January 2010 - Vol. 53 No. 1

January 2010 issue cover image

Features

Opinion Editor's letter

More Debate, Please!

In this issue of Communications we have a debate that is quite a rarity in computing research: a technical debate. A pair of Contributed Articles  debate the relative merits of MapReduce and relational database management systems. I have no doubt that our readers will find this technical debate highly instructive.
Opinion Letters to the editor

Software Still As Much an Art As Science

C.A.R. Hoare's viewpoint "Retrospective: An Axiomatic Basis for Computer Programming" (Oct. 2009) reminded me of a saying attributed to both Jan L.A. van de Snepscheut and Yogi Berra: "In theory, there is no difference between theory and practice. But, in practice, there is."
News In the Virtual Extension

In the Virtual Extension

Communications' Virtual Extension brings more quality articles to ACM members. These articles are now available in the ACM Digital Library.
News ACM's FY09 annual report

ACM’s Annual Report

It's been an exhilarating first year as President of ACM. At the close of FY09, ACM stood as the largest educational and scientific computer society in the world. After seven consecutive years of steady growth, ACM ended the fiscal year with membership at an all-time high.
News

Rebuilding For Eternity

Buildings collapse. Wind and rain beat them, temperatures cycle from freezing to blistering, and random strikes of lightning threaten sudden obliteration. Even more potent are the human challenges: war, fire, and deliberate destruction. But digital representations can survive such dangers, capturing structures forevermore.
News

Future Internet Design Summit

The National Science Foundation's meeting on Internet architectures focused on designs related to emerging social and economic realities. The four-day,  invitation-only summit drew 90 U.S.-based researchers with expertise in networking, communications, security, privacy, and the social and economic sciences.
News

ACM and India

ACM is in the process of establishing ACM India as a legal entity and will hold its first conference in late January. Four A.M. Turing award winners, including Barbara Liskov of the Massachusetts Institute of Technology, will speak at the inaugural event in Bangalore.
Research and Advances Contributed articles

MapReduce and Parallel DBMSs: Friends or Foes?

Parallel DBMSs excel at efficient querying of large data sets; MapReduce-style systems excel at complex analytics and ETL tasks. Neither is good at what the other does well. Hence, the two technologies are complementary.
Research and Advances Research highlights

Native Client: A Sandbox For Portable, -Untrusted X86 Native Code

Native Client is a sandbox for untrusted x86 native code. It aims to give browser-based applications the computational performance of native applications without compromising safety.
Research and Advances Virtual extension

Using the Thread-Fabric Perspective to Analyze Industry Dynamics

Rapid advances in technology pose severe challenges to organizations that are dependent on their technology for day-to-day operations as well as strategic renewal. For example, one major challenge is the decision of which new technology to adopt and when to adopt it. If an organization implements a technology too early and its industry takes up another technology later as the standard, the organization will have wasted resources and must expend more in order to switch or make its technology compatible. If the organization waits for a standard to emerge, it will lose any benefits of being the first mover. Organizations struggle to predict the shape of tomorrow's industry, especially more dynamic industries like wireless communications. Current business theories are limited in their ability to explain phenomena happening in these dynamic industries. They are also weak in their ability to predict the totality of these types of industries. Theories like the resource-based view of the firm and dynamic capabilities can assess an individual firm's competitiveness and analyze competition between one firm and another under preordained and well-ordered industrial structures, but they cannot explain the total shape of an industry and the positioning of firms within the industry. For example, the analysis and comparison of organizations in the wireless industry, such as Nokia, Samsung, Qualcomm, Vodafone, Hutchison, and Verizon, can assess a company's resources and capabilities and its superiority over another in its resources or capabilities. But these theories do not explain the whole picture of the industry, why companies are pursuing different technologies, why and how they ally with one another, or how companies with fewer resources or capabilities can compete with those with more, for example. They also fail to account for how organizations and industries change constantly through internal and external forces. In fairly static industries like the traditional auto industry, companies operated on the same stable supply chains and other systems for decades, thus it was fair to detach two or more organizations from the same shared industrial context to compare them. However, we cannot separate organizations from their industrial context in current dynamic industries like information technology, because organizations and the industry in which they belong co-evolve rapidly by affecting each other. None of the standard business theories can give us clear answers to how, for example, Qualcomm and Korean electronics companies, that started with few resources, capabilities and market share, could create and then expand their territory in the GSM-dominated wireless industry led by Nokia. More broadly, the nature of modern business competition appears to be undergoing a fundamental change. To explore the new industrial dynamics, we use the intuitive ideas of threads, fabric and weaving to develop a perspective which promises to greatly facilitate the description and analysis of highly competitive and dynamic industries such as the wireless industry. The Thread-Fabric view perceives organizations and industries as organic entities rather than as rigid and mechanical units. The proposed perspective also differs from existing theories in that it allows a way to observe industries and predict the future not only at the level of individual firms but also from the scope of entire industries. For industry, we hope this theory can support managers and decision-makers to understand the fast-changing business environment and build strategies and tactics to achieve their business goals. For academia, we hope our proposal shows a new way to analyze and understand how industries transform in this day and age. Here, we describe our framework and clarify its details by applying it to the example of the global wireless industry. We use this framework to analyze current dynamics in the wireless industry: the fight fo
Research and Advances Virtual extension

