ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
SOS: secure overlay services
Full text PdfPdf (211 KB)
Source Applications, Technologies, Architectures, and Protocols for Computer Communication archive
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications table of contents
Pittsburgh, Pennsylvania, USA
SESSION: Overlay networks table of contents
Pages: 61 - 72  
Year of Publication: 2002
ISBN:1-58113-570-X
Also published in ...
Authors
Angelos D. Keromytis  Columbia University, New York, NY
Vishal Misra  Columbia University, New York, NY
Dan Rubenstein  Columbia University, New York, NY
Sponsors
ACM: Association for Computing Machinery
SIGCOMM: ACM Special Interest Group on Data Communication
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 10,   Downloads (12 Months): 102,   Citation Count: 71
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/633025.633032
What is a DOI?

ABSTRACT

Denial of service (DoS) attacks continue to threaten the reliability of networking systems. Previous approaches for protecting networks from DoS attacks are reactive in that they wait for an attack to be launched before taking appropriate measures to protect the network. This leaves the door open for other attacks that use more sophisticated methods to mask their traffic.We propose an architecture called Secure Overlay Services (SOS) that proactively prevents DoS attacks, geared toward supporting Emergency Services or similar types of communication. The architecture is constructed using a combination of secure overlay tunneling, routing via consistent hashing, and filtering. We reduce the probability of successful attacks by (i) performing intensive filtering near protected network edges, pushing the attack point perimeter into the core of the network, where high-speed routers can handle the volume of attack traffic, and (ii) introducing randomness and anonymity into the architecture, making it difficult for an attacker to target nodes along the path to a specific SOS-protected destination.Using simple analytical models, we evaluate the likelihood that an attacker can successfully launch a DoS attack against an SOS-protected network. Our analysis demonstrates that such an architecture reduces the likelihood of a successful attack to minuscule levels.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
David Andersen , Hari Balakrishnan , Frans Kaashoek , Robert Morris, Resilient overlay networks, Proceedings of the eighteenth ACM symposium on Operating systems principles, October 21-24, 2001, Banff, Alberta, Canada
 
2
S. Blake, D. Black, M. Carlson, E. Davies, Z. Wang, and W. Weiss. An Architecture for Differentiated Services. Technical report, IETF RFC 2475, December 1998.
 
3
M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis. The KeyNote Trust Management System Version 2. Internet RFC 2704, September 1999.
 
4
M. Blaze, J. Ioannidis, and A. Keromytis. Trust Managent for IPsec. In Proceedings of Network and Distributed System Security Symposium (NDSS), pages 139--151, February 2001.
5
D. Clark, The design philosophy of the DARPA internet protocols, Symposium proceedings on Communications architectures and protocols, p.106-114, August 16-18, 1988, Stanford, California, United States
6
Frank Dabek , M. Frans Kaashoek , David Karger , Robert Morris , Ion Stoica, Wide-area cooperative storage with CFS, Proceedings of the eighteenth ACM symposium on Operating systems principles, October 21-24, 2001, Banff, Alberta, Canada
 
7
D. Dean, M. Franklin, and A. Stubblefield. An Algebraic Approach to IP Traceback. In Proceedings of the Network and Dsitributed System Security Symposium (NDSS), pages 3--12, February 2001.
 
8
D. Farinacci, T. Li, S. Hanks, D. Meyer, and P. Traina. Generic routing encapsulation (GRE). Request for Comments 2784, Internet Engineering Task Force, Mar. 2000.
 
9
D. Harkins and D. Carrel. The Internet Key Exchange (IKE). Request for Comments (Proposed Standard) 2409, Internet Engineering Task Force, Nov. 1998.
 
10
L. Heberlein and M. Bishop. Attack Class: Address Spoofing. In Proceedings of the 19th National Information Systems Security Conference, pages 371--377, October 1996.
 
11
John Ioannidis, Protocols for mobile internetworking, Columbia University, New York, NY, 1993
 
12
J. Ioannidis and S. M. Bellovin. Implementing Pushback: Router-Based Defense Against DDoS Attacks. In Proceedings of the Network and Distributed System Security Symposium (NDSS), February 2002.
13
Sotiris Ioannidis , Angelos D. Keromytis , Steve M. Bellovin , Jonathan M. Smith, Implementing a distributed firewall, Proceedings of the 7th ACM conference on Computer and communications security, p.190-199, November 01-04, 2000, Athens, Greece  [doi>10.1145/352600.353052]
14
David Karger , Eric Lehman , Tom Leighton , Rina Panigrahy , Matthew Levine , Daniel Lewin, Consistent hashing and random trees: distributed caching protocols for relieving hot spots on the World Wide Web, Proceedings of the twenty-ninth annual ACM symposium on Theory of computing, p.654-663, May 04-06, 1997, El Paso, Texas, United States  [doi>10.1145/258533.258660]
 
15
S. Kent and R. Atkinson. Security Architecture for the Internet Protocol. Request for Comments (Proposed Standard) 2401, Internet Engineering Task Force, Nov. 1998.
 
