Change search
Refine search result
1 - 20 of 20
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Aslam, Mudassar
    et al.
    RISE, Swedish ICT, SICS.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Rasmusson, Lars
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Björkman, Mats
    Securely Launching Virtual Machines on Trustworthy Platforms in a Public Cloud2012Conference paper (Refereed)
    Abstract [en]

    In this paper we consider the Infrastructure-as-a-Service (IaaS) cloud model which allows cloud users to run their own virtual machines (VMs) on available cloud computing resources. IaaS gives enterprises the possibility to outsource their process workloads with minimal effort and expense. However, one major problem with existing approaches of cloud leasing, is that the users can only get contractual guarantees regarding the integrity of the offered platforms. The fact that the IaaS user himself or herself cannot verify the provider promised cloud platform integrity, is a security risk which threatens to prevent the IaaS business in general. In this paper we address this issue and propose a novel secure VM launch protocol using Trusted Computing techniques. This protocol allows the cloud IaaS users to securely bind the VM to a trusted computer configuration such that the clear text VM only will run on a platform that has been booted into a trustworthy state. This capability builds user confidence and can serve as an important enabler for creating trust in public clouds. We evaluate the feasibility of our proposed protocol via a full scale system implementation and perform a system security analysis.

  • 2.
    Bjurling, Björn
    et al.
    RISE, Swedish ICT, SICS, Decisions, Networks and Analytics lab.
    Rasmusson, Lars
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Johansson, Ulf M
    Qualitative policies for bandwidth priorities in ad-hoc networks2008In: Proc. IEEE 27th Conference on Computer Communications, 2008, 1Conference paper (Refereed)
  • 3.
    Drejhammar, Frej
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Rasmusson, Lars
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    BEAMJIT: a just-in-time compiling runtime for Erlang2014Conference paper (Refereed)
    Abstract [en]

    BEAMJIT is a tracing just-in-time compiling runtime for the Erlang programming language. The core parts of BEAMJIT are synthesized from the C source code of BEAM, the reference Erlang abstract machine. The source code for BEAM's instructions is extracted automatically from BEAM's emulator loop. A tracing version of the abstract machine, as well as a code generator are synthesized. BEAMJIT uses the LLVM toolkit for optimization and native code emission. The automatic synthesis process greatly reduces the amount of manual work required to maintain a just-in-time compiler as it automatically tracks the BEAM system. The performance is evaluated with HiPE's, the Erlang ahead-of-time native compiler, benchmark suite. For most benchmarks BEAMJIT delivers a performance improvement compared to BEAM, although in some cases, with known causes, it fails to deliver a performance boost. BEAMJIT does not yet match the performance of HiPE mainly because it does not yet implement Erlang specific optimizations such as boxing/unboxing elimination and a deep understanding of BIFs. Despite this BEAMJIT, for some benchmarks, reduces the runtime with up to 40\%.

  • 4.
    Karazisis, Dimitrios
    et al.
    Sahlgrenska Academy, Sweden; University of Gothenburg, Sweden; BIOMATCELL, Sweden.
    Petronis, Sarunas
    RISE - Research Institutes of Sweden, Bioscience and Materials, Chemistry and Materials. BIOMATCELL, Sweden.
    Agheli, Hossein
    Sahlgrenska Academy, Sweden; University of Gothenburg, Sweden; BIOMATCELL, Sweden.
    Emanuelsson, Lena
    Sahlgrenska Academy, Sweden; University of Gothenburg, Sweden; BIOMATCELL, Sweden.
    Norlindh, Birgitta
    Sahlgrenska Academy, Sweden; University of Gothenburg, Sweden; BIOMATCELL, Sweden.
    Johansson, Anna
    Sahlgrenska Academy, Sweden; University of Gothenburg, Sweden; BIOMATCELL, Sweden.
    Rasmusson, Lars
    RISE - Research Institutes of Sweden, ICT, SICS.
    Thomsen, Peter
    Sahlgrenska Academy, Sweden; University of Gothenburg, Sweden; BIOMATCELL, Sweden.
    Omar, Omar
    Sahlgrenska Academy, Sweden; University of Gothenburg, Sweden; BIOMATCELL, Sweden.
    The influence of controlled surface nanotopography on the early biological events of osseointegration.2017In: Acta Biomaterialia, ISSN 1742-7061, E-ISSN 1878-7568, Vol. 53, p. 559-571Article in journal (Refereed)
    Abstract [en]