Security Constructs For Regulatory-Compliant Storage

In response to a growing body of electronic records legislation, the storage community has enhanced data stores to include privacy, auditability, and a "chain-of-custody" for data. There are currently over 4,000 federal, state, and local regulations that govern the storage, management, and retrieval of electronic records. Most notably, the Sarbanes-Oxley Act of 2002, which regulates corporate financial records. Storage vendors provide "compliance" platforms that store and manage data in accordance with regulations, which aids customers in meeting compliance guidelines. Examples include: EMC Centera Compliance Edition,™ NetApp SnapLock,™ and IBM Tivoli Security Compliance Manage.™ Many of these platforms add storage management policy to existing systems. Vendors start with systems that manage versions of files or volumes. They add immutability to past versions by preventing writes by policy. They also enforce data retention guidelines by not allowing the deletion of protected files. Enhanced metadata allows users and auditors to examine the store at any point-in-time and investigate the manner in which data have changed throughout their history. While these features aid organizations in complying with regulations, they do not provide strong evidence of compliance. By following storage management policies, data are versioned and retained for mandated periods. However, there are many opportunities and motivations to subvert such storage policies. In fact, the file system owner represents the most likely attacker. For example, a corporation might alter or destroy data after the corporation comes under suspicion of malfeasance. The shredding of Enron audit documents at Arthur Anderson in 2001 provides a notable paper analog. Similarly, a hospital or private medical practice might attempt to amend or delete a patient's medical records to hide evidence of malpractice. In policy-based storage systems, past data may be altered or destroyed by reverse engineering file system formats and editing the file data on disk--a common and well understood data forensics task. We assert that these features need to be cryptographically strong, providing irrefutable evidence of compliance with regulations. This can be achieved for data retention and chain of custody. A storage system commits to a version history so that, at a later time, an auditor may access past data and gain conclusive evidence that the data have been retained and are unmodified. Further, all data should be bound to the users that modify, create, or delete that data. Such constructs improve the evidentiary value of electronic records within the courts, increase an auditor's confidence in the veracity of the information on which they report (and for which they are responsible), and enhance an organization's quality of data management. To these ends, we review three security constructs for versioning file systems. Digital audit trails allow a file system to prove to an independent auditor that it stored data in conformance with regulated retention guidelines. Fine-grained, secure deletion allows a system to efficiently delete individual versions of files to meet confidentiality requirements, limit liability, and allow data to be redacted. Per-block authenticated encryption adds authenticity guarantees to the confidentiality provided by encryption. We also include a distillation of requirements based on a review of relevant legislation and a brief characterization of the performance impact of these techniques based on their implementation within the ext3cow file system.
Research and Advances Virtual extension

