USENIX Technical Program - Abstract - COOTS 99
Resource Control for Java Database Extensions
Grzegorz Czajkowski, Tobias Mayr, Praveen Seshadri, and Thorsten von Eicken, Cornell University
While object-relational database servers can be extended with
user-defined functions (UDFs), the security of the server may be compromised by these
extensions. The use of Java to implement the UDFs is promising because it addresses some
security concerns. However, it still permits interference between different users through
the uncontrolled consumption of resources. In this paper, we explore the use of a Java
resource management mechanism (JRes) to monitor resource consumption and enforce usage
constraints. JRes enhances the security of the database server in the presence of
extensions allowing for (i) detection and neutralization of denial-of-service attacks
aimed at resource monopolization, (ii) monitoring resource consumption which enables
precise billing of users relying on UDFs, and (iii) obtaining feedback that can be used
for adaptive query optimization.
The feedback can be utilized either by the UDFs themselves or by the
database system to dynamically modify the query execution plan. Both models have been
prototyped in the Cornell Predator database system. We describe the implementation
techniques, and present experiments that demonstrate the effects of the adaptive behavior
facilitated by JRes. We conclude that, minimally, a database system supporting extensions
should have a built-in resource monitoring and controlling mechanism. Moreover, in order
to fully exploit information provided by the resource control mechanisms, both the query
optimizer and the UDFs themselves should have access to this information.
- View the full text of this paper in
HTML form and
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
- To become a USENIX Member, please see our Membership Information.