Orcmid's Lair

Welcome to Orcmid's Lair, the playground for family connections, pastimes, and scholarly vocation -- the collected professional and recreational work of Dennis E. Hamilton

This page is powered by Blogger. Isn't yours?

2003-09-13

 
Business Wire: IEEE Begins Standard to Create Baseline for More Secure Operating Systems

2003-09-12

 

Miscellaneous Clippings

A catchall that I will publish and organize better at some future time.BW Online | September 15, 2003 | The Underground Internet.  Although the focus is on "dark nets." where people can share material privately without discovery, there is also a potential for software solutions for secure peer-to-peer operation in multi-participant meshes.  This looks interesting with regard to providing private collaboration support and also private support for distributed-object activity.  I think I am interested in this for Miser, where my concern is the security and trust in employment of a remote object's distributed presence. Because of requirements for stong adherence to the oMiser model, for example, the dynamic distribution of connection to objects must have strong authentication and trust support for purposes of trouble-shooting and isolation of misbehaving objects.

 
ACM: Ubiquity - A Conversation with Bhaskar Chakravorti.  A great inteview on "The More Things Change, the More (and Less) They Stay the Same." Chakravorti has a book about the Slow Pace of Fast Change and the article is very useful about understanding the big picture and the setting in which innovation occurs.  The article is also rewarding simply for its explication of Demi Moore's law (why the actual rate of change based on the advances of Moore's law is at half that pace, more or less).

 
Bitpipe.  I'm looking to order the text book for my on-line course (MSC-DB on Databases), and amazon.com had a link to this site. Although it seems devoted to vendor-spin, it also looks interest.

2003-09-11

 
XML MATTERS #8 -- XML and Data Models: Hierarchical, Relational and Object-Oriented --.  This is a nice read and a gentle introduction to what matters in terms of data models versus their implementation.  It is a little short on the history of databases (forgetting the network and set-based models -- including Codasyl -- that were used before IMS demonstrated a very powerful hierarchical realization).

I especially like the observations about the need for a data model, and recognizing that that is different than the model of a DB system -- the carrier for the essentials of the data model, however it needs to be arranged for realization by the DB model. I think the differentiation between XML and how XML models might or might not fit data models is apt.

2003-09-10

 
Four Myths about XML (Bosak).  Another nice Bosak article.

 
Joel on Software - The Law of Leaky Abstractions.  This is an amazing article from Joel on Software.  It applies to oMiser, bit time, and I think it speaks to this sense of foreboding that I have been having lately as I watch systems crumble under one sort of onslaught or another.

 
XML in 10 points.  A nice, crisp article by Bert Bos that describes what XML is for newcomers.

 
The Birth of XML: A Personal Recollection.  Jon Bosak's personal recollection of what had him recognize that the power of SGML was needed on the web and then how XML came about to provide that.

 
TopXML : An exploration of XML in database management systems.  This is a nice survey article by Dare Obasanjo that covers a lot of the bases.  There is a bare-faced statement that hybrid cases favor Native XML databases, but I don't see any justification for that.

 
XML, Java, and the future of the Web.  This is John Bosak's March 1997 Paper on the purpose of XML.  It included at that time:

"1. Applications that require the Web client to mediate between two or more heterogeneous databases.

"2. Applications that attempt to distribute a significant proportion of the processing load from the Web server to the Web client.

"3. Applications that require the Web client to present different views of the same data to different users.

"4. Applications in which intelligent Web agents attempt to tailor information discovery to the needs of individual users. "


2003-09-08

 
Rediscovering the Internet.  A Frankston article that is linked from ACM Technet, but there must be more somewhere else.

 
SATN.org: Comments from Bob Frankston, David Reed, Dan Bricklin, and others.  A nice blog on topical interests, mainly to do with the Internet these days.  Clear thinking by some cool heads.

 
Frankston to ZDNet: IPv6 isn't just about more addresses.  A Frankston column on IPv6 and keeping the flexibility at the edges and getting those clowns out of the middle (my words).

 
AOL & Roadrunner Have Left the Internet!.  A Bob Frankston article on the problem of putting the solution in the wrong place and making the Internet inhospitable with more meddling then needed.

 
Joining the Digital Ranks: Worldwide Computer Certification

"A recent study by Cap Gemini Ernst & Young outlines the problem starkly: Workers spend nearly 136 hours per year, or three hours per week, solving computer-related problems. More than 70 percent of that time is lost due to lack of basic knowledge about computing, the report said."

"Although tech hiring has been squeezed in some skill-sets, particularly on the high end, the U.S. Department of Labor reckons that more than 26,000 database positions that do not require high-end skill-sets will open up during the next three years.