The Future of Digital Imaging

Traditionally, radiology is a support department that provides imaging services to other hospital departments. In this conventional framework, the primary concerns of a radiology department were how to enhance the productivity of imaging workflows. Most efforts have been made principally to remove unnecessary communications and thereby reduce report turnaround time. The introduction of information systems such as PACS (Picture Archiving and Communication System) and RIS (Radiology Information System) are typical examples of such efforts. Over the past decades, imaging technologies have advanced remarkably, and have led to the proliferation of digital imaging services. Many imaging solution providers are offering various off-the-shelf software programs at more affordable prices. Those programs are equipped with sophisticated imaging functions, and can easily manipulate the large amounts of image data generated from high-performance imaging modalities. As a result, the number of imaging centers providing diagnostic imaging services has grown considerably, and competition between them has intensified. In this evolving environment, enhanced productivity of imaging workflow is not sufficient to guarantee a competitive and successful imaging business. Rather, more diversified perspectives of customer satisfaction must be considered, and technological advancements must be leveraged for the quality and the competitiveness as well as the productivity of imaging services. In this article, we envision digital imaging services in radiology, with emphasis on the recent advancements in digital imaging technology and its future direction. Specifically, we focus on the four major issues prevailing in current imaging business practices: specialization, flexibility, reliability, and usability. We investigate the kinds of technologies pertaining to each issue, as well as the ways in which such technologies have enabled the invention of innovative services in diagnostic imaging practice.
Research and Advances Virtual extension

Mobile Web 2.0 With Multi-Display Buttons

User-Generated Content (UGC) IS A BURGEONING social phenomenon being watched in today's world with keen interest. UGC is an online new-media content created by users rather than by conventional media such as broadcasters. A typical example would be Flickr, an online photo-sharing site with 37 million images, to which its 1.2 million members add up to 200,000 images daily. UGC is shifting the paradigm of Internet use away from the one-way propagation of media content by companies towards the creation and sharing of media content by and among ordinary users. The mobile phone is an especially important means of promoting user generation and exchange of media content. Many mobile phones now have built-in digital cameras and inherent network connectivity. These features have greatly facilitated the creation and sharing of media content. For instance, users can immediately upload photos on Flickr with their mobile phones as well as access Flickr and browse other people's media content. However, the constraints of a typical mobile phone---its small display and limited number of buttons---make use of mobile UGC services challenging. Only a few studies have investigated hardware or software alternatives to address these problems. This article presents a new user interface (UI) for mobile phones, one that makes use of UGC services easier and more efficient. The new interface has two key characteristics: one pertaining to content structure, and another to content visualization. More specifically, the new UI employs two major mobile Web 2.0 technologies, the tag and the tag cloud, and multi-display buttons increase the display size and flexibility of individual buttons. The interface is dedicated specifically towards supporting exploratory browsing within mobile UGC services, because users of such services are likely to focus on exploratory browsing and serendipitous discovery and be more inclined toward entertainment rather than utility. Here, we describe the new interface and investigate whether it aids in enhancing exploratory browsing within mobile UGC services.
Research and Advances Virtual extension

Designing Data Governance

Organizations are becoming increasingly serious about the notion of "data as an asset" as they face increasing pressure for reporting a "single version of the truth." In a 2006 survey of 359 North American organizations that had deployed business intelligence and analytic systems, a program for the governance of data was reported to be one of the five success "practices" for deriving business value from data assets. In light of the opportunities to leverage data assets as well ensure legislative compliance to mandates such as the Sarbanes-Oxley (SOX) Act and Basel II, data governance has also recently been given significant prominence in practitioners' conferences, such as TDWI (The Data Warehousing Institute) World Conference and DAMA (Data Management Association) International Symposium. The objective of this article is to provide an overall framework for data governance that can be used by researchers to focus on important data governance issues, and by practitioners to develop an effective data governance approach, strategy and design. Designing data governance requires stepping back from day-to-day decision making and focusing on identifying the fundamental decisions that need to be made and who should be making them. Based on Weill and Ross, we also differentiate between governance and management as follows: • Governance refers to what decisions must be made to ensure effective management and use of IT (decision domains) and who makes the decisions (locus of accountability for decision-making). • Management involves making and implementing decisions. For example, governance includes establishing who in the organization holds decision rights for determining standards for data quality. Management involves determining the actual metrics employed for data quality. Here, we focus on the former. Corporate governance has been defined as a set of relationships between a company's management, its board, its shareholders and other stakeholders that provide a structure for determining organizational objectives and monitoring performance, thereby ensuring that corporate objectives are attained. Considering the synergy between macroeconomic and structural policies, corporate governance is a key element in not only improving economic efficiency and growth, but also enhancing corporate confidence. A framework for linking corporate and IT governance (see Figure 1) has been proposed by Weill and Ross. Unlike these authors, however, we differentiate between IT assets and information assets: IT assets refers to technologies (computers, communication and databases) that help support the automation of well-defined tasks, while information assets (or data) are defined as facts having value or potential value that are documented. Note that in the context of this article, we do not differentiate between data and information. Next, we use the Weill and Ross framework for IT governance as a starting point for our own framework for data governance. We then propose a set of five data decision domains, why they are important, and guidelines for what governance is needed for each decision domain. By operationalizing the locus of accountability of decision making (the "who") for each decision domain, we create a data governance matrix, which can be used by practitioners to design their data governance. The insights presented here have been informed by field research, and address an area that is of growing interest to the information systems (IS) research and practice community.
Research and Advances Virtual extension

