Hadoop云计算外文翻译文献

大数据外文翻译参考文献综述(文档含中英文对照即英文原文和中文翻译)原文：Data Mining and Data PublishingData mining is the extraction of vast interesting patterns or knowledge from huge amount of data. The initial idea of privacy-preserving data mining PPDM was to extend traditional data mining techniques to work with the data modified to mask sensitive information. The key issues were how to modify the data and how to recover the data mining result from the modified data. Privacy-preserving data mining considers the problem of running data mining algorithms on confidential data that is not supposed to be revealed even to the partyrunning the algorithm. In contrast, privacy-preserving data publishing (PPDP) may not necessarily be tied to a specific data mining task, and the data mining task may be unknown at the time of data publishing. PPDP studies how to transform raw data into a version that is immunized against privacy attacks but that still supports effective data mining tasks. Privacy-preserving for both data mining (PPDM) and data publishing (PPDP) has become increasingly popular because it allows sharing of privacy sensitive data for analysis purposes. One well studied approach is the k-anonymity model [1] which in turn led to other models such as confidence bounding, l-diversity, t-closeness, (α,k)-anonymity, etc. In particular, all known mechanisms try to minimize information loss and such an attempt provides a loophole for attacks. The aim of this paper is to present a survey for most of the common attacks techniques for anonymization-based PPDM & PPDP and explain their effects on Data Privacy.Although data mining is potentially useful, many data holders are reluctant to provide their data for data mining for the fear of violating individual privacy. In recent years, study has been made to ensure that the sensitive information of individuals cannot be identified easily.Anonymity Models, k-anonymization techniques have been the focus of intense research in the last few years. In order to ensure anonymization of data while at the same time minimizing the informationloss resulting from data modifications, everal extending models are proposed, which are discussed as follows.1.k-Anonymityk-anonymity is one of the most classic models, which technique that prevents joining attacks by generalizing and/or suppressing portions of the released microdata so that no individual can be uniquely distinguished from a group of size k. In the k-anonymous tables, a data set is k-anonymous (k ≥ 1) if each record in the data set is in- distinguishable from at least (k . 1) other records within the same data set. The larger the value of k, the better the privacy is protected. k-anonymity can ensure that individuals cannot be uniquely identified by linking attacks.2. Extending ModelsSince k-anonymity does not provide sufficient protection against attribute disclosure. The notion of l-diversity attempts to solve this problem by requiring that each equivalence class has at least l well-represented value for each sensitive attribute. The technology of l-diversity has some advantages than k-anonymity. Because k-anonymity dataset permits strong attacks due to lack of diversity in the sensitive attributes. In this model, an equivalence class is said to have l-diversity if there are at least l well-represented value for the sensitive attribute. Because there are semantic relationships among the attribute values, and different values have very different levels of sensitivity. Afteranonymization, in any equivalence class, the frequency (in fraction) of a sensitive value is no more than α.3. Related Research AreasSeveral polls show that the public has an in- creased sense of privacy loss. Since data mining is often a key component of information systems, homeland security systems, and monitoring and surveillance systems, it gives a wrong impression that data mining is a technique for privacy intrusion. This lack of trust has become an obstacle to the benefit of the technology. For example, the potentially beneficial data mining re- search project, Terrorism Information Awareness (TIA), was terminated by the US Congress due to its controversial procedures of collecting, sharing, and analyzing the trails left by individuals. Motivated by the privacy concerns on data mining tools, a research area called privacy-reserving data mining (PPDM) emerged in 2000. The initial idea of PPDM was to extend traditional data mining techniques to work with the data modified to mask sensitive information. The key issues were how to modify the data and how to recover the data mining result from the modified data. The solutions were often tightly coupled with the data mining algorithms under consideration. In contrast, privacy-preserving data publishing (PPDP) may not necessarily tie to a specific data mining task, and the data mining task is sometimes unknown at the time of data publishing. Furthermore, some PPDP solutions emphasize preserving the datatruthfulness at the record level, but PPDM solutions often do not preserve such property. PPDP Differs from PPDM in Several Major Ways as Follows ：1) PPDP focuses on techniques for publishing data, not techniques for data mining. In fact, it is expected that standard data mining techniques are applied on the published data. In contrast, the data holder in PPDM needs to randomize the data in such a way that data mining results can be recovered from the randomized data. To do so, the data holder must understand the data mining tasks and algorithms involved. This level of involvement is not expected of the data holder in PPDP who usually is not an expert in data mining.2) Both randomization and encryption do not preserve the truthfulness of values at the record level; therefore, the released data are basically meaningless to the recipients. In such a case, the data holder in PPDM may consider releasing the data mining results rather than the scrambled data.3) PPDP primarily “anonymizes” the data by hiding the identity of record owners, whereas PPDM seeks to directly hide the sensitive data. Excellent surveys and books in randomization and cryptographic techniques for PPDM can be found in the existing literature. A family of research work called privacy-preserving distributed data mining (PPDDM) aims at performing some data mining task on a set of private databasesowned by different parties. It follows the principle of Secure Multiparty Computation (SMC), and prohibits any data sharing other than the final data mining result. Clifton et al. present a suite of SMC operations, like secure sum, secure set union, secure size of set intersection, and scalar product, that are useful for many data mining tasks. In contrast, PPDP does not perform the actual data mining task, but concerns with how to publish the data so that the anonymous data are useful for data mining. We can say that PPDP protects privacy at the data level while PPDDM protects privacy at the process level. They address different privacy models and data mining scenarios. In the field of statistical disclosure control (SDC), the research works focus on privacy-preserving publishing methods for statistical tables. SDC focuses on three types of disclosures, namely identity disclosure, attribute disclosure, and inferential disclosure. Identity disclosure occurs if an adversary can identify a respondent from the published data. Revealing that an individual is a respondent of a data collection may or may not violate confidentiality requirements. Attribute disclosure occurs when confidential information about a respondent is revealed and can be attributed to the respondent. Attribute disclosure is the primary concern of most statistical agencies in deciding whether to publish tabular data. Inferential disclosure occurs when individual information can be inferred with high confidence from statistical information of the published data.Some other works of SDC focus on the study of the non-interactive query model, in which the data recipients can submit one query to the system. This type of non-interactive query model may not fully address the information needs of data recipients because, in some cases, it is very difficult for a data recipient to accurately construct a query for a data mining task in one shot. Consequently, there are a series of studies on the interactive query model, in which the data recipients, including adversaries, can submit a sequence of queries based on previously received query results. The database server is responsible to keep track of all queries of each user and determine whether or not the currently received query has violated the privacy requirement with respect to all previous queries. One limitation of any interactive privacy-preserving query system is that it can only answer a sublinear number of queries in total; otherwise, an adversary (or a group of corrupted data recipients) will be able to reconstruct all but 1 . o(1) fraction of the original data, which is a very strong violation of privacy. When the maximum number of queries is reached, the query service must be closed to avoid privacy leak. In the case of the non-interactive query model, the adversary can issue only one query and, therefore, the non-interactive query model cannot achieve the same degree of privacy defined by Introduction the interactive model. One may consider that privacy-reserving data publishing is a special case of the non-interactivequery model.This paper presents a survey for most of the common attacks techniques for anonymization-based PPDM & PPDP and explains their effects on Data Privacy. k-anonymity is used for security of respondents identity and decreases linking attack in the case of homogeneity attack a simple k-anonymity model fails and we need a concept which prevent from this attack solution is l-diversity. All tuples are arranged in well represented form and adversary will divert to l places or on l sensitive attributes. l-diversity limits in case of background knowledge attack because no one predicts knowledge level of an adversary. It is observe that using generalization and suppression we also apply these techniques on those attributes which doesn’t need th is extent of privacy and this leads to reduce the precision of publishing table. e-NSTAM (extended Sensitive Tuples Anonymity Method) is applied on sensitive tuples only and reduces information loss, this method also fails in the case of multiple sensitive tuples.Generalization with suppression is also the causes of data lose because suppression emphasize on not releasing values which are not suited for k factor. Future works in this front can include defining a new privacy measure along with l-diversity for multiple sensitive attribute and we will focus to generalize attributes without suppression using other techniques which are used to achieve k-anonymity because suppression leads to reduce the precision ofpublishing table.译文：数据挖掘和数据发布数据挖掘中提取出大量有趣的模式从大量的数据或知识。