16
Angelos Dennis Keromytis , Jonathan M. Smith, Strongman: a scalable solution to trust management in networks, 2001
 
17
Leonard Kleinrock, Theory, Volume 1, Queueing Systems, Wiley-Interscience, 1975
 
18
D. Moore, G. Voelker, and S. Savage. Inferring Internet Denial-of-Service Activity. In Proceedings of the 10th USENIX Security Symposium, pages 9--22, August 2001.
 
19
C. Perkins. IP encapsulation within IP. Request for Comments 2003, Internet Engineering Task Force, Oct. 1996.
 
20
M. G. Reed, P. F. Syverson, and D. M. Goldschlag. Anonymous connections and onion routing. IEEE Journal on Special Areas in Communications, 16(4):482--494, 1998.
 
21
Keith W. Ross , Peter J. Hancock, Multiservice Loss Models for Broadband Telecommunication Networks, Springer-Verlag New York, Inc., Secaucus, NJ, 1995
22
J. H. Saltzer , D. P. Reed , D. D. Clark, End-to-end arguments in system design, ACM Transactions on Computer Systems (TOCS), v.2 n.4, p.277-288, Nov. 1984  [doi>10.1145/357401.357402]
23
Stefan Savage , Neal Cardwell , David Wetherall , Tom Anderson, TCP congestion control with a misbehaving receiver, ACM SIGCOMM Computer Communication Review, v.29 n.5, October 1999  [doi>10.1145/505696.505704]
 
24
Stefan Savage , David Wetherall , Anna Karlin , Tom Anderson, Network support for IP traceback, IEEE/ACM Transactions on Networking (TON), v.9 n.3, p.226-237, June 2001  [doi>10.1109/90.929847]
 
25
Christoph L. Schuba , Ivan V. Krsul , Markus G. Kuhn , Eugene H. spafford , Aurobindo Sundaram , Diego Zamboni, Analysis of a Denial of Service Attack on TCP, Proceedings of the 1997 IEEE Symposium on Security and Privacy, p.208, May 04-07, 1997
26
Ion Stoica , Robert Morris , David Karger , M. Frans Kaashoek , Hari Balakrishnan, Chord: A scalable peer-to-peer lookup service for internet applications, Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, p.149-160, August 2001, San Diego, California, United States