"Many database administrators organize, structure and retrieve key information without designing new, proprietary systems or crunching code. As a result, it often makes better sense for those seeking work in this industry to achieve certification rather than an advanced degree in computer science.

"As demand for DBAs has grown, IBM's DB2 certification has kept pace, growing by 240 percent last year, according to Big Blue. "



 

Computing Milieu


Trust and Trustworthy Computing


The journey sure doesn't look like the destination, doesn't it?


I am finding a little freedom in this morning's malaise.  I can now go do the homework I am behind on.  I will log on as admin and do my security updates later when I am installing some Access databases and setting up ODBC for XML Database exercises.

What You Should Know About Microsoft Security Bulletin MS03-037.  I notice that I was being resigned about one vulnerability after another.  I just reviewed all of the September 3 Microsoft Security Bulletings.  There were a bunch.  As I looked them over, I realized that this is part of the journey.  When vulnerabilities are discovered, they must be disclosed and the remedy made widely available.  I have no doubt about this part.

That does leave the question about what is being done such that this is not the predictable future as well.  This is a necessary step to a different future.  What will be different that the future will not be simply more of this?  I don't think technical fixes are the silver bullet, though some technical fixes would be welcome.  There is something more to be gained here about understanding the gap between where we are and where we say we are going.&npbs; My question is merely, how do we tell we are on the road to that destination?

 

Computer Science


Mathematically-Grounded Systems


Miser Concerns


I have been learning to be careful about preservation of mathematical well-definedness.  It means that things I would intuitively do as part of formulating oMiser must be resisted because they breach one of the fundamental requirements of mathematical-logic formalism as normally understood.  I just realized that a way that I wanted to use oracles to help with certain generic conditions has to be employed very carefully.  The oracle must always produce the same answer to the same question for well-definedness to work.  I had in mind making some well-known obs with applicative interpretations such as procedure-confirmed-to-be-well-defined. Or something more succint. The point is that a yes answer means that the given object can be trusted to have an applicative interpretation of a particular nature. The no answer means it is simply not confirmed. This allows new objects to show up about which a program has no way of knowing, but it can consult the oracle which is operating in the underlying implementation and it can provide an answer because it incorporates logic based on knowledge of the construction of the ob that is being asked about. Or it doesn't and it simply provides a negative answer.  I always thought this was a clever idea, and I see that I have still to deal with well-definedness.  I think I'm all right with this, but I do have to be very careful.

The procedure-confirmed-to-be-well-defined case is actually not meaningful in oMiser, because there are not allowed to be applicative interpretations of any other nature.  But there are others relating to optimization activities that apply.  I am thinking of knowing that an object is constant with respect to its Eval-interpretation, so it doesn't have to be quoted when incorporated in a formula. Another case is knowing that a form is not self-referential, so that it is safe to splice it into the body of a larger procedure's form under certain conditions.  These helpers allow compiling procedures to not know if new self-referential forms have been introduced and still do the right thing.  (There is something interesting in here about oracles that produce negative statements -- assert the absence of something.)  But the key is that in oMiser these helpers must be well-defined.

One more thing about the procedure-confirmed-to-be-well-defined case. The implementor of an oMiser who is confident that the system is safe will simply answer yes with respect to any of the objects that it has constructed. There is no other possible answer. However, there will be mechanisms beyond oMiser and an oMiser will eventually end up in communication with those systems. However, it can only accept connections to objects of other Miser systems for which the response to procedure-confirmed-to-be-well-defined is yes. Notice that an oMiser will never see the other objects until the answer is yes. So it would appear that the answer can change over time, as no yes ever given can change to no. Inside the oMiser domain, well-definedness will have never been breached!  Something more for me to get my head around.

I might use a better phrase, such as is-assessed-well-defined for which a negative response does not imply ill-definedness.  The choice of terminology will matter, and I am not going to do more about that now other than place this marker.

Relational Models and Assignment/State in Miser


Now that I am reminded of Codd's work, I need to think about how he dealt with assignment -- updating -- and managed to preserve a logical semantics for the model.  At some point I have to deal with that in getting past oMiser.  I need to understand Codd's rules at a relational-calculus level to see if there is anything that will help there.  Fortunately, I can try out any ideas in oFrugal (which can break rules that oMiser won't) without messing with oMiser, and there is room to get it wrong and come up with alternatives based on those results.

 

Computer Technology


Grid Computing

HP to grid-enable all systems, offers grid services - Computerworld.  Grids are Us.  This is interesting.  I don't quite know how this plays out in the small, but it would be interesting to have Grid capability on a LAN system and see how that supports distribution of services and access to resources on LAN nodes.  Just something I am curious about, especially for distributed operation of Miser.

 

Computing Milieu


Trust and Trustworthy Computing


When Is One More Vulernability Just One Too Many?


Security breach at Web host leaves sites at risk - Computerworld.  This is not a great morning.  I was up late last night after researching some class discussion questions too much.  I was feeling bummed-out over all of the confusion about the relational model that E. F. Codd developed versus the way relational database systems operate.  Now I learn that one of my web hosting services has been penetrated and sites used to deliver malicious payloads to visitors.  And Interland didn't say boo to its customers, if the quiet at my in box is any indication.  At the same time I learn that I need to apply a patch to all of my Office software, including Visio, because of a Visual Basic for Applications (VBA) vulnerability.  And I have no idea whether the problem I fell over on Blogger has been cured, is intermitent and has gone away or what.

The start of a perfect day.

dh:2003-09-08-10:00 -0700 (pdt):;nbsp; Well, the ODMA.info site seems all right.  One thing that may have saved me is that my site pages don't use Interland footers, and the setup I use is from VServers, the hosting service that I originall signed-up with and that has been acquired way too many times since.

2003-09-07

 

Information Systems

Database Models

The long struggle to realize the relational model

I just noticed that it has been over 30 years since the relational model was defined by E. F. Codd.  And in all of that time, no one has had the courage to actually deliver a database-system implementation that realizes that model.  And then people carp about the limitations and defects of the realizations as if they are defects of the model.  That's very disappointing.

A Simple Guide to Five Normal Forms in Relational Database Theory.  This is William Kent's September 1982 piece on normalization. It appeared in Comm. ACM 26, 2 (Feb. 1983), 120-125.  As a professional paper, it provides a fairly clear treatment that had been reviewed by Codd, Date, and Fagin and can be taken as relatively free from error.

 
Database Management Systems.  Chapter 12 of a breezy little book by Philip Greenspun.

In addition to providing a too flip coverage of Codd's work, Philip sticks it to the ACM for leaving an article posting 50% complete for almost 8 years now:

"... the abstract to 'A Relational Model of Data for Large Shared Data Banks', a paper Codd wrote while working at IBM's San Jose research lab. It was published in the Communications of the ACM in June, 1970 and is available from http://www.acm.org/classics/nov95/toc.html (ACM claims to represent the best practices that a business person could expect from a computing professional; their online version of Codd's paper was half-finished in 1995 and features a 'coming soon' note for the rest... is it any wonder that U.S. corporations are moving IT jobs to India and China? If a computer professional is going to do a half-assed job it doesn't make sense to pay him more than $10/hour.)."

I have echoed that sentiment myself, concerning why off-shore development is becoming so appealing.  Although I don't know what the problem was, and no account for this is provided on the ACM site, I do know that the attempt to deal with the mathematical typography in that portion of the original paper would have been pretty challenging for a circa 1995 web page.  Today it could be done, but I don't know if that means it will.

 
Chris Date comments on Martin Butler's Tribute to Ted Codd: "One hundred years from now--so long as we base our technical decisions on rational considerations and not crass commercial hype--database systems will still be based on Ted Codd's relational model."

 
DATABASE DEBUNKINGS - 2003 CONTENT.  There is some marvelous material in here.  Some of it is unnecessarily strident for my liking, and also a little too ad hominem.  I can understand the debate much easier without that.  And the errors seem to be clear as well.

 
DATABASE DEBUNKINGS - HOME.  this is a nice site managed by Fabian Pascal and Chris Date, apparently.  One great value is their efforts to quote myths and bunk about relational databases and dispell the fallacies in them.  I have been seeing some of that bunk in my class discussions, so I will happily refer people here.

 
ted_codd.  This tribute by Chris Date provides valuable historical background on the evolution of Ted Codd's thinking and the establishment of the rubustness and enduring quality of the relational model for data bases.

 
[Codd1979]: Extending the Data Base Relational Model to Capture More Meaning - PDF.  Another key paper by Codd. Again, this is a reference to the 38p. PDF file.

 
Ryan Kemp's Home Page.  There are two links to Codd papers here. One to his 1970 paper and one to his 1979 paper.

 
PDF: E. F. Codd Relational Model.  This link is to a PDF of the original 1970 paper.  Don't go there unless you are ready for a lengthy download.  Recommendation: Right-click on the link and do a Save Target As operation.

 
DBLP: E. F. Codd.  What's nice about this bibliography is that you can see what Codd was doing before as well as during and after work on the relational model.

 
Collected Works of E. F. Codd.  A nice bibliography that is compiled and maintained by ACM SigMOD.

 
Chapter 6: The Rise of Relational Databases | Funding a Revolution: Government Support for Computing Research.  Here's a nice-reading description of the rise of relational database systems.  The one reservation I have is based on the fact that it mentions the Eckert-Mauchly Computer Corporation as implementing a Codasyl database and Eckert-Mauchly was completely gone as a separate entity by the time of the Codasyl work. By then it was either the Univac Division of Sperry Rand or, more likely, Sperry Univac.  The problem with slip-ups like that is we are left to wonder what else is incorrect or inadequately researched.

 
Codd's "A Relational Model of Data for Large Shared Data Banks." CACM 13(6): 377-387(1970).  There is a PDF link but it doesn't seem to work.

 
Edgar F. Codd, father of "relational database model" left us....  A discussion around the report of Codd's death, identifying a key contribution: "The great contribution of master Codd besides the assertion that 'the entire information content of a relational database is represented in one and only one way: namely, as attribute values within tuples within relations' is his activism in promoting one theory of 'relational completeness of data base sublanguage'."

 
Mercury News | 04/20/2003 | Computer pioneer, dead at 79, revolutionized database system.  The obituary for E. F. Codd.

 
DATA MANAGEMENT STRATEGIES - Codd's 12 Rules.  An article that summarizes the 12 rules that Codd published in 1985.  An important distinction is between views and the database and the objects being modeled in the database.  (Actually, I would say being manifest in the database, because the database is not the model, though the database system has a model and it is different than the model that is being manifest with it.)  Something to come back to.

 
Jim Gray Turing Award Lecture: What Next? A Dozen Information-Technology Research Goals.  I am researching this because I need to clear up some things about Codd's model and transaction protection. Gray's Turing Award lecture seemed like an useful place. I am also looking for E.F. Codd's.

 
1.3 A Relational View of Data.  Here, Codd makes clear that he is talking about an array per n-ary relation and that he is clearly interesting in multiple relations over the set of domains. He also asserts that the particular representation is not an essential part of the relational view.

 
1.4 Normal Form description in Codd.  It is clear that Codd is describing multiple relations here and there is no question that, in an interpretation of relations by tables, there are multiple tables involved, all happening to have man# as an important (but not always primary) key.

 
SIGMOD Record - web edition / September 2003.  This issue has a special section on Peer-to-Peer Data Management.  I find that interesting because of the Feuding Lexicographers problem.  Something to dig into a little more.

 
SIGMOD Record - web edition / June 2003.  This issue has a paper by Victor Vianu on Database Principles, A Web Odyssey: From Codd to XML. I will have to look at that too. I think that there is a misunderstanding of Codd's principles in our discussions this week, and I want to find a better source of Codd's papers, especially on the normalization principles.

 
SIGMOD Record - web edition / March 2003.  There's an article here on fully integrating Native XML using ANSI SQL Hierarchical Processing (Michael M. David).  It seems relevant to this week's Web Applications seminar on XML and Databases.  I am downloading the PDF of the article.

 
SIGMOD Record - web edition / December 2001.  This is a special issue on Data Mining for Intrusion Detection and Threat Analysis.  I suppose the date is significant, and also this is becoming increasingly important even for protecting a single system. I just downloaded SpyBot-Search&Destroy because of my concern that my Firewall (ZAP) does not tell me enough or handle everything. I also have some background tasks that are sucking the cycles out of my applications (apparently the Windows installer and Norton Antivirus roaming over the hard drive).  I just want more assurance that I know who is doing what and why.

 
SIGMOD Record - web edition / September 2001.  The Guest Editor's message on XML and Heterogeneous data is being discussed in this weeks Web Applications seminar.  I am out to discover what the difference is between heterogeneous and homogenous data, and whether what matters is simply that it is data.

 

Miscellany

Alan Gauld's Learning to Program site.  Here is a site on Gauld's Learning to Program site that features Python.  I am still unsure about Python as a language of choice, but I like what Alan says otherwise.

 
Snort.org.  This is the location of some intrusion detection software that is also recommended by many. I still like ZAP but I don't know that I am fully protected. Also, I can't tell what some of the programs I end up approving are really doing by accessing the Internet. Another one to dig into deeper later.

 
Welcome to ntop.org.  Interesting entrance page.  I am browsing comp.security and following some leads for security-related software to use in checking out my system. This one was recommended.

 
--SpybotSD - License for Spybot - Search & Destroy by PepiMK Software.  I am concerned about the amount of junk that seems to be running on my machine, even with the Firewall.  This software gets good marks and I am looking over the license.

Hard Hat Area

an nfoCentrale.net site

created 2002-10-28-07:25 -0800 (pst) by orcmid
$$Author: Orcmid $
$$Date: 04-11-25 22:44 $
$$Revision: 2 $

Home