英文原文:Title: Business Applications of Java. Author: Erbschloe, Michael, Business Applications of Java -- Research Starters Business, 2008DataBase: Research Starters - BusinessBusiness Applications of JavaThis article examines the growing use of Java technology in business applications. The history of Java is briefly reviewed along with the impact of open standards on the growth of the World Wide Web. Key components and concepts of the Java programming language are explained including the Java Virtual Machine. Examples of how Java is being used bye-commerce leaders is provided along with an explanation of how Java is used to develop data warehousing, data mining, and industrial automation applications. The concept of metadata modeling and the use of Extendable Markup Language (XML) are also explained.Keywords Application Programming Interfaces (API's); Enterprise JavaBeans (EJB); Extendable Markup Language (XML); HyperText Markup Language (HTML); HyperText Transfer Protocol (HTTP); Java Authentication and Authorization Service (JAAS); Java Cryptography Architecture (JCA); Java Cryptography Extension (JCE); Java Programming Language; Java Virtual Machine (JVM); Java2 Platform, Enterprise Edition (J2EE); Metadata Business Information Systems > Business Applications of JavaOverviewOpen standards have driven the e-business revolution. Networking protocol standards, such as Transmission Control Protocol/Internet Protocol (TCP/IP), HyperText Transfer Protocol (HTTP), and the HyperText Markup Language (HTML) Web standards have enabled universal communication via the Internet and the World Wide Web. As e-business continues to develop, various computing technologies help to drive its evolution.The Java programming language and platform have emerged as major technologies for performing e-business functions. Java programming standards have enabled portability of applications and the reuse of application components across computing platforms. Sun Microsystems' Java Community Process continues to be a strong base for the growth of the Java infrastructure and language standards. This growth of open standards creates new opportunities for designers and developers of applications and services (Smith, 2001).Creation of Java TechnologyJava technology was created as a computer programming tool in a small, secret effort called "the Green Project" at Sun Microsystems in 1991. The Green Team, fully staffed at 13 people and led by James Gosling, locked themselves away in an anonymous office on Sand Hill Road in Menlo Park, cut off from all regular communications with Sun, and worked around the clock for18 months. Their initial conclusion was that at least one significant trend would be the convergence of digitally controlled consumer devices and computers. A device-independent programming language code-named "Oak" was the result.To demonstrate how this new language could power the future of digital devices, the Green Team developed an interactive, handheld home-entertainment device controller targeted at the digital cable television industry. But the idea was too far ahead of its time, and the digital cable television industry wasn't ready for the leap forward that Java technology offered them. As it turns out, the Internet was ready for Java technology, and just in time for its initial public introduction in 1995, the team was able to announce that the Netscape Navigator Internet browser would incorporate Java technology ("Learn about Java," 2007).Applications of JavaJava uses many familiar programming concepts and constructs and allows portability by providing a common interface through an external Java Virtual Machine (JVM). A virtual machine is a self-contained operating environment, created by a software layer that behaves as if it were a separate computer. Benefits of creating virtual machines include better exploitation of powerful computing resources and isolation of applications to prevent cross-corruption and improve security (Matlis, 2006).The JVM allows computing devices with limited processors or memory to handle more advanced applications by calling up software instructions inside the JVM to perform most of the work. This also reduces the size and complexity of Java applications because many of the core functions and processing instructions were built into the JVM. As a result, software developersno longer need to re-create the same application for every operating system. Java also provides security by instructing the application to interact with the virtual machine, which served as a barrier between applications and the core system, effectively protecting systems from malicious code.Among other things, Java is tailor-made for the growing Internet because it makes it easy to develop new, dynamic applications that could make the most of the Internet's power and capabilities. Java is now an open standard, meaning that no single entity controls its development and the tools for writing programs in the language are available to everyone. The power of open standards like Java is the ability to break down barriers and speed up progress.Today, you can find Java technology in networks and devices that range from the Internet and scientific supercomputers to laptops and cell phones, from Wall Street market simulators to home game players and credit cards. There are over 3 million Java developers and now there are several versions of the code. Most large corporations have in-house Java developers. In addition, the majority of key software vendors use Java in their commercial applications (Lazaridis, 2003).ApplicationsJava on the World Wide WebJava has found a place on some of the most popular websites in the world and the uses of Java continues to grow. Java applications not only provide unique user interfaces, they also help to power the backend of websites. Two e-commerce giants that everybody is probably familiar with (eBay and Amazon) have been Java pioneers on the World Wide Web.eBayFounded in 1995, eBay enables e-commerce on a local, national and international basis with an array of Web sites-including the eBay marketplaces, PayPal, Skype, and -that bring together millions of buyers and sellers every day. You can find it on eBay, even if you didn't know it existed. On a typical day, more than 100 million items are listed on eBay in tens of thousands of categories. Recent listings have included a tunnel boring machine from the Chunnel project, a cup of water that once belonged to Elvis, and the Volkswagen that Pope Benedict XVI owned before he moved up to the Popemobile. More than one hundred million items are available at any given time, from the massive to the miniature, the magical to the mundane, on eBay; the world's largest online marketplace.eBay uses Java almost everywhere. To address some security issues, eBay chose Sun Microsystems' Java System Identity Manager as the platform for revamping its identity management system. The task at hand was to provide identity management for more than 12,000 eBay employees and contractors.Now more than a thousand eBay software developers work daily with Java applications. Java's inherent portability allows eBay to move to new hardware to take advantage of new technology, packaging, or pricing, without having to rewrite Java code ("eBay drives explosive growth," 2007).Amazon (a large seller of books, CDs, and other products) has created a Web Service application that enables users to browse their product catalog and place orders. uses a Java application that searches the Amazon catalog for books whose subject matches a user-selected topic. The application displays ten books that match the chosen topic, and shows the author name, book title, list price, Amazon discount price, and the cover icon. The user may optionally view one review per displayed title and make a buying decision (Stearns & Garishakurthi, 2003).Java in Data Warehousing & MiningAlthough many companies currently benefit from data warehousing to support corporate decision making, new business intelligence approaches continue to emerge that can be powered by Java technology. Applications such as data warehousing, data mining, Enterprise Information Portals (EIP's), and Knowledge Management Systems (which can all comprise a businessintelligence application) are able to provide insight into customer retention, purchasing patterns, and even future buying behavior.These applications can not only tell what has happened but why and what may happen given certain business conditions; allowing for "what if" scenarios to be explored. As a result of this information growth, people at all levels inside the enterprise, as well as suppliers, customers, and others in the value chain, are clamoring for subsets of the vast stores of information such as billing, shipping, and inventory information, to help them make business decisions. While collecting and storing vast amounts of data is one thing, utilizing and deploying that data throughout the organization is another.The technical challenges inherent in integrating disparate data formats, platforms, and applications are significant. However, emerging standards such as the Application Programming Interfaces (API's) that comprise the Java platform, as well as Extendable Markup Language (XML) technologies can facilitate the interchange of data and the development of next generation data warehousing and business intelligence applications. While Java technology has been used extensively for client side access and to presentation layer challenges, it is rapidly emerging as a significant tool for developing scaleable server side programs. The Java2 Platform, Enterprise Edition (J2EE) provides the object, transaction, and security support for building such systems.Metadata IssuesOne of the key issues that business intelligence developers must solve is that of incompatible metadata formats. Metadata can be defined as information about data or simply "data about data." In practice, metadata is what most tools, databases, applications, and other information processes use to define, relate, and manipulate data objects within their own environments. It defines the structure and meaning of data objects managed by an application so that the application knows how to process requests or jobs involving those data objects. Developers can use this schema to create views for users. Also, users can browse the schema to better understand the structure and function of the database tables before launching a query.To address the metadata issue, a group of companies (including Unisys, Oracle, IBM, SAS Institute, Hyperion, Inline Software and Sun) have joined to develop the Java Metadata Interface (JMI) API. The JMI API permits the access and manipulation of metadata in Java with standard metadata services. JMI is based on the Meta Object Facility (MOF) specification from the Object Management Group (OMG). The MOF provides a model and a set of interfaces for the creation, storage, access, and interchange of metadata and metamodels (higher-level abstractions of metadata). Metamodel and metadata interchange is done via XML and uses the XML Metadata Interchange (XMI) specification, also from the OMG. JMI leverages Java technology to create an end-to-end data warehousing and business intelligence solutions framework.Enterprise JavaBeansA key tool provided by J2EE is Enterprise JavaBeans (EJB), an architecture for the development of component-based distributed business applications. Applications written using the EJB architecture are scalable, transactional, secure, and multi-user aware. These applications may be written once and then deployed on any server platform that supports J2EE. The EJB architecture makes it easy for developers to write components, since they do not need to understand or deal with complex, system-level details such as thread management, resource pooling, and transaction and security management. This allows for role-based development where component assemblers, platform providers and application assemblers can focus on their area of responsibility further simplifying application development.EJB's in the Travel IndustryA case study from the travel industry helps to illustrate how such applications could function. A travel company amasses a great deal of information about its operations in various applications distributed throughout multiple departments. Flight, hotel, and automobile reservation information is located in a database being accessed by travel agents worldwide. Another application contains information that must be updated with credit and billing historyfrom a financial services company. Data is periodically extracted from the travel reservation system databases to spreadsheets for use in future sales and marketing analysis.Utilizing J2EE, the company could consolidate application development within an EJB container, which can run on a variety of hardware and software platforms allowing existing databases and applications to coexist with newly developed ones. EJBs can be developed to model various data sets important to the travel reservation business including information about customer, hotel, car rental agency, and other attributes.Data Storage & AccessData stored in existing applications can be accessed with specialized connectors. Integration and interoperability of these data sources is further enabled by the metadata repository that contains metamodels of the data contained in the sources, which then can be accessed and interchanged uniformly via the JMI API. These metamodels capture the essential structure and semantics of business components, allowing them to be accessed and queried via the JMI API or to be interchanged via XML. Through all of these processes, the J2EE infrastructure ensures the security and integrity of the data through transaction management and propagation and the underlying security architecture.To consolidate historical information for analysis of sales and marketing trends, a data warehouse is often the best solution. In this example, data can be extracted from the operational systems with a variety of Extract, Transform and Load tools (ETL). The metamodels allow EJBsdesigned for filtering, transformation, and consolidation of data to operate uniformly on datafrom diverse data sources as the bean is able to query the metamodel to identify and extract the pertinent fields. Queries and reports can be run against the data warehouse that contains information from numerous sources in a consistent, enterprise-wide fashion through the use of the JMI API (Mosher & Oh, 2007).Java in Industrial SettingsMany people know Java only as a tool on the World Wide Web that enables sites to perform some of their fancier functions such as interactivity and animation. However, the actual uses for Java are much more widespread. Since Java is an object-oriented language like C++, the time needed for application development is minimal. Java also encourages good software engineering practices with clear separation of interfaces and implementations as well as easy exception handling.In addition, Java's automatic memory management and lack of pointers remove some leading causes of programming errors. Most importantly, application developers do not need to create different versions of the software for different platforms. The advantages available through Java have even found their way into hardware. The emerging new Java devices are streamlined systems that exploit network servers for much of their processing power, storage, content, and administration.Benefits of JavaThe benefits of Java translate across many industries, and some are specific to the control and automation environment. For example, many plant-floor applications use relatively simple equipment; upgrading to PCs would be expensive and undesirable. Java's ability to run on any platform enables the organization to make use of the existing equipment while enhancing the application.IntegrationWith few exceptions, applications running on the factory floor were never intended to exchange information with systems in the executive office, but managers have recently discovered the need for that type of information. Before Java, that often meant bringing together data from systems written on different platforms in different languages at different times. Integration was usually done on a piecemeal basis, resulting in a system that, once it worked, was unique to the two applications it was tying together. Additional integration required developing a brand new system from scratch, raising the cost of integration.Java makes system integration relatively easy. Foxboro Controls Inc., for example, used Java to make its dynamic-performance-monitor software package Internet-ready. This software provides senior executives with strategic information about a plant's operation. The dynamic performance monitor takes data from instruments throughout the plant and performs variousmathematical and statistical calculations on them, resulting in information (usually financial) that a manager can more readily absorb and use.ScalabilityAnother benefit of Java in the industrial environment is its scalability. In a plant, embedded applications such as automated data collection and machine diagnostics provide critical data regarding production-line readiness or operation efficiency. These data form a critical ingredient for applications that examine the health of a production line or run. Users of these devices can take advantage of the benefits of Java without changing or upgrading hardware. For example, operations and maintenance personnel could carry a handheld, wireless, embedded-Java device anywhere in the plant to monitor production status or problems.Even when internal compatibility is not an issue, companies often face difficulties when suppliers with whom they share information have incompatible systems. This becomes more of a problem as supply-chain management takes on a more critical role which requires manufacturers to interact more with offshore suppliers and clients. The greatest efficiency comes when all systems can communicate with each other and share information seamlessly. Since Java is so ubiquitous, it often solves these problems (Paula, 1997).Dynamic Web Page DevelopmentJava has been used by both large and small organizations for a wide variety of applications beyond consumer oriented websites. Sandia, a multiprogram laboratory of the U.S. Department of Energy's National Nuclear Security Administration, has developed a unique Java application. The lab was tasked with developing an enterprise-wide inventory tracking and equipment maintenance system that provides dynamic Web pages. The developers selected Java Studio Enterprise 7 for the project because of its Application Framework technology and Web Graphical User Interface (GUI) components, which allow the system to be indexed by an expandable catalog. The flexibility, scalability, and portability of Java helped to reduce development timeand costs (Garcia, 2004)IssueJava Security for E-Business ApplicationsTo support the expansion of their computing boundaries, businesses have deployed Web application servers (WAS). A WAS differs from a traditional Web server because it provides a more flexible foundation for dynamic transactions and objects, partly through the exploitation of Java technology. Traditional Web servers remain constrained to servicing standard HTTP requests, returning the contents of static HTML pages and images or the output from executed Common Gateway Interface (CGI ) scripts.An administrator can configure a WAS with policies based on security specifications for Java servlets and manage authentication and authorization with Java Authentication andAuthorization Service (JAAS) modules. An authentication and authorization service can bewritten in Java code or interface to an existing authentication or authorization infrastructure. Fora cryptography-based security infrastructure, the security server may exploit the Java Cryptography Architecture (JCA) and Java Cryptography Extension (JCE). To present the user with a usable interaction with the WAS environment, the Web server can readily employ a formof "single sign-on" to avoid redundant authentication requests. A single sign-on preserves user authentication across multiple HTTP requests so that the user is not prompted many times for authentication data (i.e., user ID and password).Based on the security policies, JAAS can be employed to handle the authentication process with the identity of the Java client. After successful authentication, the WAS securitycollaborator consults with the security server. The WAS environment authentication requirements can be fairly complex. In a given deployment environment, all applications or solutions may not originate from the same vendor. In addition, these applications may be running on different operating systems. Although Java is often the language of choice for portability between platforms, it needs to marry its security features with those of the containing environment.Authentication & AuthorizationAuthentication and authorization are key elements in any secure information handling system. Since the inception of Java technology, much of the authentication and authorization issues have been with respect to downloadable code running in Web browsers. In many ways, this had been the correct set of issues to address, since the client's system needs to be protected from mobile code obtained from arbitrary sites on the Internet. As Java technology moved from a client-centric Web technology to a server-side scripting and integration technology, it required additional authentication and authorization technologies.The kind of proof required for authentication may depend on the security requirements of a particular computing resource or specific enterprise security policies. To provide such flexibility, the JAAS authentication framework is based on the concept of configurable authenticators. This architecture allows system administrators to configure, or plug in, the appropriate authenticatorsto meet the security requirements of the deployed application. The JAAS architecture also allows applications to remain independent from underlying authentication mechanisms. So, as new authenticators become available or as current authentication services are updated, system administrators can easily replace authenticators without having to modify or recompile existing applications.At the end of a successful authentication, a request is associated with a user in the WAS user registry. After a successful authentication, the WAS consults security policies to determine if the user has the required permissions to complete the requested action on the servlet. This policy canbe enforced using the WAS configuration (declarative security) or by the servlet itself (programmatic security), or a combination of both.The WAS environment pulls together many different technologies to service the enterprise. Because of the heterogeneous nature of the client and server entities, Java technology is a good choice for both administrators and developers. However, to service the diverse security needs of these entities and their tasks, many Java security technologies must be used, not only at a primary level between client and server entities, but also at a secondary level, from served objects. By using a synergistic mix of the various Java security technologies, administrators and developers can make not only their Web application servers secure, but their WAS environments secure as well (Koved, 2001).ConclusionOpen standards have driven the e-business revolution. As e-business continues to develop, various computing technologies help to drive its evolution. The Java programming language and platform have emerged as major technologies for performing e-business functions. Java programming standards have enabled portability of applications and the reuse of application components. Java uses many familiar concepts and constructs and allows portability by providing a common interface through an external Java Virtual Machine (JVM). Today, you can find Java technology in networks and devices that range from the Internet and scientific supercomputers to laptops and cell phones, from Wall Street market simulators to home game players and credit cards.Java has found a place on some of the most popular websites in the world. Java applications not only provide unique user interfaces, they also help to power the backend of websites. While Java technology has been used extensively for client side access and in the presentation layer, it is also emerging as a significant tool for developing scaleable server side programs.Since Java is an object-oriented language like C++, the time needed for application development is minimal. Java also encourages good software engineering practices with clear separation of interfaces and implementations as well as easy exception handling. Java's automatic memory management and lack of pointers remove some leading causes of programming errors. The advantages available through Java have also found their way into hardware. The emerging new Java devices are streamlined systems that exploit network servers for much of their processing power, storage, content, and administration.中文翻译:标题：Java的商业应用。