CITED BY  71
Alefiya Hussain , John Heidemann , Christos Papadopoulos, A framework for classifying denial of service attacks, Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications, August 25-29, 2003, Karlsruhe, Germany
Neil Daswani , Hector Garcia-Molina, Query-flood DoS attacks in gnutella, Proceedings of the 9th ACM conference on Computer and communications security, November 18-22, 2002, Washington, DC, USA
Hui Zhang , Ashish Goel , Ramesh Govindan, Incrementally improving lookup latency in distributed hash table systems, ACM SIGMETRICS Performance Evaluation Review, v.31 n.1, June 2003
Christos Douligeris , Aikaterini Mitrokotsa, DDoS attacks and defense mechanisms: classification and state-of-the-art, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.44 n.5, p.643-666, 5 April 2004
Cheng Jin , Haining Wang , Kang G. Shin, Hop-count filtering: an effective defense against spoofed DDoS traffic, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA
William G. Morein , Angelos Stavrou , Debra L. Cook , Angelos D. Keromytis , Vishal Misra , Dan Rubenstein, Using graphic turing tests to counter automated DDoS attacks against web servers, Proceedings of the 10th ACM conference on Computer and communications security, October 27-30, 2003, Washington D.C., USA
Karthik Lakshminarayanan , Daniel Adkins , Adrian Perrig , Ion Stoica, Taming IP packet flooding attacks, ACM SIGCOMM Computer Communication Review, v.34 n.1, January 2004
Tom Anderson , Timothy Roscoe , David Wetherall, Preventing Internet denial-of-service with capabilities, ACM SIGCOMM Computer Communication Review, v.34 n.1, January 2004
Alefiya Hussain , John Heidemann , Christos Papadopoulos, Distinguishing between single and multi-source attacks using signal processing, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.46 n.4, p.479-503, 15 November 2004
Jelena Mirkovic , Peter Reiher, A taxonomy of DDoS attack and DDoS defense mechanisms, ACM SIGCOMM Computer Communication Review, v.34 n.2, April 2004
Neil Daswani , Hector Garcia-Molina, Pong-cache poisoning in GUESS, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA
Hari Balakrishnan , Karthik Lakshminarayanan , Sylvia Ratnasamy , Scott Shenker , Ion Stoica , Michael Walfish, A layered naming architecture for the internet, ACM SIGCOMM Computer Communication Review, v.34 n.4, October 2004
Jelena Mirkovic , Max Robinson , Peter Reiher, Alliance formation for DDoS defense, Proceedings of the 2003 workshop on New security paradigms, August 18-21, 2003, Ascona, Switzerland
Angelos D. Keromytis , Janak Parekh , Philip N. Gross , Gail Kaiser , Vishal Misra , Jason Nieh , Dan Rubenstein , Sal Stolfo, A holistic approach to service survivability, Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security, p.11-22, October 31-31, 2003, Fairfax, VA
Ju Wang , Linyuan Lu , Andrew A. Chien, Tolerating denial-of-service attacks using overlay networks: impact of topology, Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security, p.43-52, October 31-31, 2003, Fairfax, VA
Theodore Diament , Homin K. Lee , Angelos D. Keromytis , Moti Yung, The dual receiver cryptosystem and its applications, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA
Stephanos Androutsellis-Theotokis , Diomidis Spinellis, A survey of peer-to-peer content distribution technologies, ACM Computing Surveys (CSUR), v.36 n.4, p.335-371, December 2004
Min Cai , Kai Hwang , Yu-Kwong Kwok , Shanshan Song , Yu Chen, Collaborative Internet Worm Containment, IEEE Security and Privacy, v.3 n.3, p.25-33, May 2005
Shigang Chen , Qingguo Song, Perimeter-Based Defense against High Bandwidth DDoS Attacks, IEEE Transactions on Parallel and Distributed Systems, v.16 n.6, p.526-537, June 2005
Thomas Anderson , Larry Peterson , Scott Shenker , Jonathan Turner, Overcoming the Internet Impasse through Virtualization, Computer, v.38 n.4, p.34-41, April 2005
Xiaowei Yang , David Wetherall , Thomas Anderson, A DoS-limiting network architecture, ACM SIGCOMM Computer Communication Review, v.35 n.4, October 2005
Sylvia Ratnasamy , Scott Shenker , Steven McCanne, Towards an evolvable internet architecture, ACM SIGCOMM Computer Communication Review, v.35 n.4, October 2005
Angelos Stavrou , Debra L. Cook , William G. Morein , Angelos D. Keromytis , Vishal Misra , Dan Rubenstein, WebSOS: an overlay-based system for protecting web servers from denial of service attacks, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.48 n.5, p.781-807, 5 August 2005
Angelos Stavrou , Angelos D. Keromytis, Countering DoS attacks with stateless multipath overlays, Proceedings of the 12th ACM conference on Computer and communications security, November 07-11, 2005, Alexandria, VA, USA
Hui Zhang , Ashish Goel , Ramesh Govindan, Improving lookup latency in distributed hash table systems using random sampling, IEEE/ACM Transactions on Networking (TON), v.13 n.5, p.1121-1134, October 2005