Domotic Technologies Incompatibility Becomes User Transparent

The potential of current technologies in smart automation has been largely unexploited. Pervasive computing vision is still far from being achieved, especially with regard to Domotics and home applications. In fact, even though many implementations have started to appear in several contexts, few applications have been made available for the home environment and the general public. This is mainly due to the segmentation of standards and proprietary solutions, which are currently confusing the market with a sparse offer of uninteroperable devices and systems. Although modern houses are equipped with smart technological appliances, still very few of these appliances can be seamlessly connected to each other. Moreover, inter-working capabilities are required beyond house boundaries, towards external services and towards other houses as nodes of a global network. Therefore, the main goal of this research is to find solutions to the problem of interoperability that will be in line with open and widely recognized standards. The result is a computing framework based on open communication standards, capable of abstracting the peculiarities of underlying heterogeneous technologies, and letting them co-exist and interwork, without eliminating their differences. Interoperability can thus be made potentially feasible between any domotic technology, both currently existing, and still to be defined. Currently, domotic technology vendors concentrate on building closed relationships with their customers, and leveraging their economic investments by establishing barriers against new manufacturers entering the market. Examples of current domotic protocols are X10, Konnex, LonWorks, UPnP, HAVi, and Jini supporting various communication standards (Ethernet, FireWire, Bluetooth, ZigBee, IrDA and proprietary buses). We believe that no domotic technology currently has the potential to actually play a leading role. Within this wide and heterogeneous framework, the market logic is to tie consumers to a particular domotic protocol, which then forces them to only purchase conforming devices in order to keep a consistent level of interoperability. In recent years several interesting and innovative solutions have emerged, with a reasonable level of scalability and dependability, providing interoperability among heterogeneous home systems. Twente University has proposed a solution that aims at supporting heterogeneous technologies (including legacy ones) with a "cluster cultures" approach. The architecture outlines a "touch and play" system which, at device registration time, enables a zero-configuration environment for the exchange of credentials among its gateways and to register device services in a hierarchical structure. The architecture provides a high level of security by using cryptographic algorithms. Waseda University have proposed a framework designed to easily enable the integration of legacy middleware and legacy services and clients, with a predefined path for the inclusion of new, future, middleware. This is accomplished mainly through the use of a Virtual Service Gateway. This connects one piece of middleware to another by exploiting a Protocol Conversion Manager, whose task is to convert the different middleware protocols into the specific internal protocol used by the Virtual Service Gateway. Information about the location and functions of services is provided by a Virtual Service Repository. Another interesting project is the "Domotic House Gateway." It implements an event-based mechanism which is used to exchange messages between the single device and the system. These events are internally converted into logical events so as to clearly separate the actual physical issues from the semantics that goes beyond the devices and their role within the house. One level of the architecture implements a rule-based core that can be dynam

Recent Issues

  1. November 2024 CACM cover
    November 2024 Vol. 67 No. 11
  2. October 2024 CACM cover
    October 2024 Vol. 67 No. 10
  3. September 2024 CACM cover
    September 2024 Vol. 67 No. 9
  4. August 2024 CACM cover
    August 2024 Vol. 67 No. 8