云计算外文翻译参考文献(文档含中英文对照即英文原文和中文翻译)原文:Technical Issues of Forensic Investigations in Cloud Computing EnvironmentsDominik BirkRuhr-University BochumHorst Goertz Institute for IT SecurityBochum, GermanyRuhr-University BochumHorst Goertz Institute for IT SecurityBochum, GermanyAbstract—Cloud Computing is arguably one of the most discussedinformation technologies today. It presents many promising technological and economical opportunities. However, many customers remain reluctant to move their business IT infrastructure completely to the cloud. One of their main concerns is Cloud Security and the threat of the unknown. Cloud Service Providers(CSP) encourage this perception by not letting their customers see what is behind their virtual curtain. A seldomly discussed, but in this regard highly relevant open issue is the ability to perform digital investigations. This continues to fuel insecurity on the sides of both providers and customers. Cloud Forensics constitutes a new and disruptive challenge for investigators. Due to the decentralized nature of data processing in the cloud, traditional approaches to evidence collection and recovery are no longer practical. This paper focuses on the technical aspects of digital forensics in distributed cloud environments. We contribute by assessing whether it is possible for the customer of cloud computing services to perform a traditional digital investigation from a technical point of view. Furthermore we discuss possible solutions and possible new methodologies helping customers to perform such investigations.I. INTRODUCTIONAlthough the cloud might appear attractive to small as well as to large companies, it does not come along without its own unique problems. Outsourcing sensitive corporate data into the cloud raises concerns regarding the privacy and security of data. Security policies, companies main pillar concerning security, cannot be easily deployed into distributed, virtualized cloud environments. This situation is further complicated by the unknown physical location of the companie’s assets. Normally,if a security incident occurs, the corporate security team wants to be able to perform their own investigation without dependency on third parties. In the cloud, this is not possible anymore: The CSP obtains all the power over the environmentand thus controls the sources of evidence. In the best case, a trusted third party acts as a trustee and guarantees for the trustworthiness of the CSP. Furthermore, the implementation of the technical architecture and circumstances within cloud computing environments bias the way an investigation may be processed. In detail, evidence data has to be interpreted by an investigator in a We would like to thank the reviewers for the helpful comments and Dennis Heinson (Center for Advanced Security Research Darmstadt - CASED) for the profound discussions regarding the legal aspects of cloud forensics. proper manner which is hardly be possible due to the lackof circumstantial information. For auditors, this situation does not change: Questions who accessed specific data and information cannot be answered by the customers, if no corresponding logs are available. With the increasing demand for using the power of the cloud for processing also sensible information and data, enterprises face the issue of Data and Process Provenance in the cloud [10]. Digital provenance, meaning meta-data that describes the ancestry or history of a digital object, is a crucial feature for forensic investigations. In combination with a suitable authentication scheme, it provides information about who created and who modified what kind of data in the cloud. These are crucial aspects for digital investigations in distributed environments such as the cloud. Unfortunately, the aspects of forensic investigations in distributed environment have so far been mostly neglected by the research community. Current discussion centers mostly around security, privacy and data protection issues [35], [9], [12]. The impact of forensic investigations on cloud environments was little noticed albeit mentioned by the authors of [1] in 2009: ”[...] to our knowledge, no research has been published on how cloud computing environments affect digital artifacts,and on acquisition logistics and legal issues related to cloud computing env ironments.” This statement is also confirmed by other authors [34], [36], [40] stressing that further research on incident handling, evidence tracking and accountability in cloud environments has to be done. At the same time, massive investments are being made in cloud technology. Combined with the fact that information technology increasingly transcendents peoples’ private and professional life, thus mirroring more and more of peoples’actions, it becomes apparent that evidence gathered from cloud environments will be of high significance to litigation or criminal proceedings in the future. Within this work, we focus the notion of cloud forensics by addressing the technical issues of forensics in all three major cloud service models and consider cross-disciplinary aspects. Moreover, we address the usability of various sources of evidence for investigative purposes and propose potential solutions to the issues from a practical standpoint. This work should be considered as a surveying discussion of an almost unexplored research area. The paper is organized as follows: We discuss the related work and the fundamental technical background information of digital forensics, cloud computing and the fault model in section II and III. In section IV, we focus on the technical issues of cloud forensics and discuss the potential sources and nature of digital evidence as well as investigations in XaaS environments including thecross-disciplinary aspects. We conclude in section V.II. RELATED WORKVarious works have been published in the field of cloud security and privacy [9], [35], [30] focussing on aspects for protecting data in multi-tenant, virtualized environments. Desired security characteristics for current cloud infrastructures mainly revolve around isolation of multi-tenant platforms [12], security of hypervisors in order to protect virtualized guest systems and secure network infrastructures [32]. Albeit digital provenance, describing the ancestry of digital objects, still remains a challenging issue for cloud environments, several works have already been published in this field [8], [10] contributing to the issues of cloud forensis. Within this context, cryptographic proofs for verifying data integrity mainly in cloud storage offers have been proposed,yet lacking of practical implementations [24], [37], [23]. Traditional computer forensics has already well researched methods for various fields of application [4], [5], [6], [11], [13]. Also the aspects of forensics in virtual systems have been addressed by several works [2], [3], [20] including the notionof virtual introspection [25]. In addition, the NIST already addressed Web Service Forensics [22] which has a huge impact on investigation processes in cloud computing environments. In contrast, the aspects of forensic investigations in cloud environments have mostly been neglected by both the industry and the research community. One of the first papers focusing on this topic was published by Wolthusen [40] after Bebee et al already introduced problems within cloud environments [1]. Wolthusen stressed that there is an inherent strong need for interdisciplinary work linking the requirements and concepts of evidence arising from the legal field to what can be feasibly reconstructed and inferred algorithmically or in an exploratory manner. In 2010, Grobauer et al [36] published a paper discussing the issues of incident response in cloud environments - unfortunately no specific issues and solutions of cloud forensics have been proposed which will be done within this work.III. TECHNICAL BACKGROUNDA. Traditional Digital ForensicsThe notion of Digital Forensics is widely known as the practice of identifying, extracting and considering evidence from digital media. Unfortunately, digital evidence is both fragile and volatile and therefore requires the attention of special personnel and methods in order to ensure that evidence data can be proper isolated and evaluated. Normally, the process of a digital investigation can be separated into three different steps each having its own specificpurpose:1) In the Securing Phase, the major intention is the preservation of evidence for analysis. The data has to be collected in a manner that maximizes its integrity. This is normally done by a bitwise copy of the original media. As can be imagined, this represents a huge problem in the field of cloud computing where you never know exactly where your data is and additionallydo not have access to any physical hardware. However, the snapshot technology, discussed in section IV-B3, provides a powerful tool to freeze system states and thus makes digital investigations, at least in IaaS scenarios, theoretically possible.2) We refer to the Analyzing Phase as the stage in which the data is sifted and combined. It is in this phase that the data from multiple systems or sources is pulled together to create as complete a picture and event reconstruction as possible. Especially in distributed system infrastructures, this means that bits and pieces of data are pulled together for deciphering the real story of what happened and for providing a deeper look into the data.3) Finally, at the end of the examination and analysis of the data, the results of the previous phases will be reprocessed in the Presentation Phase. The report, created in this phase, is a compilation of all the documentation and evidence from the analysis stage. The main intention of such a report is that it contains all results, it is complete and clear to understand. Apparently, the success of these three steps strongly depends on the first stage. If it is not possible to secure the complete set of evidence data, no exhaustive analysis will be possible. However, in real world scenarios often only a subset of the evidence data can be secured by the investigator. In addition, an important definition in the general context of forensics is the notion of a Chain of Custody. This chain clarifies how and where evidence is stored and who takes possession of it. Especially for cases which are brought to court it is crucial that the chain of custody is preserved.B. Cloud ComputingAccording to the NIST [16], cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal CSP interaction. The new raw definition of cloud computing brought several new characteristics such as multi-tenancy, elasticity, pay-as-you-go and reliability. Within this work, the following three models are used: In the Infrastructure asa Service (IaaS) model, the customer is using the virtual machine provided by the CSP for installing his own system on it. The system can be used like any other physical computer with a few limitations. However, the additive customer power over the system comes along with additional security obligations. Platform as a Service (PaaS) offerings provide the capability to deploy application packages created using the virtual development environment supported by the CSP. For the efficiency of software development process this service model can be propellent. In the Software as a Service (SaaS) model, the customer makes use of a service run by the CSP on a cloud infrastructure. In most of the cases this service can be accessed through an API for a thin client interface such as a web browser. Closed-source public SaaS offers such as Amazon S3 and GoogleMail can only be used in the public deployment model leading to further issues concerning security, privacy and the gathering of suitable evidences. Furthermore, two main deployment models, private and public cloud have to be distinguished. Common public clouds are made available to the general public. The corresponding infrastructure is owned by one organization acting as a CSP and offering services to its customers. In contrast, the private cloud is exclusively operated for an organization but may not provide the scalability and agility of public offers. The additional notions of community and hybrid cloud are not exclusively covered within this work. However, independently from the specific model used, the movement of applications and data to the cloud comes along with limited control for the customer about the application itself, the data pushed into the applications and also about the underlying technical infrastructure.C. Fault ModelBe it an account for a SaaS application, a development environment (PaaS) or a virtual image of an IaaS environment, systems in the cloud can be affected by inconsistencies. Hence, for both customer and CSP it is crucial to have the ability to assign faults to the causing party, even in the presence of Byzantine behavior [33]. Generally, inconsistencies can be caused by the following two reasons:1) Maliciously Intended FaultsInternal or external adversaries with specific malicious intentions can cause faults on cloud instances or applications. Economic rivals as well as former employees can be the reason for these faults and state a constant threat to customers and CSP. In this model, also a malicious CSP is included albeit he isassumed to be rare in real world scenarios. Additionally, from the technical point of view, the movement of computing power to a virtualized, multi-tenant environment can pose further threads and risks to the systems. One reason for this is that if a single system or service in the cloud is compromised, all other guest systems and even the host system are at risk. Hence, besides the need for further security measures, precautions for potential forensic investigations have to be taken into consideration.2) Unintentional FaultsInconsistencies in technical systems or processes in the cloud do not have implicitly to be caused by malicious intent. Internal communication errors or human failures can lead to issues in the services offered to the costumer(i.e. loss or modification of data). Although these failures are not caused intentionally, both the CSP and the customer have a strong intention to discover the reasons and deploy corresponding fixes.IV. TECHNICAL ISSUESDigital investigations are about control of forensic evidence data. From the technical standpoint, this data can be available in three different states: at rest, in motion or in execution. Data at rest is represented by allocated disk space. Whether the data is stored in a database or in a specific file format, it allocates disk space. Furthermore, if a file is deleted, the disk space is de-allocated for the operating system but the data is still accessible since the disk space has not been re-allocated and overwritten. This fact is often exploited by investigators which explore these de-allocated disk space on harddisks. In case the data is in motion, data is transferred from one entity to another e.g. a typical file transfer over a network can be seen as a data in motion scenario. Several encapsulated protocols contain the data each leaving specific traces on systems and network devices which can in return be used by investigators. Data can be loaded into memory and executed as a process. In this case, the data is neither at rest or in motion but in execution. On the executing system, process information, machine instruction and allocated/de-allocated data can be analyzed by creating a snapshot of the current system state. In the following sections, we point out the potential sources for evidential data in cloud environments and discuss the technical issues of digital investigations in XaaS environmentsas well as suggest several solutions to these problems.A. Sources and Nature of EvidenceConcerning the technical aspects of forensic investigations, the amount of potential evidence available to the investigator strongly diverges between thedifferent cloud service and deployment models. The virtual machine (VM), hosting in most of the cases the server application, provides several pieces of information that could be used by investigators. On the network level, network components can provide information about possible communication channels between different parties involved. The browser on the client, acting often as the user agent for communicating with the cloud, also contains a lot of information that could be used as evidence in a forensic investigation. Independently from the used model, the following three components could act as sources for potential evidential data.1) Virtual Cloud Instance: The VM within the cloud, where i.e. data is stored or processes are handled, contains potential evidence [2], [3]. In most of the cases, it is the place where an incident happened and hence provides a good starting point for a forensic investigation. The VM instance can be accessed by both, the CSP and the customer who is running the instance. Furthermore, virtual introspection techniques [25] provide access to the runtime state of the VM via the hypervisor and snapshot technology supplies a powerful technique for the customer to freeze specific states of the VM. Therefore, virtual instances can be still running during analysis which leads to the case of live investigations [41] or can be turned off leading to static image analysis. In SaaS and PaaS scenarios, the ability to access the virtual instance for gathering evidential information is highly limited or simply not possible.2) Network Layer: Traditional network forensics is knownas the analysis of network traffic logs for tracing events that have occurred in the past. Since the different ISO/OSI network layers provide several information on protocols and communication between instances within as well as with instances outside the cloud [4], [5], [6], network forensics is theoretically also feasible in cloud environments. However in practice, ordinary CSP currently do not provide any log data from the network components used by the customer’s instances or applications. For instance, in case of a malware infection of an IaaS VM, it will be difficult for the investigator to get any form of routing information and network log datain general which is crucial for further investigative steps. This situation gets even more complicated in case of PaaS or SaaS. So again, the situation of gathering forensic evidence is strongly affected by the support the investigator receives from the customer and the CSP.3) Client System: On the system layer of the client, it completely depends on the used model (IaaS, PaaS, SaaS) if and where potential evidence could beextracted. In most of the scenarios, the user agent (e.g. the web browser) on the client system is the only application that communicates with the service in the cloud. This especially holds for SaaS applications which are used and controlled by the web browser. But also in IaaS scenarios, the administration interface is often controlled via the browser. Hence, in an exhaustive forensic investigation, the evidence data gathered from the browser environment [7] should not be omitted.a) Browser Forensics: Generally, the circumstances leading to an investigation have to be differentiated: In ordinary scenarios, the main goal of an investigation of the web browser is to determine if a user has been victim of a crime. In complex SaaS scenarios with high client-server interaction, this constitutes a difficult task. Additionally, customers strongly make use of third-party extensions [17] which can be abused for malicious purposes. Hence, the investigator might want to look for malicious extensions, searches performed, websites visited, files downloaded, information entered in forms or stored in local HTML5 stores, web-based email contents and persistent browser cookies for gathering potential evidence data. Within this context, it is inevitable to investigate the appearance of malicious JavaScript [18] leading to e.g. unintended AJAX requests and hence modified usage of administration interfaces. Generally, the web browser contains a lot of electronic evidence data that could be used to give an answer to both of the above questions - even if the private mode is switched on [19].B. Investigations in XaaS EnvironmentsTraditional digital forensic methodologies permit investigators to seize equipment and perform detailed analysis on the media and data recovered [11]. In a distributed infrastructure organization like the cloud computing environment, investigators are confronted with an entirely different situation. They have no longer the option of seizing physical data storage. Data and processes of the customer are dispensed over an undisclosed amount of virtual instances, applications and network elements. Hence, it is in question whether preliminary findings of the computer forensic community in the field of digital forensics apparently have to be revised and adapted to the new environment. Within this section, specific issues of investigations in SaaS, PaaS and IaaS environments will be discussed. In addition, cross-disciplinary issues which affect several environments uniformly, will be taken into consideration. We also suggest potential solutions to the mentioned problems.1) SaaS Environments: Especially in the SaaS model, the customer does notobtain any control of the underlying operating infrastructure such as network, servers, operating systems or the application that is used. This means that no deeper view into the system and its underlying infrastructure is provided to the customer. Only limited userspecific application configuration settings can be controlled contributing to the evidences which can be extracted fromthe client (see section IV-A3). In a lot of cases this urges the investigator to rely on high-level logs which are eventually provided by the CSP. Given the case that the CSP does not run any logging application, the customer has no opportunity to create any useful evidence through the installation of any toolkit or logging tool. These circumstances do not allow a valid forensic investigation and lead to the assumption that customers of SaaS offers do not have any chance to analyze potential incidences.a) Data Provenance: The notion of Digital Provenance is known as meta-data that describes the ancestry or history of digital objects. Secure provenance that records ownership and process history of data objects is vital to the success of data forensics in cloud environments, yet it is still a challenging issue today [8]. Albeit data provenance is of high significance also for IaaS and PaaS, it states a huge problem specifically for SaaS-based applications: Current global acting public SaaS CSP offer Single Sign-On (SSO) access control to the set of their services. Unfortunately in case of an account compromise, most of the CSP do not offer any possibility for the customer to figure out which data and information has been accessed by the adversary. For the victim, this situation can have tremendous impact: If sensitive data has been compromised, it is unclear which data has been leaked and which has not been accessed by the adversary. Additionally, data could be modified or deleted by an external adversary or even by the CSP e.g. due to storage reasons. The customer has no ability to proof otherwise. Secure provenance mechanisms for distributed environments can improve this situation but have not been practically implemented by CSP [10]. Suggested Solution: In private SaaS scenarios this situation is improved by the fact that the customer and the CSP are probably under the same authority. Hence, logging and provenance mechanisms could be implemented which contribute to potential investigations. Additionally, the exact location of the servers and the data is known at any time. Public SaaS CSP should offer additional interfaces for the purpose of compliance, forensics, operations and security matters to their customers. Through an API, the customers should have the ability to receive specific information suchas access, error and event logs that could improve their situation in case of aninvestigation. Furthermore, due to the limited ability of receiving forensic information from the server and proofing integrity of stored data in SaaS scenarios, the client has to contribute to this process. This could be achieved by implementing Proofs of Retrievability (POR) in which a verifier (client) is enabled to determine that a prover (server) possesses a file or data object and it can be retrieved unmodified [24]. Provable Data Possession (PDP) techniques [37] could be used to verify that an untrusted server possesses the original data without the need for the client to retrieve it. Although these cryptographic proofs have not been implemented by any CSP, the authors of [23] introduced a new data integrity verification mechanism for SaaS scenarios which could also be used for forensic purposes.2) PaaS Environments: One of the main advantages of the PaaS model is that the developed software application is under the control of the customer and except for some CSP, the source code of the application does not have to leave the local development environment. Given these circumstances, the customer obtains theoretically the power to dictate how the application interacts with other dependencies such as databases, storage entities etc. CSP normally claim this transfer is encrypted but this statement can hardly be verified by the customer. Since the customer has the ability to interact with the platform over a prepared API, system states and specific application logs can be extracted. However potential adversaries, which can compromise the application during runtime, should not be able to alter these log files afterwards. Suggested Solution:Depending on the runtime environment, logging mechanisms could be implemented which automatically sign and encrypt the log information before its transfer to a central logging server under the control of the customer. Additional signing and encrypting could prevent potential eavesdroppers from being able to view and alter log data information on the way to the logging server. Runtime compromise of an PaaS application by adversaries could be monitored by push-only mechanisms for log data presupposing that the needed information to detect such an attack are logged. Increasingly, CSP offering PaaS solutions give developers the ability to collect and store a variety of diagnostics data in a highly configurable way with the help of runtime feature sets [38].3) IaaS Environments: As expected, even virtual instances in the cloud get compromised by adversaries. Hence, the ability to determine how defenses in the virtual environment failed and to what extent the affected systems havebeen compromised is crucial not only for recovering from an incident. Also forensic investigations gain leverage from such information and contribute to resilience against future attacks on the systems. From the forensic point of view, IaaS instances do provide much more evidence data usable for potential forensics than PaaS and SaaS models do. This fact is caused throughthe ability of the customer to install and set up the image for forensic purposes before an incident occurs. Hence, as proposed for PaaS environments, log data and other forensic evidence information could be signed and encrypted before itis transferred to third-party hosts mitigating the chance that a maliciously motivated shutdown process destroys the volatile data. Although, IaaS environments provide plenty of potential evidence, it has to be emphasized that the customer VM is in the end still under the control of the CSP. He controls the hypervisor which is e.g. responsible for enforcing hardware boundaries and routing hardware requests among different VM. Hence, besides the security responsibilities of the hypervisor, he exerts tremendous control over how customer’s VM communicate with the hardware and theoretically can intervene executed processes on the hosted virtual instance through virtual introspection [25]. This could also affect encryption or signing processes executed on the VM and therefore leading to the leakage of the secret key. Although this risk can be disregarded in most of the cases, the impact on the security of high security environments is tremendous.a) Snapshot Analysis: Traditional forensics expect target machines to be powered down to collect an image (dead virtual instance). This situation completely changed with the advent of the snapshot technology which is supported by all popular hypervisors such as Xen, VMware ESX and Hyper-V.A snapshot, also referred to as the forensic image of a VM, providesa powerful tool with which a virtual instance can be clonedby one click including also the running system’s mem ory. Due to the invention of the snapshot technology, systems hosting crucial business processes do not have to be powered down for forensic investigation purposes. The investigator simply creates and loads a snapshot of the target VM for analysis(live virtual instance). This behavior is especially important for scenarios in which a downtime of a system is not feasible or practical due to existing SLA. However the information whether the machine is running or has been properly powered down is crucial [3] for the investigation. Live investigations of running virtual instances become more common providing evidence data that。