    The early cell and tissue interactions with nanopatterned titanium implants are insufficiently described in vivo. A limitation has been to transfer a pre-determined, well-controlled nanotopography to 3D titanium implants, without affecting other surface parameters, including surface microtopography and chemistry. This in vivo study aimed to investigate the early cellular and molecular events at the bone interface with screw-shaped titanium implants superimposed with controlled nanotopography. Polished and machined titanium implants were firstly patterned with 75-nm semispherical protrusions. Polished and machined implants without nano-patterns were designated as controls. Thereafter, all nanopatterned and control implants were sputter-coated with a 30nm titanium layer to unify the surface chemistry. The implants were inserted in rat tibiae and samples were harvested after 12h, 1d and 3d. In one group, the implants were unscrewed and the implant-adherent cells were analyzed using quantitative polymerase chain reaction. In another group, implants with surrounding bone were harvested en bloc for histology and immunohistochemistry. The results showed that nanotopography downregulated the expression of monocyte chemoattractant protein-1 (MCP-1), at 1d, and triggered the expression of osteocalcin (OC) at 3d. This was in parallel with a relatively lower number of recruited CD68-positive macrophages in the tissue surrounding the nanopatterned implants. Moreover, a higher proportion of newly formed osteoid and woven bone was found at the nanopatterned implants at 3d. It is concluded that nanotopography, per se, attenuates the inflammatory process and enhances the osteogenic response during the early phase of osseointegration. This nanotopography-induced effect appeared to be independent of the underlying microscale topography.

    STATEMENT OF SIGNIFICANCE: This study provides a first line of evidence that pre-determined nanopatterns on clinically relevant, screw-shaped, titanium implants can be recognized by cells in the complex in vivo environment. Until now, most of the knowledge relating to cell interactions with nanopatterned surfaces has been acquired from in vitro studies involving mostly two-dimensional nanopatterned surfaces of varying chemical composition. We have managed to superimpose pre-determined nanoscale topography on polished and micro-rough, screw-shaped, implants, without changes in the microscale topography or chemistry. This was achieved by colloidal lithography in combination with a thin titanium film coating on top of both nanopatterned and control implants. The early events of osseointegration were evaluated at the bone interface to these implants. The results revealed that nanotopography, as such, elicits downregulatory effects on the early recruitment and activity of inflammatory cells while enhancing osteogenic activity and woven bone formation.

  • 5. Linnarsson, Sten
    et al.
    Lönnerberg, Peter
    Olden, Mats
    Aurell, Erik
    Carlsson, Mats
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Ekman, Jan
    RISE, Swedish ICT, SICS, Decisions, Networks and Analytics lab.
    Kreuger, Per
    RISE, Swedish ICT, SICS, Decisions, Networks and Analytics lab.
    Rasmusson, Lars
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    METHODS FOR PROFILING MOLECULES WITH AN OBJECTIVE FUNCTION2003Patent (Other (popular science, discussion, etc.))
    Abstract [en]

    Methods relating to profiling and/or identifying molecules in a sample, particularly chemical or biological molecules contained in an experimental sample using measured data about molecules actually present and known information about candidate molecules that may be present. Information tags can be assigned to candidates. This may be achieved with a high degree of accuracy and a low false positive rate by minimising the effect of one or more possible sources of error. An objective goal (assignment) may be optimised by linear programming or by mixed integer programming

  • 6.
    Rasmusson, Lars
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Agent negotiation over compound network resources1999In: Proceedings of the IAT99 Workshop on Agents in Electronic Commerce, 14-17 Dec 1999, Hong Kong, 1999, 1Conference paper (Refereed)
  • 7.
    Rasmusson, Lars
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Evaluating resource bundle derivatives for multi-agent negotiation of resource allocation2001In: E-Commerce Agents: Marketplace Solutions, Security Issues, and Supply and Demand, Springer Berlin / Heidelberg , 2001, 4, p. 154-165Chapter in book (Refereed)
    Abstract [en]

    Consider continuous negotiations where the goal is to obtain exactly one complete bundle of resources and there exists alternative bundles that solve the task. This paper presents a market-based model of this negotiation that does not require commitment and decommitment during the negotiation phase. A negotation goal is represented by a graph, called a resource network. Goals are achieved by obtaining resources along one path in the graph. The resource network model can be applied to electronic commerce with agents trading bandwidth in all-or-nothing deals, and for agents that want to combine simple goods into more complex goods.

