On formalism in specifications Bertrand Meyer, IEEE Software 1985 Following yesterday’s paper that used formal specification methods to resolve ambiguities and uncover potential vulnerabilities in OAuth 2.0, today’s choice is a 1980’s classic from Bertrand Meyer on the merits of formal specification and what it adds beyond natural language descriptions. With thanks once more to … Continue reading On formalism in specifications
Year: 2016
A comprehensive formal security analysis of OAuth 2.0
A comprehensive formal security analysis of OAuth 2.0 Fett et al. CCS '16 Formal methods may not be appropriate in all cases, but there are some places where the rigour they introduce can be a really good idea. Security is one of those places. In today's paper from CCS '16 Fett et al. create a … Continue reading A comprehensive formal security analysis of OAuth 2.0
Scaling Spark in the real world: performance and usability
Scaling Spark in the real world: performance and usability Armbrust et al. VLBD 2015 A short and easy paper from the Databricks team to end the week. Given the pace of development in the Apache Spark world, a paper published in 2015 about enhancements to Spark will of course be a little dated. But this … Continue reading Scaling Spark in the real world: performance and usability
Algorithmic improvements for fast concurrent cuckoo hashing
Algorithmic improvements for fast concurrent cuckoo hashing Li et al, EuroSys 2014 Today’s paper continues the work on optimistic cuckoo hashing that we looked at yesterday, extending it to support multiple writers and even higher throughput. One of the original goals for the research was to take advantage of the hardware transactional memory support in … Continue reading Algorithmic improvements for fast concurrent cuckoo hashing
MemC3: Compact and concurrent Memcache with dumber caching and smarter hashing
MemC3: Compact and Concurrent MemCache with Dumber Caching and Smarter Hashing Fan et al. NSDI 2013 At the core of this paper is an improved hashing algorithm called optimistic cuckoo hashing, and a CLOCK-based eviction algorithm that works in tandem with it. They are evaluated in the context of Memcached, where combined they give up … Continue reading MemC3: Compact and concurrent Memcache with dumber caching and smarter hashing
Getting beyond MVP
Something a little different for today, instead of a new paper I wanted to pause and reflect on the design advice we've been reading from Tony Hoare, Barbara Liskov, and David Parnas among others. In particular, how it can be applied in a situation I've recently been through with a codebase of my own, and … Continue reading Getting beyond MVP
Designing software for ease of extension and contraction
Designing software for ease of extension and contraction Parnas, IEEE Transactions on Software Engineering, 1979 A couple of weeks ago we looked at ‘A design methodology for reliable software systems’. David Parnas posted a comment (thank you!) giving some more insight into the history of Dijkstra’s “levels of abstraction” concept: This paper followed Dijkstra in … Continue reading Designing software for ease of extension and contraction
A Bayesian approach to graphical record linkage and de-duplication
A Bayesian approach to graphical record linkage and de-duplication Steorts et al. AISTATS, 2014 I don't normally cover papers from statistics conferences and journals, but this one caught my eye as addressing a high-value problem. Through a different lens, it also shows some of the challenges in maintaining privacy when it is possible to join … Continue reading A Bayesian approach to graphical record linkage and de-duplication
Replex: A scalable, highly available multi-index data store
Replex: A scalable, highly available multi-index data store Tai et al. USENIX 2016 Today’s choice won a best paper award at USENIX this year. Replex addresses the problem of key-value stores in which you also want to have an efficient query capability by values other than the primary key. … NoSQL databases achieve scalability by … Continue reading Replex: A scalable, highly available multi-index data store
Preemptive intrusion detection: theoretical framework and real-world measurements
Preemptive intrusion detection: theoretical framework and real-world measurements Cao et al, HotSoS 2015 Phuong Cao (the first author of this paper) got in touch following my review of DeepDive to say "Thanks for the review on DeepDive. I was inspired by that paper to apply factor graph on detecting intrusions at an early stage..." Preemptive … Continue reading Preemptive intrusion detection: theoretical framework and real-world measurements
the morning paper 