附录一、英文原文：Detecting Anomaly Traffic using Flow Data in the realVoIP networkI. INTRODUCTIONRecently, many SIP[3]/RTP[4]-based VoIP applications and services have appeared and their penetration ratio is gradually increasing due to the free or cheap call charge and the easy subscription method. Thus, some of the subscribers to the PSTN service tend to change their home telephone services to VoIP products. For example, companies in Korea such as LG Dacom, Samsung Net- works, and KT have begun to deploy SIP/RTP-based VoIP services. It is reported that more than five million users have subscribed the commercial VoIP services and 50% of all the users are joined in 2009 in Korea [1]. According to IDC, it is expected that the number of VoIP users in US will increase to 27 millions in 2009 [2]. Hence, as the VoIP service becomes popular, it is not surprising that a lot of VoIP anomaly traffic has been already known [5]. So, Most commercial service such as VoIP services should provide essential security functions regarding privacy, authentication, integrity and non-repudiation for preventing malicious traffic. Particu- larly, most of current SIP/RTP-based VoIP services supply the minimal security function related with authentication. Though secure transport-layer protocols such as Transport Layer Security (TLS) [6] or Secure RTP (SRTP) [7] have been standardized, they have not been fully implemented anddeployed in current VoIP applications because of the overheads of implementation and performance. Thus, un-encrypted VoIP packets could be easily sniffed and forged, especially in wireless LANs. In spite of authentication,the authentication keys such as MD5 in the SIP header could be maliciously exploited, because SIP is a text-based protocol and unencrypted SIP packets are easily decoded. Therefore, VoIP services are very vulnerable to attacks exploiting SIP and RTP. We aim at proposing a VoIP anomaly traffic detection method using the flow-based traffic measurement archi-tecture. We consider three representative VoIP anomalies called CANCEL, BYE Denial of Service (DoS) and RTP flooding attacks in this paper, because we found that malicious users in wireless LAN could easily perform these attacks in the real VoIP network. For monitoring VoIP packets, we employ the IETF IP Flow Information eXport (IPFIX) [9] standard that is based on NetFlow v9. This traffic measurement method provides a flexible and extensible template structure for various protocols, which is useful for observing SIP/RTP flows [10]. In order to capture and export VoIP packets into IPFIX flows, we define two additional IPFIX templates for SIP and RTP flows. Furthermore, we add four IPFIX fields to observe packets which are necessary to detect VoIP source spoofing attacks in WLANs.II. RELATED WORK[8] proposed a flooding detection method by the Hellinger Distance (HD) concept. In [8], they have pre- sented INVITE, SYN and RTP flooding detection meth-ods. The HD is the difference value between a training data set and a testing data set. The training data set collected traffic over n sampling period of duration Δ testing data set collected traffic next the training data set in the same period. If the HD is close to ‘1’, this testing data set is regarded as anomaly traffic. For using this method, they assumed that initial training data set didnot have any anomaly traffic. Since this method was based on packet counts, it might not easily extended to detect other anomaly traffic except flooding. On the other hand, [11] has proposed a VoIP anomaly traffic detection method using Extended Finite State Machine (EFSM). [11] has suggested INVITE flooding, BYE DoS anomaly traffic and media spamming detection methods. However, the state machine required more memory because it had to maintain each flow. [13] has presented NetFlow-based VoIP anomaly detection methods for INVITE, REGIS-TER, RTP flooding, and REGISTER/INVITE scan. How-ever, the VoIP DoS attacks considered in this paper were not considered. In [14], an IDS approach to detect SIP anomalies was developed, but only simulation results are presented. For monitoring VoIP traffic, SIPFIX [10] has been proposed as an IPFIX extension. The key ideas of the SIPFIX are application-layer inspection and SDP analysis for carrying media session information. Yet, this paper presents only the possibility of applying SIPFIX to DoS anomaly traffic detection and prevention. We described the preliminary idea of detecting VoIP anomaly traffic in [15]. This paper elaborates BYE DoS anomaly traffic and RTP flooding anomaly traffic detec-tion method based on IPFIX. Based on [15], we have considered SIP and RTP anomaly traffic generated in wireless LAN. In this case, it is possible to generate the similiar anomaly traffic with normal VoIP traffic, because attackers can easily extract normal user information from unencrypted VoIP packets. In this paper, we have extended the idea with additional SIP detection methods using information of wireless LAN packets. Furthermore, we have shown the real experiment results at the commercial VoIP network.III. THE VOIP ANOMALY TRAFFIC DETECTION METHOD A. CANCEL DoS Anomaly Traffic DetectionAs the SIP INVITE message is not usually encrypted, attackers could extract fields necessary to reproduce the forged SIP CANCEL message by sniffing SIP INVITE packets, especially in wireless LANs. Thus, we cannot tell the difference between the normal SIP CANCEL message and the replicated one, because the faked CANCEL packet includes the normal fields inferred from the SIP INVITE message. The attacker will perform the SIP CANCEL DoS attack at the same wireless LAN, because the purpose of the SIP CANCEL attack is to prevent the normal call estab-lishment when a victim is waiting for calls. Therefore, as soon as the attacker catches a call invitation message for a victim, it will send a SIP CANCEL message, which makes the call establishment failed. We have generated faked SIP CANCEL message using sniffed a SIP INVITE in SIP header of this CANCEL message is the same as normal SIP CANCEL message, because the attacker can obtain the SIP header field from unencrypted normal SIP message in wireless LAN environment. Therefore it is impossible to detect the CANCEL DoS anomaly traffic using SIP headers, we use the different values of the wireless LAN frame. That is, the sequence number in the frame will tell the difference between a victim host and an attacker. We look into source MAC address and sequence number in the MAC frame including a SIP CANCEL message as shown in Algorithm 1. We compare the source MAC address of SIP CANCEL packets with that of the previously saved SIP INVITE flow. If the source MAC address of a SIP CANCEL flow is changed, it will be highly probable that the CANCEL packet is generated by a unknown user. However, the source MAC address could be spoofed. Regarding source spoofing detection, we employ the method in [12] that uses sequence numbers of frames. We calculate the gap between n-th and (n-1)-th frames. As the sequence number field in a MAC header uses 12 bits, it varies from 0 to 4095. When we find that the sequence number gap between a single SIP flow is greater than the threshold value of N that willbe set from the experiments, we determine that the SIP host address as been spoofed for the anomaly traffic.B. BYE DoS Anomaly Traffic DetectionIn commercial VoIP applications, SIP BYE messages use the same authentication field is included in the SIP IN-VITE message for security and accounting purposes. How-ever, attackers can reproduce BYE DoS packets through sniffing normal SIP INVITE packets in wireless faked SIP BYE message is same with the normal SIP BYE. Therefore, it is difficult to detect the BYE DoS anomaly traffic using only SIP header sniffing SIP INVITE message, the attacker at the same or different subnets could terminate the normal in- progress call, because it could succeed in generating a BYE message to the SIP proxy server. In the SIP BYE attack, it is difficult to distinguish from the normal call termination procedure. That is, we apply the timestamp of RTP traffic for detecting the SIP BYE attack. Generally, after normal call termination, the bi-directional RTP flow is terminated in a bref space of time. However, if the call termination procedure is anomaly, we can observe that a directional RTP media flow is still ongoing, whereas an attacked directional RTP flow is broken. Therefore, in order to detect the SIP BYE attack, we decide that we watch a directional RTP flow for a long time threshold of N sec after SIP BYE message. The threshold of N is also set from the 2 explains the procedure to detect BYE DoS anomal traffic using captured timestamp of the RTP packet. We maintain SIP session information between clients with INVITE and OK messages including the same Call-ID and 4-tuple (source/destination IP Address and port number) of the BYE packet. We set a time threshold value by adding Nsec to the timestamp value of the BYE message. The reason why we use the captured timestamp is that a few RTP packets are observed under second. If RTP traffic is observed after the time threshold, this willbe considered as a BYE DoS attack, because the VoIP session will be terminated with normal BYE messages. C. RTP Anomaly Traffic Detection Algorithm 3 describes an RTP flooding detection method that uses SSRC and sequence numbers of the RTP header. During a single RTP session, typically, the same SSRC value is maintained. If SSRC is changed, it is highly probable that anomaly has occurred. In addition, if there is a big sequence number gap between RTP packets, we determine that anomaly RTP traffic has happened. As inspecting every sequence number for a packet is difficult, we calculate the sequence number gap using the first, last, maximum and minimum sequence numbers. In the RTP header, the sequence number field uses 16 bits from 0 to 65535. When we observe a wide sequence number gap in our algorithm, we consider it as an RTP flooding attack.IV. PERFORMANCE EVALUATIONA. Experiment EnvironmentIn order to detect VoIP anomaly traffic, we established an experimental environment as figure 1. In this envi-ronment, we employed two VoIP phones with wireless LANs, one attacker, a wireless access router and an IPFIX flow collector. For the realistic performance evaluation, we directly used one of the working VoIP networks deployed in Korea where an 11-digit telephone number (070-XXXX-XXXX) has been assigned to a SIP wireless SIP phones supporting , we could make calls to/from the PSTN or cellular phones. In the wireless access router, we used two wireless LAN cards- one is to support the AP service, and the other is to monitor packets. Moreover, in order to observe VoIP packets in the wireless access router, we modified nProbe [16], that is an open IPFIX flow generator, to create and export IPFIX flows related with SIP, RTP, and information. As the IPFIX collector, we have modified libipfix so that it could provide the IPFIX flow decoding function for SIP, RTP, and templates. We used MySQL for the flow DB.B. Experimental ResultsIn order to evaluate our proposed algorithms, we gen-erated 1,946 VoIP calls with two commercial SIP phones and a VoIP anomaly traffic generator. Table I showsour experimental results with precision, recall, and F-score that is the harmonic mean of precision and recall. In CANCEL DoS anomaly traffic detection, our algorithm represented a few false negative cases, which was related with the gap threshold of the sequence number in MAC header. The average of the F-score value for detecting the SIP CANCEL anomaly is %.For BYE anomaly tests, we generated 755 BYE mes-sages including 118 BYE DoS anomalies in the exper-iment. The proposed BYE DoS anomaly traffic detec-tion algorithm found 112 anomalies with the F-score of %. If an RTP flow is terminated before the threshold, we regard the anomaly flow as a normal one. In this algorithm, we extract RTP session information from INVITE and OK or session description messages using the same Call-ID of BYE message. It is possible not to capture those packet, resulting in a few false-negative cases. The RTP flooding anomaly traffic detection experiment for 810 RTP sessions resulted in the F score of 98%.The reason of false-positive cases was related with the sequence number in RTP header. If the sequence number of anomaly traffic is overlapped with the range of the normal traffic, our algorithm will consider it as normal traffic.V. CONCLUSIONSWe have proposed a flow-based anomaly traffic detec-tion method against SIP and RTP-based anomaly traffic in this paper. We presented VoIP anomaly traffic detection methods with flow data on the wireless access router. We used the IETF IPFIX standard to monitor SIP/RTP flows passing through wireless access routers, because its template architecture is easily extensible to several protocols. For this purpose, we defined two new IPFIX templates for SIP and RTP traffic and four new IPFIX fields for traffic. Using these IPFIX flow templates,we proposed CANCEL/BYE DoS and RTP flooding traffic detection algorithms. From experimental results on the working VoIP network in Korea, we showed that our method is able to detect three representative VoIP attacks on SIP phones. In CANCEL/BYE DoS anomaly trafficdetection method, we employed threshold values about time and sequence number gap for classfication of normal and abnormal VoIP packets. This paper has not been mentioned the test result about suitable threshold values. For the future work, we will show the experimental result about evaluation of the threshold values for our detection method.二、英文翻译：交通流数据检测异常在真实的世界中使用的VoIP网络一 .介绍最近,许多SIP[3],[4]基于服务器的VoIP应用和服务出现了,并逐渐增加他们的穿透比及由于自由和廉价的通话费且极易订阅的方法。