  • 8.
    Rasmusson, Lars
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Evaluating the CDF for m weighted sums of n correlated lognormal random variables2002Report (Other academic)
    Abstract [en]

    We show that one can evaluate the cumulative probability density function m weighted sums of n correlated lognormal variables with Monte Carlo simulation rapidly, by deriving its joint probability density function. The adaptive Monte Carlo method allows us to estimate the number of rounds required to achieve a given tolerance. The need for evaluating this function rapidly occurs in many applications, for instance for pricing combinatorial options for bandwidth markets.

  • 9.
    Rasmusson, Lars
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Network capacity sharing with QoS as a financial derivative pricing problem: algorithms and network2002Doctoral thesis, monograph (Other academic)
    Abstract [en]

    A design of an automatic network capacity markets, often referred to as a bandwidth market, is presented. Three topics are investigated. First, a network model is proposed. The proposed model is based upon a trisection of the participant roles into network users, network owners, and market middlemen. The network capacity is defined in a way that allows it to be traded, and to have a well defined price. The network devices are modeled as core nodes, access nodes, and border nodes. Requirements on these are given. It is shown how their functionalities can be implemented in a network. Second, a simulated capacity market is presented, and a statistical method for estimating the price dynamics in the market is proposed. A method for pricing network services based on shared capacity is proposed, in which the price of a service is equivalent to that of a financial derivative contract on a number of simple capacity shares.Third, protocols for the interaction between the participants are proposed. The market participants need to commit to contracts with an auditable protocol with a small overhead. The proposed protocol is based on a public key infrastructure and on known protocols for multi party contract signing. The proposed model allows network capacity to be traded in a manner that utilizes the network efficiently. A new feature of this market model, compared to other network capacity markets, is that the prices are not controlled by the network owners. It is the end-users who, by middlemen, trade capacity among each other. Therefore, financial, rather than control theoretic, methods are used for the pricing of capacity.

  • 10.
    Rasmusson, Lars
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Pricing Virtual Paths with Quality-of-Service Guarantees as Bundle Derivatives2001Report (Other academic)
    Abstract [en]

    We describe a model of a communication network that allows us to price complex network services as financial derivative contracts based on the spot price of the capacity in individual routers. We prove a theorem of a Girsanov transform that is useful for pricing linear derivatives on underlying assets, which can be used to price many complex network services, and it is used to price an option that gives access to one of several virtual channels between two network nodes, during a specified future time interval. We give the continuous time hedging strategy, for which the option price is independent of the service providers attitude towards risk. The option price contains the density function of a sum of lognormal variables, which has to be evaluated numerically.

  • 11.
    Rasmusson, Lars
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Aslam, Mudassar
    RISE, Swedish ICT, SICS.
    Protecting Private Data in the Cloud2012In: Proceedings of The 2nd International Conference on Cloud Computing and Services Science, CLOSER 2012, 2012, 16Conference paper (Refereed)
    Abstract [en]

    Companies that process business critical and secret data are reluctant to use utility and cloud computing for the risk that their data gets stolen by rogue system administrators at the hosting company. We describe a system organization that prevents host administrators from directly accessing or installing eaves-dropping software on the machine that holds the client's valuable data. Clients are monitored via machine code probes that are inlined into the clients' programs at runtime. The system enables the cloud provider to install and remove software probes into the machine code without stopping the client's program, and it prevents the provider from installing probes not granted by the client.

  • 12.
    Rasmusson, Lars
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Aurell, Erik
    RISE - Research Institutes of Sweden, ICT, SICS.
    A Price Dynamics in Bandwidth Markets for Point-to-point Connections2001Report (Other academic)
    Abstract [en]

    We describe a model of a network of N sub-networks (or routers) where M network users making concurrent point-to-point connections by selling and buying router capacity to and from each other. The resources need to be acquired in complete bundles, but there is only one spot market for each router, i.e. no way to place bids on complete bundles. In order to describe the internal dynamics of the market, we model the observed prices by N-dimensional Ito-processes. Modeling using stochastic processes is novel in this context of describing interactions between end-users in a system with shared resources, and allows a standard set of mathematical tools to be applied. The derived models is intended to price contingent claims on network capacity and thus to price complex network services such as, trading resource bundles, pricing quality of service levels, multicast service, etc.

  • 13.
    Rasmusson, Lars
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Aurell, Erik
    RISE, Swedish ICT, SICS.
    Network service pricing as a derivative pricing problem2002Conference paper (Refereed)
  • 14.
    Rasmusson, Lars
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Aurell, Erik
    Simulation of a network capacity market and three middle-man strategies to price and sell dynamically routed point-to-point connection2003Conference paper (Refereed)
  • 15.
    Rasmusson, Lars
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Aurell, Erik
    Simulation of a network capacity market and three middle-man strategies to price and sell dynamically routed point-to-point connections2002Report (Other academic)
    Abstract [en]

    In a simulation of a computer network, the capacity between pairs of border routers in a network domain is sold on a spot market. End-users establish point-to-point connections across several domains by buying capacity in the domains along a path in the network. This paper compares three different trading strategies: spot requests, null broker requests, and derivative broker requests. Their performance is measured in terms of the ratio of successful connections, and the cost to establish a connection. Simulations of a network results show that the derivative broker requests typically performs better than the other two, especially in networks where prices fluctuate rapidly.

  • 16.
    Rasmusson, Lars
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Corcoran, Diarmuid
    Performance overhead of KVM on Linux 3.9 on ARM Cortex-A152013In: Proceedings of Workshop on Virtualization for Real-Time Embedded SystemsArticle in journal (Refereed)
    Abstract [en]

     A number of simple performance measurements on network, CPU and disk speed were done on a dual ARM Cortex- A15 machine running Linux inside a KVM virtual machine that uses virtio disk and networking. Unexpected behaviour was observed in the CPU and memory intensive benchmarks, and in the networking benchmarks. The average overhead of running inside KVM is between zero and 30 percent when the host is lightly loaded (running only the system software and the necessary qemu-system-arm virtualization code), but the relative overhead increases when both host and VM is busy. We conjecture that this is related to the scheduling inside the host Linux.

  • 17.
    Rasmusson, Lars
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Janson, Sverker
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Agents, self-interest and electronic markets1999In: Knowledge engineering review (Print), ISSN 0269-8889, E-ISSN 1469-8005, Vol. 14, no 2, p. 143-150Article in journal (Refereed)
  • 18.
    Rasmusson, Lars
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Janson, Sverker
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Libra, a Multi-hop Radio Network Bandwidth Market2007Conference paper (Refereed)
    Abstract [en]

    Libra is a two-level market which assigns fractional shares of time to the transmitting nodes in local regions of a multi-hop network. In Libra, users are assigned budgets by management and users assign funding to services within their budget limits. The purpose is to prioritize users and also optimize network utilization by preventing source nodes from injecting too much traffic into the network and thereby causing downstream packet loss. All transmitting nodes sell capacity in the region surrounding them, and buy capacity from their neighbors in order to be able to transmit. Streams buy capacity from each of the nodes on their paths, thus streams that cross the same region compete directly for the bandwidth in that region. Prices are adjusted incrementally on both levels.

  • 19.
    Rasmusson, Lars
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Paues, Gabriel
    Network components for market-based network admission and routing2002Report (Other academic)
    Abstract [en]

    We describe the architecture of a network, in which the traffic ow is controlled by a market. The network access is controlled by a trusted access node, that separates traffic into best effort and first class traffic, adds a source route header, and shapes the traffic. The network core consists of rapid forwarding devices, such as label switches, and source routing gateways. Network services, including dynamic routing, load balancing, and fault tolerance, are built by bundling the transmission capacity in several independent network domains into a service, a bundle of resources with the right properties. The service is priced as financial derivative contract, and traded on a market, independent of the network access control. Besides describing the network model, we show how to implement parts of the network access node functionality on a standard Linux machine. The implementation has been tested on a system of virtual Linux machines.

  • 20.
    Rasmusson, Lars
    et al.
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Rajabi Nasab, Mazdak
    Hypervisor Integrity Measurement Assistant2012Report (Other academic)
    Abstract [en]

    An attacker who has gained access to a computer may want to upload or modify configuration files, etc., and run arbitrary programs of his choice. We can severely restrict the power of the attacker by having a white-list of approved file checksums and preventing the kernel from loading loading any file with a bad checksum. The check may be placed in the kernel, but that requires a kernel that is prepared for it. The check may also be placed in a hypervisor which intercepts and prevents the kernel from loading a bad file. We describe the implementation of and give performance results for two systems. In one the checksumming, or integrity measurement, and decision is performed by the hypervisor instead of the OS. In the other only the final integrity decision is done in the hypervisor. By moving the integrity check out from the VM kernel it becomes harder for the intruder to bypass the check. We conclude that it is technically possible to put file integrity control into the hypervisor, both for kernels without and with pre-compiled support for integrity measurement.

1 - 20 of 20
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.35.7