Chatree Sangpachatanaruk , Sherif M. Khattab , Taieb Znati , Rami Melhem , Daniel Mossé, Design and analysis of a replicated elusive server scheme for mitigating denial of service attacks, Journal of Systems and Software, v.73 n.1, p.15-29, September 2004
Jelena Mirkovic , Peter Reiher, D-WARD: A Source-End Defense against Flooding Denial-of-Service Attacks, IEEE Transactions on Dependable and Secure Computing, v.2 n.3, p.216-232, July 2005
Haining Wang , Danlu Zhang , Kang G. Shin, Change-Point Monitoring for the Detection of DoS Attacks, IEEE Transactions on Dependable and Secure Computing, v.1 n.4, p.193-208, October 2004
Brent Waters , Ari Juels , J. Alex Halderman , Edward W. Felten, New client puzzle outsourcing techniques for DoS resistance, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA
Hitesh Ballani , Paul Francis, Towards a global IP anycast service, ACM SIGCOMM Computer Communication Review, v.35 n.4, October 2005
Renata Teixeira , Keith Marzullo , Stefan Savage , Geoffrey M. Voelker, In search of path diversity in ISP networks, Proceedings of the 3rd ACM SIGCOMM conference on Internet measurement, October 27-29, 2003, Miami Beach, FL, USA
Yong Zhu , Constantinos Dovrolis , Mostafa Ammar, Dynamic overlay routing based on available bandwidth estimation: a simulation study, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.50 n.6, p.742-762, 13 April 2006
Tian Bu , Samphel Norden , Thomas Woo, A survivable DoS-resistant overlay network, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.50 n.9, p.1281-1301, 20 June 2006
Petros Maniatis , TJ Giuli , Mema Roussopoulos , David S. H. Rosenthal , Mary Baker, Impeding attrition attacks in P2P systems, Proceedings of the 11th workshop on ACM SIGOPS European workshop: beyond the PC, September 19-22, 2004, Leuven, Belgium
Patrick Traynor , Patrick McDaniel , Thomas La Porta, On attack causality in internet-connected cellular networks, Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p.1-16, August 06-10, 2007, Boston, MA
Shigang Chen , Yong Tang , Wenliang Du, Stateful DDoS attacks and targeted filtering, Journal of Network and Computer Applications, v.30 n.3, p.823-840, August, 2007
Bin Xiao , Wei Chen , Yanxiang He, A novel approach to detecting DDoS Attacks at an Early Stage, The Journal of Supercomputing, v.36 n.3, p.235-248, June 2006
Brian F. Cooper , Hector Garcia-Molina, SIL: a model for analyzing scalable peer-to-peer search networks, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.50 n.13, p.2380-2400, 15 September 2006
Matthias Bossardt , Thomas Dübendorfer , Bernhard Plattner, Enhanced Internet security by a distributed traffic control service based on traffic ownership, Journal of Network and Computer Applications, v.30 n.3, p.841-857, August, 2007
Vasilios A. Siris , Ilias Stavrakis, Provider-based deterministic packet marking against distributed DoS attacks, Journal of Network and Computer Applications, v.30 n.3, p.858-876, August, 2007
Miao Ma, Tabu marking scheme to speedup IP traceback, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.50 n.18, p.3536-3549, 21 December 2006
Yingfei Dong , Changho Choi , Zhi-Li Zhang, LIPS: a lightweight permit system for packet source origin accountability, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.50 n.18, p.3622-3641, 21 December 2006
Sherif Khattab , Rami Melhem , Daniel Mossé , Taieb Znati, Honeypot back-propagation for mitigating spoofing distributed Denial-of-Service attacks, Journal of Parallel and Distributed Computing, v.66 n.9, p.1152-1164, September 2006
Haining Wang , Cheng Jin , Kang G. Shin, Defense against spoofed IP traffic using hop-count filtering, IEEE/ACM Transactions on Networking (TON), v.15 n.1, p.40-53, February 2007
Rita H. Wouhaybi , Andrew T. Campbell, Building resilient low-diameter peer-to-peer topologies, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.52 n.5, p.1019-1039, April, 2008
Ali Fessi , Heiko Niedermayer , Holger Kinkelin , Georg Carle, A cooperative SIP infrastructure for highly reliable telecommunication services, Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, July 19-20, 2007, New York City, New York
Jeffrey J. Farris , David M. Nicol, Evaluation of secure peer-to-peer overlay routing for survivable SCADA systems, Proceedings of the 36th conference on Winter simulation, December 05-08, 2004, Washington, D.C.
Felipe Huici , Mark Handley, An edge-to-edge filtering architecture against DoS, ACM SIGCOMM Computer Communication Review, v.37 n.2, April 2007
Xiaoming Fu , Jon Crowcroft, GONE: an infrastructure overlay for resilient, DoS-limiting networking, Proceedings of the 2006 international workshop on Network and operating systems support for digital audio and video, November 22-23, 2006, Newport, Rhode Island
Chiping Tang , Philip K. McKinley, Topology-aware overlay path probing, Computer Communications, v.30 n.9, p.1994-2009, June, 2007