毕业设计说明书英文文献及中文翻译学生姓名：学号：计算机与控制工程学院：专指导教师：2017 年 6 月英文文献Cloud Computing1。

Cloud Computing at a Higher LevelIn many ways，cloud computing is simply a metaphor for the Internet, the increasing movement of compute and data resources onto the Web. But there's a difference: cloud computing represents a new tipping point for the value of network computing. It delivers higher efficiency, massive scalability, and faster，easier software development. It's about new programming models，new IT infrastructure, and the enabling of new business models。

For those developers and enterprises who want to embrace cloud computing, Sun is developing critical technologies to deliver enterprise scale and systemic qualities to this new paradigm:（1) Interoperability —while most current clouds offer closed platforms and vendor lock—in, developers clamor for interoperability。

云计算外文翻译参考文献(文档含中英文对照即英文原文和中文翻译)原文:Technical Issues of Forensic Investigations in Cloud Computing EnvironmentsDominik BirkRuhr-University BochumHorst Goertz Institute for IT SecurityBochum, GermanyRuhr-University BochumHorst Goertz Institute for IT SecurityBochum, GermanyAbstract—Cloud Computing is arguably one of the most discussedinformation technologies today. It presents many promising technological and economical opportunities. However, many customers remain reluctant to move their business IT infrastructure completely to the cloud. One of their main concerns is Cloud Security and the threat of the unknown. Cloud Service Providers(CSP) encourage this perception by not letting their customers see what is behind their virtual curtain. A seldomly discussed, but in this regard highly relevant open issue is the ability to perform digital investigations. This continues to fuel insecurity on the sides of both providers and customers. Cloud Forensics constitutes a new and disruptive challenge for investigators. Due to the decentralized nature of data processing in the cloud, traditional approaches to evidence collection and recovery are no longer practical. This paper focuses on the technical aspects of digital forensics in distributed cloud environments. We contribute by assessing whether it is possible for the customer of cloud computing services to perform a traditional digital investigation from a technical point of view. Furthermore we discuss possible solutions and possible new methodologies helping customers to perform such investigations.I. INTRODUCTIONAlthough the cloud might appear attractive to small as well as to large companies, it does not come along without its own unique problems. Outsourcing sensitive corporate data into the cloud raises concerns regarding the privacy and security of data. Security policies, companies main pillar concerning security, cannot be easily deployed into distributed, virtualized cloud environments. This situation is further complicated by the unknown physical location of the companie’s assets. Normally,if a security incident occurs, the corporate security team wants to be able to perform their own investigation without dependency on third parties. In the cloud, this is not possible anymore: The CSP obtains all the power over the environmentand thus controls the sources of evidence. In the best case, a trusted third party acts as a trustee and guarantees for the trustworthiness of the CSP. Furthermore, the implementation of the technical architecture and circumstances within cloud computing environments bias the way an investigation may be processed. In detail, evidence data has to be interpreted by an investigator in a We would like to thank the reviewers for the helpful comments and Dennis Heinson (Center for Advanced Security Research Darmstadt - CASED) for the profound discussions regarding the legal aspects of cloud forensics. proper manner which is hardly be possible due to the lackof circumstantial information. For auditors, this situation does not change: Questions who accessed specific data and information cannot be answered by the customers, if no corresponding logs are available. With the increasing demand for using the power of the cloud for processing also sensible information and data, enterprises face the issue of Data and Process Provenance in the cloud [10]. Digital provenance, meaning meta-data that describes the ancestry or history of a digital object, is a crucial feature for forensic investigations. In combination with a suitable authentication scheme, it provides information about who created and who modified what kind of data in the cloud. These are crucial aspects for digital investigations in distributed environments such as the cloud. Unfortunately, the aspects of forensic investigations in distributed environment have so far been mostly neglected by the research community. Current discussion centers mostly around security, privacy and data protection issues [35], [9], [12]. The impact of forensic investigations on cloud environments was little noticed albeit mentioned by the authors of [1] in 2009: ”[...] to our knowledge, no research has been published on how cloud computing environments affect digital artifacts,and on acquisition logistics and legal issues related to cloud computing env ironments.” This statement is also confirmed by other authors [34], [36], [40] stressing that further research on incident handling, evidence tracking and accountability in cloud environments has to be done. At the same time, massive investments are being made in cloud technology. Combined with the fact that information technology increasingly transcendents peoples’ private and professional life, thus mirroring more and more of peoples’actions, it becomes apparent that evidence gathered from cloud environments will be of high significance to litigation or criminal proceedings in the future. Within this work, we focus the notion of cloud forensics by addressing the technical issues of forensics in all three major cloud service models and consider cross-disciplinary aspects. Moreover, we address the usability of various sources of evidence for investigative purposes and propose potential solutions to the issues from a practical standpoint. This work should be considered as a surveying discussion of an almost unexplored research area. The paper is organized as follows: We discuss the related work and the fundamental technical background information of digital forensics, cloud computing and the fault model in section II and III. In section IV, we focus on the technical issues of cloud forensics and discuss the potential sources and nature of digital evidence as well as investigations in XaaS environments including thecross-disciplinary aspects. We conclude in section V.II. RELATED WORKVarious works have been published in the field of cloud security and privacy [9], [35], [30] focussing on aspects for protecting data in multi-tenant, virtualized environments. Desired security characteristics for current cloud infrastructures mainly revolve around isolation of multi-tenant platforms [12], security of hypervisors in order to protect virtualized guest systems and secure network infrastructures [32]. Albeit digital provenance, describing the ancestry of digital objects, still remains a challenging issue for cloud environments, several works have already been published in this field [8], [10] contributing to the issues of cloud forensis. Within this context, cryptographic proofs for verifying data integrity mainly in cloud storage offers have been proposed,yet lacking of practical implementations [24], [37], [23]. Traditional computer forensics has already well researched methods for various fields of application [4], [5], [6], [11], [13]. Also the aspects of forensics in virtual systems have been addressed by several works [2], [3], [20] including the notionof virtual introspection [25]. In addition, the NIST already addressed Web Service Forensics [22] which has a huge impact on investigation processes in cloud computing environments. In contrast, the aspects of forensic investigations in cloud environments have mostly been neglected by both the industry and the research community. One of the first papers focusing on this topic was published by Wolthusen [40] after Bebee et al already introduced problems within cloud environments [1]. Wolthusen stressed that there is an inherent strong need for interdisciplinary work linking the requirements and concepts of evidence arising from the legal field to what can be feasibly reconstructed and inferred algorithmically or in an exploratory manner. In 2010, Grobauer et al [36] published a paper discussing the issues of incident response in cloud environments - unfortunately no specific issues and solutions of cloud forensics have been proposed which will be done within this work.III. TECHNICAL BACKGROUNDA. Traditional Digital ForensicsThe notion of Digital Forensics is widely known as the practice of identifying, extracting and considering evidence from digital media. Unfortunately, digital evidence is both fragile and volatile and therefore requires the attention of special personnel and methods in order to ensure that evidence data can be proper isolated and evaluated. Normally, the process of a digital investigation can be separated into three different steps each having its own specificpurpose:1) In the Securing Phase, the major intention is the preservation of evidence for analysis. The data has to be collected in a manner that maximizes its integrity. This is normally done by a bitwise copy of the original media. As can be imagined, this represents a huge problem in the field of cloud computing where you never know exactly where your data is and additionallydo not have access to any physical hardware. However, the snapshot technology, discussed in section IV-B3, provides a powerful tool to freeze system states and thus makes digital investigations, at least in IaaS scenarios, theoretically possible.2) We refer to the Analyzing Phase as the stage in which the data is sifted and combined. It is in this phase that the data from multiple systems or sources is pulled together to create as complete a picture and event reconstruction as possible. Especially in distributed system infrastructures, this means that bits and pieces of data are pulled together for deciphering the real story of what happened and for providing a deeper look into the data.3) Finally, at the end of the examination and analysis of the data, the results of the previous phases will be reprocessed in the Presentation Phase. The report, created in this phase, is a compilation of all the documentation and evidence from the analysis stage. The main intention of such a report is that it contains all results, it is complete and clear to understand. Apparently, the success of these three steps strongly depends on the first stage. If it is not possible to secure the complete set of evidence data, no exhaustive analysis will be possible. However, in real world scenarios often only a subset of the evidence data can be secured by the investigator. In addition, an important definition in the general context of forensics is the notion of a Chain of Custody. This chain clarifies how and where evidence is stored and who takes possession of it. Especially for cases which are brought to court it is crucial that the chain of custody is preserved.B. Cloud ComputingAccording to the NIST [16], cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal CSP interaction. The new raw definition of cloud computing brought several new characteristics such as multi-tenancy, elasticity, pay-as-you-go and reliability. Within this work, the following three models are used: In the Infrastructure asa Service (IaaS) model, the customer is using the virtual machine provided by the CSP for installing his own system on it. The system can be used like any other physical computer with a few limitations. However, the additive customer power over the system comes along with additional security obligations. Platform as a Service (PaaS) offerings provide the capability to deploy application packages created using the virtual development environment supported by the CSP. For the efficiency of software development process this service model can be propellent. In the Software as a Service (SaaS) model, the customer makes use of a service run by the CSP on a cloud infrastructure. In most of the cases this service can be accessed through an API for a thin client interface such as a web browser. Closed-source public SaaS offers such as Amazon S3 and GoogleMail can only be used in the public deployment model leading to further issues concerning security, privacy and the gathering of suitable evidences. Furthermore, two main deployment models, private and public cloud have to be distinguished. Common public clouds are made available to the general public. The corresponding infrastructure is owned by one organization acting as a CSP and offering services to its customers. In contrast, the private cloud is exclusively operated for an organization but may not provide the scalability and agility of public offers. The additional notions of community and hybrid cloud are not exclusively covered within this work. However, independently from the specific model used, the movement of applications and data to the cloud comes along with limited control for the customer about the application itself, the data pushed into the applications and also about the underlying technical infrastructure.C. Fault ModelBe it an account for a SaaS application, a development environment (PaaS) or a virtual image of an IaaS environment, systems in the cloud can be affected by inconsistencies. Hence, for both customer and CSP it is crucial to have the ability to assign faults to the causing party, even in the presence of Byzantine behavior [33]. Generally, inconsistencies can be caused by the following two reasons:1) Maliciously Intended FaultsInternal or external adversaries with specific malicious intentions can cause faults on cloud instances or applications. Economic rivals as well as former employees can be the reason for these faults and state a constant threat to customers and CSP. In this model, also a malicious CSP is included albeit he isassumed to be rare in real world scenarios. Additionally, from the technical point of view, the movement of computing power to a virtualized, multi-tenant environment can pose further threads and risks to the systems. One reason for this is that if a single system or service in the cloud is compromised, all other guest systems and even the host system are at risk. Hence, besides the need for further security measures, precautions for potential forensic investigations have to be taken into consideration.2) Unintentional FaultsInconsistencies in technical systems or processes in the cloud do not have implicitly to be caused by malicious intent. Internal communication errors or human failures can lead to issues in the services offered to the costumer(i.e. loss or modification of data). Although these failures are not caused intentionally, both the CSP and the customer have a strong intention to discover the reasons and deploy corresponding fixes.IV. TECHNICAL