrency cool cryptography css culture data database debugging deployment design development devops digital distributed diversity docker economics economy education election empathy encryption energy engineering entrepreneurship erlang eu experience facebook failure feminism filetype:pdf finance framework functional funny future gds git github golang google gov.uk government guardian hacking hadoop hardware haskell health history howto html html5 http humour image images infosec innovation inspiration internet interview ios iphone java javascript journalism jquery jruby js jvm language languages law leadership lean learning library life linux management marketing mathematics media memory metrics mobile monitoring mysql netflix network networking news node node.js nodejs nosql nytimes opensource operations optimization paper parenting people performance philosophy physics politics presentation privacy process productivity programming psychology publishing python rails rant reference research rest review ruby satire scala scalability scaling science search security server sexism slides socialmedia software ssl startup startups statistics strategy study sysadmin tech technology testing tips tools trump tutorial twitter twitter:timoreilly ui uk unix usa ux video visualization web webdesign webdev wired women women-in-tech work wpo writing

Copy this bookmark:



description:


tags: