Journal influence
Higher Attestation Commission (VAK) - К1 quartile
Russian Science Citation Index (RSCI)
Bookmark
Next issue
№1
Publication date:
16 March 2024
Latest issue articles
Order result by: Public date | Title | Authors |
1. The user job managing in a HPC network using federated authentication [№4 за год]
Authors: Baranov, A.V., Kuznetsov, E.E.
Visitors: 2463
The paper presents a research on user task management in a distributed network of scientific HPC centers. The HPC network unites supercomputers of different architecture belonging to different centers. Each center independently determines its own security policy and maintains its own user accounting database. This complicates the management of user jobs; in particular, it complicates the operational job redistribution between supercomputers of different centers. The authors base their research methodology on combining two-level hierarchical job management and federated identity management, in particular federated authentication. The paper proposes a new method for managing user jobs in a distributed HPC network based on federated authentication. The upper level of the management hierarchy is a global job queue; the global queue jobs are distributed to the supercomputers of the distributed HPC network. The local queues of these supercomputers form the lower level of the job management hierarchy. Each job should be authenticated and authorized twice: when it is placed in the global queue and when it is allocated to a local queue. The proposed method takes into account that a job, when being in the global queue, from the point of view of information security, turns from an object into a subject, which must be authorized again in a local queue. The paper shows that the application of federated authentication in authorization of users and their jobs allows building a simple and secure scheme of job management in the HPC network. The practical significance of the research is the operation of the job management system in the distributed HPC network and the security analysis of such solution.
2. Computing cluster performance expectations when selecting a parallel file system [№4 за год]
Authors: Aladyshev, O.S., Zakharchenko, A.V., Ogaryshev, V.F. , Shabanov, B.M.
Visitors: 3133
When creating a high-performance computing cluster, one of the most urgent tasks is to provide a productive external storage system for future workload. The paper studies the principles of parallel file systems' operation, which can determine their performance for different workloads; it proposes a method for determining the performance limits of external storage systems. The main advantage of the proposed method is the phased approach to identifying performance limits. Initially, the authors determine the hardware (infrastructure) limits based on theoretical calculations. Then they refine the limits using tests and/or readings of the storage hardware monitoring system. In addition to selecting an appropriate file system and configuring hardware, the authors form program factors that can affect the file system performance for the required workload. Through various subject tests or models, the limits continue to be refined. Finally, the revealed limits are checked in the storage system preliminarily tuned for the required workload. The proposed approach to selecting a parallel file system for a high-performance computing cluster and to tuning a storage system for a certain range of parallel supercomputer applications allows avoiding using complex models and the need to analyze large amounts of test results. Besides, it helps to understand better the characteristics of the storage system being created. The proposed method of systematic performance evaluation of parallel file systems allows simplifying and speeding up the process of developing a storage system with a parallel file system. The method is also applicable to modern ad-hoc file systems dynamically created for a supercomputer application.
3. Analytical processing of large data sets of cybersecurity events using supercomputing [№4 за год]
Authors: Kotenko, I.V. , Saenko, I.B. , Parashchuk, I.B. , Desnitsky, V.A., Vitkova, L.A.
Visitors: 2634
The issue of cybersecurity of critical infrastructures is complicated by the need to process large data sets of security events. This leads to the need to develop information technology that combines analytical processing with supercomputing. The authors proposed a general scheme of such technology and architecture of the system realizing it. The system contains components that realize real-time detection of computer attacks, abnormal activity and security policy violations. Furthermore, the system components allow promptly assessing the security of network resources, analyzing risks, making decisions on the protection of network resources, investigating computer incidents, visualizing large data sets of cybersecurity events and interacting with the supercomputer center. The authors used the principles of data-centricity, open service-oriented architecture and platform to select the solution. They presented a high-level and low-level description of the system architecture. The authors demonstrated experimental results obtained at the Polytechnic supercomputer center. They evaluated the developed technique using HAI dataset collected on a testbed of an industrial steam turbine control system. The authors solved the problem of predicting future states based on previous states obtained by clustering system events. The realized prediction method showed that the accuracy depends on the number of considered previous states and the prediction range. These results confirmed the effectiveness of the proposed information technology and demonstrated its high performance.
4. High-performance service for collecting and analyzing network and server hardware log files on a National Research Computer Network [№4 за год]
Author: Abramov A.G.
Visitors: 2301
Building a seamless and productive solution for collecting, intelligent processing and analyzing system and service log data is a meaningful and multidimensional research and application problem. This solution will ensure reliable functioning of scientific telecommunication networks and services based on them. This paper provides an overview of developed and operated journaling techniques, technologies and tools with an emphasis on open source software. It also considers some aspects of logging services in Unix operating systems based on the Rsyslog protocol. There are also outlined construction features and examples of typical modern software log processing pipelines and their key functions, including those using machine learning methods and technologies. The author gives a schematic and detailed textual description of a special-purpose service developed and implemented in the national research computer network of Russia. This service is based on a set of open source software comprising the widely used in system administration practice of Rsyslog log data collection and processing package, high-performance columnar ClickHouse DBMS and Grafana data visualization, statistics and analytics system.
5. Increasing the PC computing power: Integration with a distributed smartphone system [№4 за год]
Authors: Balabaev, S.A., Lupin, S.A., P.N. Telegin, Shabanov, B.M.
Visitors: 2922
The paper considers the possibility of improving PC performance by integrating a distributed smartphone system with it. There is an overview of the main hardware and software features of mobile devices. The authors evaluated the effect of such nodes on the performance of a distributed computing system. It was found that the main differences from PCs are low quality of device cooling and big.LITTLE architecture. These mobile device features do not allow using all smartphone cores at full capacity and should be taken into account when integrating them into a unified computing environment. Software for integrating mobile devices with personal computers consists of two applications: a client and a server developed in Java programming language. The applications allow uploading a computable task to nodes, running it, accumulating and displaying the computational results obtained from the nodes. The devices interact over the network. The computable task is an apk application containing a Java class with methods that can be called from the application running on the client. The utilized node load-balancing algorithm allows integrating smartphones of different generations, which differ significantly in performance, into a single environment. The authors show that in order to distribute the load efficiently between the system nodes, it is necessary to use their real performance value. The paper presents the results of solving the problem of function minimization in a distributed environment organized using the developed software. They confirm the achievement of the set goal. The obtained results are useful for a wide range of specialists.
6. Dialogue software complex for forming Common Digital Space of Scientific Knowledge ontology [№4 за год]
Authors: S.A. Vlasova, N.E. Kalenov
Visitors: 2730
The paper considers a software package that forms the ontology of the Common Digital Space of Scientific Knowledge (CDSSK). The ontology includes a set of directories describing subspaces, classes of objects, object attributes and relations of various types and kinds. Each object attribute directory contains an attribute name, information about its format and status (obligatory or optional, unique or multiple), as well as the name and type of the value dictionary. Relationship directories contain necessary information about the connections between object pairs or attribute values. The CDSSK ontology includes named connections of three types: universal, quasi-universal, and specific. A specific connection of any type can be simple or composite. The paper presents the software package that implements services related to the formation of reference books of subspaces, classes, attributes of objects and connections of all CDSSK types. The software package is for the administrators of CDSSK subspaces; it allows creating CDSSK structural elements in the dialog mode. These elements are necessary for forming the space content with automatic definition of the list of object attributes, their input formats and the necessary means of formal and logical control. The complex operation enables the input information control that excludes elements duplication or incorrect data input, which contradicts the structure declared by the class “formats”. The software package consists of two modules: forming new elements and editing existing ones. The editing module also allows deleting ontology elements without violating its integrity. The complex work enables building a structure that is a basis for unified programs of CDSSK content formation.
7. Search organization in a database with related entities [№4 за год]
Authors: Pogorelko, K.P., Savin, G.I.
Visitors: 2541
There is the problem of search organization in a database with related entities, in which it is possible to formulate conditions not only to the attributes of a certain entity, but also to set conditions on related entities. The paper describes the realized search mechanism. On the basis of this mechanism the author organized the search in the information system of the digital library “Scientific Heritage of Russia”. The search mechanism provides the work in the Russian and English languages. The author customize the search engine to the structure of a particular database by filling in a number of tables. The search engine allows working with such types of attributes as text field, numeric value, boolean value, full-text index of text field, codifiers. There are various functionalities for administrators and regular users. To formulate a query to the database, the author designed an intuitive interactive search query builder. It allows you to set conditions for the initially selected entity, related entities, their number and types of connection in the dialog mode. There is an extended functionality for working with codifiers of large volume. The author described the html markup organization of the input form and the data structure formed during query building. He gave an algorithmic solution that allows building an SQL instruction to the database according to the query formulated in the builder. He also gave an example of a query to related entities and the SQL instruction built for this query. The author described the organization of the search results visualization system. The proposed algorithms for building a search mechanism can serve as a model for organizing a search in the Unified Digital Space of Scientific Knowledge, including heterogeneous named relationships between objects.