ISSUESDigital investigations are about control of forensic evidence data. From the technical standpoint, this data can be available in three different states: at rest, in motion or in execution. Data at rest is represented by allocated disk space. Whether the data is stored in a database or in a specific file format, it allocates disk space. Furthermore, if a file is deleted, the disk space is de-allocated for the operating system but the data is still accessible since the disk space has not been re-allocated and overwritten. This fact is often exploited by investigators which explore these de-allocated disk space on harddisks. In case the data is in motion, data is transferred from one entity to another e.g. a typical file transfer over a network can be seen as a data in motion scenario. Several encapsulated protocols contain the data each leaving specific traces on systems and network devices which can in return be used by investigators. Data can be loaded into memory and executed as a process. In this case, the data is neither at rest or in motion but in execution. On the executing system, process information, machine instruction and allocated/de-allocated data can be analyzed by creating a snapshot of the current system state. In the following sections, we point out the potential sources for evidential data in cloud environments and discuss the technical issues of digital investigations in XaaS environmentsas well as suggest several solutions to these problems.A. Sources and Nature of EvidenceConcerning the technical aspects of forensic investigations, the amount of potential evidence available to the investigator strongly diverges between thedifferent cloud service and deployment models. The virtual machine (VM), hosting in most of the cases the server application, provides several pieces of information that could be used by investigators. On the network level, network components can provide information about possible communication channels between different parties involved. The browser on the client, acting often as the user agent for communicating with the cloud, also contains a lot of information that could be used as evidence in a forensic investigation. Independently from the used model, the following three components could act as sources for potential evidential data.1) Virtual Cloud Instance: The VM within the cloud, where i.e. data is stored or processes are handled, contains potential evidence [2], [3]. In most of the cases, it is the place where an incident happened and hence provides a good starting point for a forensic investigation. The VM instance can be accessed by both, the CSP and the customer who is running the instance. Furthermore, virtual introspection techniques [25] provide access to the runtime state of the VM via the hypervisor and snapshot technology supplies a powerful technique for the customer to freeze specific states of the VM. Therefore, virtual instances can be still running during analysis which leads to the case of live investigations [41] or can be turned off leading to static image analysis. In SaaS and PaaS scenarios, the ability to access the virtual instance for gathering evidential information is highly limited or simply not possible.2) Network Layer: Traditional network forensics is knownas the analysis of network traffic logs for tracing events that have occurred in the past. Since the different ISO/OSI network layers provide several information on protocols and communication between instances within as well as with instances outside the cloud [4], [5], [6], network forensics is theoretically also feasible in cloud environments. However in practice, ordinary CSP currently do not provide any log data from the network components used by the customer’s instances or applications. For instance, in case of a malware infection of an IaaS VM, it will be difficult for the investigator to get any form of routing information and network log datain general which is crucial for further investigative steps. This situation gets even more complicated in case of PaaS or SaaS. So again, the situation of gathering forensic evidence is strongly affected by the support the investigator receives from the customer and the CSP.3) Client System: On the system layer of the client, it completely depends on the used model (IaaS, PaaS, SaaS) if and where potential evidence could beextracted. In most of the scenarios, the user agent (e.g. the web browser) on the client system is the only application that communicates with the service in the cloud. This especially holds for SaaS applications which are used and controlled by the web browser. But also in IaaS scenarios, the administration interface is often controlled via the browser. Hence, in an exhaustive forensic investigation, the evidence data gathered from the browser environment [7] should not be omitted.a) Browser Forensics: Generally, the circumstances leading to an investigation have to be differentiated: In ordinary scenarios, the main goal of an investigation of the web browser is to determine if a user has been victim of a crime. In complex SaaS scenarios with high client-server interaction, this constitutes a difficult task. Additionally, customers strongly make use of third-party extensions [17] which can be abused for malicious purposes. Hence, the investigator might want to look for malicious extensions, searches performed, websites visited, files downloaded, information entered in forms or stored in local HTML5 stores, web-based email contents and persistent browser cookies for gathering potential evidence data. Within this context, it is inevitable to investigate the appearance of malicious JavaScript [18] leading to e.g. unintended AJAX requests and hence modified usage of administration interfaces. Generally, the web browser contains a lot of electronic evidence data that could be used to give an answer to both of the above questions - even if the private mode is switched on [19].B. Investigations in XaaS EnvironmentsTraditional digital forensic methodologies permit investigators to seize equipment and perform detailed analysis on the media and data recovered [11]. In a distributed infrastructure organization like the cloud computing environment, investigators are confronted with an entirely different situation. They have no longer the option of seizing physical data storage. Data and processes of the customer are dispensed over an undisclosed amount of virtual instances, applications and network elements. Hence, it is in question whether preliminary findings of the computer forensic community in the field of digital forensics apparently have to be revised and adapted to the new environment. Within this section, specific issues of investigations in SaaS, PaaS and IaaS environments will be discussed. In addition, cross-disciplinary issues which affect several environments uniformly, will be taken into consideration. We also suggest potential solutions to the mentioned problems.1) SaaS Environments: Especially in the SaaS model, the customer does notobtain any control of the underlying operating infrastructure such as network, servers, operating systems or the application that is used. This means that no deeper view into the system and its underlying infrastructure is provided to the customer. Only limited userspecific application configuration settings can be controlled contributing to the evidences which can be extracted fromthe client (see section IV-A3). In a lot of cases this urges the investigator to rely on high-level logs which are eventually provided by the CSP. Given the case that the CSP does not run any logging application, the customer has no opportunity to create any useful evidence through the installation of any toolkit or logging tool. These circumstances do not allow a valid forensic investigation and lead to the assumption that customers of SaaS offers do not have any chance to analyze potential incidences.a) Data Provenance: The notion of Digital Provenance is known as meta-data that describes the ancestry or history of digital objects. Secure provenance that records ownership and process history of data objects is vital to the success of data forensics in cloud environments, yet it is still a challenging issue today [8]. Albeit data provenance is of high significance also for IaaS and PaaS, it states a huge problem specifically for SaaS-based applications: Current global acting public SaaS CSP offer Single Sign-On (SSO) access control to the set of their services. Unfortunately in case of an account compromise, most of the CSP do not offer any possibility for the customer to figure out which data and information has been accessed by the adversary. For the victim, this situation can have tremendous impact: If sensitive data has been compromised, it is unclear which data has been leaked and which has not been accessed by the adversary. Additionally, data could be modified or deleted by an external adversary or even by the CSP e.g. due to storage reasons. The customer has no ability to proof otherwise. Secure provenance mechanisms for distributed environments can improve this situation but have not been practically implemented by CSP [10]. Suggested Solution: In private SaaS scenarios this situation is improved by the fact that the customer and the CSP are probably under the same authority. Hence, logging and provenance mechanisms could be implemented which contribute to potential investigations. Additionally, the exact location of the servers and the data is known at any time. Public SaaS CSP should offer additional interfaces for the purpose of compliance, forensics, operations and security matters to their customers. Through an API, the customers should have the ability to receive specific information suchas access, error and event logs that could improve their situation in case of aninvestigation. Furthermore, due to the limited ability of receiving forensic information from the server and proofing integrity of stored data in SaaS scenarios, the client has to contribute to this process. This could be achieved by implementing Proofs of Retrievability (POR) in which a verifier (client) is enabled to determine that a prover (server) possesses a file or data object and it can be retrieved unmodified [24]. Provable Data Possession (PDP) techniques [37] could be used to verify that an untrusted server possesses the original data without the need for the client to retrieve it. Although these cryptographic proofs have not been implemented by any CSP, the authors of [23] introduced a new data integrity verification mechanism for SaaS scenarios which could also be used for forensic purposes.2) PaaS Environments: One of the main advantages of the PaaS model is that the developed software application is under the control of the customer and except for some CSP, the source code of the application does not have to leave the local development environment. Given these circumstances, the customer obtains theoretically the power to dictate how the application interacts with other dependencies such as databases, storage entities etc. CSP normally claim this transfer is encrypted but this statement can hardly be verified by the customer. Since the customer has the ability to interact with the platform over a prepared API, system states and specific application logs can be extracted. However potential adversaries, which can compromise the application during runtime, should not be able to alter these log files afterwards. Suggested Solution:Depending on the runtime environment, logging mechanisms could be implemented which automatically sign and encrypt the log information before its transfer to a central logging server under the control of the customer. Additional signing and encrypting could prevent potential eavesdroppers from being able to view and alter log data information on the way to the logging server. Runtime compromise of an PaaS application by adversaries could be monitored by push-only mechanisms for log data presupposing that the needed information to detect such an attack are logged. Increasingly, CSP offering PaaS solutions give developers the ability to collect and store a variety of diagnostics data in a highly configurable way with the help of runtime feature sets [38].3) IaaS Environments: As expected, even virtual instances in the cloud get compromised by adversaries. Hence, the ability to determine how defenses in the virtual environment failed and to what extent the affected systems havebeen compromised is crucial not only for recovering from an incident. Also forensic investigations gain leverage from such information and contribute to resilience against future attacks on the systems. From the forensic point of view, IaaS instances do provide much more evidence data usable for potential forensics than PaaS and SaaS models do. This fact is caused throughthe ability of the customer to install and set up the image for forensic purposes before an incident occurs. Hence, as proposed for PaaS environments, log data and other forensic evidence information could be signed and encrypted before itis transferred to third-party hosts mitigating the chance that a maliciously motivated shutdown process destroys the volatile data. Although, IaaS environments provide plenty of potential evidence, it has to be emphasized that the customer VM is in the end still under the control of the CSP. He controls the hypervisor which is e.g. responsible for enforcing hardware boundaries and routing hardware requests among different VM. Hence, besides the security responsibilities of the hypervisor, he exerts tremendous control over how customer’s VM communicate with the hardware and theoretically can intervene executed processes on the hosted virtual instance through virtual introspection [25]. This could also affect encryption or signing processes executed on the VM and therefore leading to the leakage of the secret key. Although this risk can be disregarded in most of the cases, the impact on the security of high security environments is tremendous.a) Snapshot Analysis: Traditional forensics expect target machines to be powered down to collect an image (dead virtual instance). This situation completely changed with the advent of the snapshot technology which is supported by all popular hypervisors such as Xen, VMware ESX and Hyper-V.A snapshot, also referred to as the forensic image of a VM, providesa powerful tool with which a virtual instance can be clonedby one click including also the running system’s mem ory. Due to the invention of the snapshot technology, systems hosting crucial business processes do not have to be powered down for forensic investigation purposes. The investigator simply creates and loads a snapshot of the target VM for analysis(live virtual instance). This behavior is especially important for scenarios in which a downtime of a system is not feasible or practical due to existing SLA. However the information whether the machine is running or has been properly powered down is crucial [3] for the investigation. Live investigations of running virtual instances become more common providing evidence data that。

The development and tendency of Big DataAbstract: "Big Data" is the most popular IT word after the "Internet of things" and "Cloud computing". From the source, development, status quo and tendency of big data, we can understand every aspect of it. Big data is one of the most important technologies around the world and every country has their own way to develop the technology.Key words: big data; IT; technology1 The source of big dataDespite the famous futurist Toffler propose the conception of “Big Data” in 1980, for a long time, because the primary stage is still in the development of IT industry and uses of information sources, “Big Data” is not get enough attention by the people in that age[1].2 The development of big dataUntil the financial crisis in 2008 force the IBM ( multi-national corporation of IT industry) proposing conception of “Smart City”and vigorously promote Internet of Things and Cloud computing so that information data has been in a massive growth meanwhile the need for the technology is very urgent. Under this condition, some American data processing companies have focused on developing large-scale concurrent processing system, then the “Big Data”technology become available sooner and Hadoop mass data concurrent processing system has received wide attention. Since 2010, IT giants have proposed their products in big data area. Big companies such as EMC、HP、IBM、Microsoft all purchase other manufacturer relating to big data in order to achieve technical integration[1]. Based on this, we can learn how important the big data strategy is. Development of big data thanks to some big IT companies such as Google、Amazon、China mobile、Alibaba and so on, because they need a optimization way to store and analysis data. Besides, there are also demands of health systems、geographic space remote sensing and digital media[2].3 The status quo of big dataNowadays America is in the lead of big data technology and market application. USA federal government announced a “Big Data’s research and development” plan in March,2012, which involved six federal government department the National Science Foundation, Health Research Institute, Department of Energy, Department of Defense, Advanced Research Projects Agency and Geological Survey in order to improve the ability to extract information and viewpoint of big data[1]. Thus, it can speed science and engineering discovery up, and it is a major move to push some research institutions making innovations.The federal government put big data development into a strategy place, which hasa big impact on every country. At present, many big European institutions is still at the primary stage to use big data and seriously lack technology about big data. Most improvements and technology of big data are come from America. Therefore, there are kind of challenges of Europe to keep in step with the development of big data. But, in the financial service industry especially investment banking in London is one of the earliest industries in Europe. The experiment and technology of big data is as good as the giant institution of America. And, the investment of big data has been maintained promising efforts. January 2013, British government announced 1.89 million pound will be invested in big data and calculation of energy saving technology in earth observation and health care[3].Japanese government timely takes the challenge of big data strategy. July 2013, Japan’s communications ministry proposed a synthesize strategy called “Energy ICT of Japan” which focused on big data application. June 2013, the abe cabinet formally announced the new IT strategy----“The announcement of creating the most advanced IT country”. This announcement comprehensively expounded that Japanese new IT national strategy is with the core of developing opening public data and big data in 2013 to 2020[4].Big data has also drawn attention of China government.《Guiding opinions of the State Council on promoting the healthy and orderly development of the Internet of things》promote to quicken the core technology including sensor network、intelligent terminal、big data processing、intelligent analysis and service integration. December 2012, the national development and reform commission add data analysis software into special guide, in the beginning of 2013 ministry of science and technology announced that big data research is one of the most important content of “973 program”[1]. This program requests that we need to research the expression, measure and semantic understanding of multi-source heterogeneous data, research modeling theory and computational model, promote hardware and software system architecture by energy optimal distributed storage and processing, analysis the relationship of complexity、calculability and treatment efficiency[1]. Above all, we can provide theory evidence for setting up scientific system of big data.4 The tendency of big data4.1 See the future by big dataIn the beginning of 2008, Alibaba found that the whole number of sellers were on a slippery slope by mining analyzing user-behavior data meanwhile the procurement to Europe and America was also glide. They accurately predicting the trend of world economic trade unfold half year earlier so they avoid the financial crisis[2]. Document [3] cite an example which turned out can predict a cholera one year earlier by mining and analysis the data of storm, drought and other natural disaster[3].4.2 Great changes and business opportunitiesWith the approval of big data values, giants of every industry all spend more money in big data industry. Then great changes and business opportunity comes[4].In hardware industry, big data are facing the challenges of manage, storage and real-time analysis. Big data will have an important impact of chip and storage industry,besides, some new industry will be created because of big data[4].In software and service area, the urgent demand of fast data processing will bring great boom to data mining and business intelligence industry.The hidden value of big data can create a lot of new companies, new products, new technology and new projects[2].4.3 Development direction of big dataThe storage technology of big data is relational database at primary. But due to the canonical design, friendly query language, efficient ability dealing with online affair, Big data dominate the market a long term. However, its strict design pattern, it ensures consistency to give up function, its poor expansibility these problems are exposed in big data analysis. Then, NoSQL data storage model and Bigtable propsed by Google start to be in fashion[5].Big data analysis technology which uses MapReduce technological frame proposed by Google is used to deal with large scale concurrent batch transaction. Using file system to store unstructured data is not lost function but also win the expansilility. Later, there are big data analysis platform like HA VEn proposed by HP and Fusion Insight proposed by Huawei . Beyond doubt, this situation will be continued, new technology and measures will come out such as next generation data warehouse, Hadoop distribute and so on[6].ConclusionThis paper we analysis the development and tendency of big data. Based on this, we know that the big data is still at a primary stage, there are too many problems need to deal with. But the commercial value and market value of big data are the direction of development to information age.忽略此处..[1] Li Chunwei, Development report of China’s E-Commerce enterprises, Beijing , 2013,pp.268-270[2] Li Fen, Zhu Zhixiang, Liu Shenghui, The development status and the problems of large data, Journal of Xi’an University of Posts and Telecommunications, 18 volume, pp. 102-103,sep.2013 [3] Kira Radinsky, Eric Horivtz, Mining the Web to Predict Future Events[C]//Proceedings of the 6th ACM International Conference on Web Search and Data Mining, WSDM 2013: New York: Association for Computing Machinery,2013,pp.255-264[4] Chapman A, Allen M D, Blaustein B. It’s About the Data: Provenance as a Toll for Assessing Data Fitness[C]//Proc of the 4th USENIX Workshop on the Theory and Practice of Provenance, Berkely, CA: USENIX Association, 2012:8[5] Li Ruiqin, Zheng Janguo, Big data Research: Status quo, Problems and Tendency[J],Network Application,Shanghai,1994,pp.107-108[6] Meng Xiaofeng, Wang Huiju, Du Xiaoyong, Big Daya Analysis: Competition and Survival of RDBMS and ManReduce[J], Journal of software, 2012,23(1): 32-45。