Taieb Znati , James Amadei , Daniel R. Pazehoski , Scott Sweeny, Design and Analysis of an Adaptive, Global Strategy for Detecting and Mitigating Distributed DoS Attacks in GRID Environments, Proceedings of the 39th annual Symposium on Simulation, p.2-9, April 02-06, 2006
Colin Dixon , Thomas Anderson , Arvind Krishnamurthy, Phalanx: withstanding multimillion-node botnets, Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation, p.45-58, April 16-18, 2008, San Francisco, California
Taieb Znati , James Amadei , Daniel R. Pazehoski , Scott Sweeny, On the Design and Performance of an Adaptive, Global Strategy for Detecting and Mitigating Distributed DoS Attacks in GRID and Collaborative Workflow Environments, Simulation, v.83 n.3, p.291-303, March 2007
Shigang Chen , Yibei Ling , Randy Chow , Ye Xia, AID: A global anti-DoS service, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.51 n.15, p.4252-4269, October, 2007
Soon Hin Khor , Nicolas Christin , Tina Wong , Akihiro Nakao, Power to the people: securing the internet one edge at a time, Proceedings of the 2007 workshop on Large scale attack defense, August 27-27, 2007, Kyoto, Japan
Mohamed Ali Kaafar , Laurent Mathy , Chadi Barakat , Kave Salamatian , Thierry Turletti , Walid Dabbous, Securing internet coordinate embedding systems, ACM SIGCOMM Computer Communication Review, v.37 n.4, October 2007
Don P. Cox , Youssif Al-Nashif , Salim Hariri, Application of autonomic agents for global information grid management and security, Proceedings of the 2007 summer computer simulation conference, July 16-19, 2007, San Diego, California
Samphel Norden , Katherine Guo, Support for resilient Peer-to-Peer gaming, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.51 n.14, p.4212-4233, October, 2007
Saikat Guha , Paul Francis, An end-middle-end approach to connection establishment, ACM SIGCOMM Computer Communication Review, v.37 n.4, October 2007
Chwan Hwa John Wu , Tong Liu, Simulation for intrusion-resilient, DDoS-resistant authentication system (IDAS), Proceedings of the 2008 Spring simulation multiconference, April 14-17, 2008, Ottawa, Canada
Mudhakar Srivatsa , Arun Iyengar , Jian Yin , Ling Liu, A middleware system for protecting against application level denial of service attacks, Proceedings of the ACM/IFIP/USENIX 2006 International Conference on Middleware, November 01-01, 2006, Melbourne, Australia
Minho Sung , Jun Xu , Jun Li , Li Li, Large-scale IP traceback in high-speed internet: practical techniques and information-theoretic foundation, IEEE/ACM Transactions on Networking (TON), v.16 n.6, p.1253-1266, December 2008
Xiaowei Yang , David Wetherall , Thomas Anderson, TVA: a DoS-limiting network architecture, IEEE/ACM Transactions on Networking (TON), v.16 n.6, p.1267-1280, December 2008
Patrick Traynor , William Enck , Patrick McDaniel , Thomas La Porta, Mitigating attacks on open functionality in SMS-capable cellular networks, IEEE/ACM Transactions on Networking (TON), v.17 n.1, p.40-53, February 2009
Brian F. Cooper, Trading off resources between overlapping overlays, Proceedings of the ACM/IFIP/USENIX 2006 International Conference on Middleware, November 01-01, 2006, Melbourne, Australia
Manish Jain , Puneet Sharma , Sujata Banerjee, QoS-guaranteed path selection algorithm for service composition, Proceedings of the 5th International ICST Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness, July 28-31, 2008, Hong Kong
Tao Peng , Christopher Leckie , Kotagiri Ramamohanarao, Survey of network-based defense mechanisms countering the DoS and DDoS problems, ACM Computing Surveys (CSUR), v.39 n.1, p.3-es, 2007
Yun Mao , Boon Thau Loo , Zachary Ives , Jonathan M. Smith, MOSAIC: unified declarative platform for dynamic overlay composition, Proceedings of the 2008 ACM CoNEXT Conference, p.1-12, December 09-12, 2008, Madrid, Spain
Katerina Argyraki , David R. Cheriton, Scalable network-layer defense against internet bandwidth-flooding attacks, IEEE/ACM Transactions on Networking (TON), v.17 n.4, p.1284-1297, August 2009
Matthias Baumgart , Christian Scheideler , Stefan Schmid, A DoS-resilient information system for dynamic data management, Proceedings of the twenty-first annual symposium on Parallelism in algorithms and architectures, August 11-13, 2009, Calgary, AB, Canada
Wenjun Zeng , Yingnan Zhu , Haibin Lu , Xinhua Zhuang, Path-diversity P2P overlay retransmissioll for reliable IP-multicast, IEEE Transactions on Multimedia, v.11 n.5, p.960-971, August 2009

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.0 General
          Subjects: Security and protection (e.g., firewalls)

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS
      C.2.1 Network Architecture and Design
          Subjects: Network topology


General Terms:
Reliability, Security


Keywords:
denial of service attacks, network security, overlay networks

Collaborative Colleagues:
Angelos D. Keromytis: colleagues
Vishal Misra: colleagues
Dan Rubenstein: colleagues
This Article has also been published in:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player