8. Features of functional modeling of complex hierarchical systems with different ways of organizing the control of the study processes for the purpose of selecting a rational system structure [№4 за год]
Authors: Dolgov, N.V., Ilin V.А.
Visitors: 2924
The paper presents a general analysis of functional modeling of complex hierarchically organized systems. In such systems, individual processes of hierarchy levels interact with each other directly, except for the control function of the corresponding hierarchy at different ways of control organization. The paper considers complex systems of two-level hierarchy of control at centralized, decentralized and network-centric ways of controlling the lower level systems of the hierarchy. The authors also analyzed several options for organizing the construction of abstract hierarchical processes represented in the notation of IDEF0 technology and management of these processes. These processes are functional models of complex systems at different methods of control. During the interpretation of complex systems functional models at different methods of control, the authors formed the function relationship matrices of the modeled processes. The authors proposed mathematical dependencies for determining the process efficiency of complex systems functional models under different methods of control. They analyzed the functional models of complex systems and identified the most efficient one. They also proved that increasing the number of procedural functions of functional models leads to a decrease in process efficiency. However, increasing the forward and backward functional relationships of functional models leads to an increase in the efficiency of processes.
9. Temporal database in intelligent real-time decision support systems: The case of a university educational process [№4 за год]
Authors: Eremeev, A.P. , Paniavin N.A., Marenkov, M.A.
Visitors: 3183
The purpose of the paper is to research and develop a temporal database, and then a temporal knowledge base for modern intelligent real-time systems by making such system prototype for an educational institution. The authors consider the educational process of a higher education institution (technical university) as a subject area that requires intellectual analysis and dynamic (temporal) data processing. The prototype aims at controlling academic progress and helping university students in problematic situations during the learning process. The paper proposes using a non-relational (NoSQL) database organization to implement the temporal model of information representation and temporal databases and knowledge bases on its basis. Such database organization is the most suitable for operating spatial dynamic data. Classical relational models and relational (SQL) databases are poorly applicable for their processing. The authors propose a prototype general diagram of a real-time intelligent decision support system with a temporal database and a knowledge base. The temporal database is based on a graph model and supplemented with a decision search system based on Allen's interval logic and metric logic. The temporal database in the prototype used the data of 2,000 students of the National Research University “MPEI” on a number of profile disciplines. The data for the last several years was obtained from university special information systems. The software implementation involved Python v.3.10 programming language, Dask library for distributed and parallel computing and Neo4j non-relational graph DBMS.
10. Assessing the strength of a computer system user authentication password: Improving the method based on using known vulnerabilities [№4 за год]
Authors: I.G. Sidorkina , Mikhalishchev, S.V.
Visitors: 2389
The relevance of the research is due to the growing threats to user data security in the modern digital environment; the choice of strong passwords plays a critical role in protecting information. The improved method is based on applying the CatBoost machine-learning model. It improves existing approaches to analyzing password structure and automatic formulating requirements for password complexity. It takes into account well-known vulnerabilities associated with users choosing weak or compromised passwords. A special feature of the improved method is a deep analysis of the training data set and using dictionaries of forbidden and compromised passwords. This allows improving the accuracy of the trained model and take into account dynamically changing security requirements. The main results of the work demonstrate a significant improvement in the accuracy of password strength determination for authentication of computer system users. When analyzing the training dataset used to train the machine-learning model, the authors identified some issues. These were irrelevant assignment of passwords to a certain security class by a new security standard; compromised passwords; the absence of classified passwords that have a minimum distance from the left character of the Unicode code table to the right one. In contrast to known solutions, password verification by dictionaries took place at the initial stage, before training the model. It does not create additional load on the model and does not allow users to use forbidden and compromised passwords. The practical significance of this work is in implementing the improved method in user authentication systems. This will eliminate weak and compromised passwords, increase their efficiency and the level of user data protection, reduce the risk of successful attacks. Furthermore, the authors can adapt the proposed method for various security systems when integrated into existing password verification mechanisms. This research contributes to the development of digital security techniques. It can be useful for information security and software engineering professionals.
| 1 | 2 | Next → ►