附件1：外文资料翻译译文大容量存储器由于计算机主存储器的易失性和容量的限制, 大多数的计算机都有附加的称为大容量存储系统的存储设备, 包括有磁盘、CD 和磁带。

相对于主存储器，大的容量储存系统的优点是易失性小，容量大，低成本, 并且在许多情况下, 为了归档的需要可以把储存介质从计算机上移开。

术语联机和脱机通常分别用于描述连接于和没有连接于计算机的设备。

联机意味着，设备或信息已经与计算机连接，计算机不需要人的干预，脱机意味着设备或信息与机器相连前需要人的干预，或许需要将这个设备接通电源，或许包含有该信息的介质需要插到某机械装置里。

大量储存器系统的主要缺点是他们典型地需要机械的运动因此需要较多的时间，因为主存储器的所有工作都由电子器件实现。

1. 磁盘今天，我们使用得最多的一种大量存储器是磁盘，在那里有薄的可以旋转的盘片，盘片上有磁介质以储存数据。

盘片的上面和（或）下面安装有读/写磁头，当盘片旋转时，每个磁头都遍历一圈，它被叫作磁道，围绕着磁盘的上下两个表面。

通过重新定位的读/写磁头，不同的同心圆磁道可以被访问。

通常，一个磁盘存储系统由若干个安装在同一根轴上的盘片组成，盘片之间有足够的距离，使得磁头可以在盘片之间滑动。

在一个磁盘中，所有的磁头是一起移动的。

因此，当磁头移动到新的位置时，新的一组磁道可以存取了。

每一组磁道称为一个柱面。

因为一个磁道能包含的信息可能比我们一次操作所需要得多，所以每个磁道划分成若干个弧区，称为扇区，记录在每个扇区上的信息是连续的二进制位串。

传统的磁盘上每个磁道分为同样数目的扇区，而每个扇区也包含同样数目的二进制位。

（所以，盘片中心的储存的二进制位的密度要比靠近盘片边缘的大）。

因此，一个磁盘存储器系统有许多个别的磁区, 每个扇区都可以作为独立的二进制位串存取，盘片表面上的磁道数目和每个磁道上的扇区数目对于不同的磁盘系统可能都不相同。

磁区大小一般是不超过几个KB; 512 个字节或1024 个字节。

基于Hadoop 的云计算算法研究辛大欣，屈伟（西安工业大学陕西西安710021）摘要：随着科技技术的发展，数据呈现几何级的增长，面对这个情况传统存储服务无法满足复杂数据慢慢地暴露出来，传统的存储计算服务不仅浪费着极大的资源，还对于环境有着极大的不利影响。

在这个大环境下云计算应势而生。

本论文将针对目前的存储服务无法满足复杂数据的问题，研究云存储中的任务调度技术。

通过与Hadoop 平台结合的试验对于现有的三种算法进行算法的实现过程的研究以及结果的对比。

关键词：云计算；数据存储；任务调度技术；低碳节能中图分类号：TP302文献标识码：A文章编号：1674－6236（2013）03-0033-03Cloud computing algorithm research based on HadoopXIN Da -xin ，QU Wei（Xi ’an Technological University ，Xi ’an 710021，China ）Abstract:With the development of technologies ，data exponentially growth ，face the situation of traditional storage service can not satisfy the complicated data slowly emerged ，the traditional storage calculation service is not only a waste of a great resource ，but also for the environment has a great adverse effects.In the environment of cloud computing should situation and unripe.This paper will analyze the current storage service can not satisfy the complicated data ，study the cloud task scheduling technology.With the Hadoop platform with experiment for three kinds of existing algorithm algorithm implementation process and research results.Key words:cloudcomputing ；virtualization ；taskscheduling algorithms ；low -carbon energy收稿日期：2012-09-24稿件编号：201209170作者简介：辛大欣（1966—），男，陕西西安人，硕士，副教授。

云计算外文文献+翻译1. 引言云计算是一种基于互联网的计算方式，它通过共享的计算资源提供各种服务。

随着云计算的普及和应用，许多研究者对该领域进行了深入的研究。

本文将介绍一篇外文文献，探讨云计算的相关内容，并提供相应的翻译。

2. 外文文献概述作者：Antonio Fernández Anta, Chryssis Georgiou, Evangelos Kranakis出版年份：2019年该外文文献主要综述了云计算的发展和应用。

文中介绍了云计算的基本概念，包括云计算的特点、架构、服务模型以及云计算的挑战和前景。

3. 研究内容该研究综述了云计算技术的基本概念和相关技术。

文中首先介绍了云计算的定义和其与传统计算的比较，深入探讨了云计算的优势和不足之处。

随后，文中介绍了云计算的架构，包括云服务提供商、云服务消费者和云服务的基本组件。

在架构介绍之后，文中提供了云计算的三种服务模型：基础设施即服务（IaaS）、平台即服务（PaaS）和软件即服务（SaaS）。

每种服务模型都从定义、特点和应用案例方面进行了介绍，并为读者提供了更深入的了解。

此外，文中还讨论了云计算的挑战，包括安全性、隐私保护、性能和可靠性等方面的问题。

同时，文中也探讨了云计算的前景和未来发展方向。

4. 文献翻译《云计算：一项调查》是一篇全面介绍云计算的文献。

它详细解释了云计算的定义、架构和服务模型，并探讨了其优势、不足和挑战。

此外，该文献还对云计算的未来发展进行了预测。

对于研究云计算和相关领域的读者来说，该文献提供了一个很好的参考资源。

它可以帮助读者了解云计算的基本概念、架构和服务模型，也可以引导读者思考云计算面临的挑战和应对方法。

5. 结论。

基于Hadoop的云计算平台设计与开发摘要：随着北部湾海洋生态资源的开发和利用，海量海洋科学数据飞速涌现出来，利用云计算平台合理管理和存储这些科学数据显得极为重要。

本文提出了一种基于分布式计算技术进行管理和存储海量海洋科学数据方法，构建了海量海洋科学数据存储平台解决方案，采用linux集群技术，设计开发一个基于hadoop的云计算平台。

关键词：云计算；海洋科学数据；hadoop；分布式计算中图分类号：tp311.13文献标识码：a文章编号：1007-9599 (2011) 24-0000-02hadoop-based cloud computing platform design and developmenttang yun1,2(1.hubei university of technology school of computer science,wuhan430068,china;2. lishui city road administration detachment of the highwaybrigade,lishui323000,china)abstract:with the development and utilization of marine ecological resources in the beibu gulf,the mass of marine scientific data rapidly emerged,the use of cloud computing platform for the rational management and storage of scientific data is extremely important.in this paper,manageand store large amounts of marine science data method based on distributed computing technology to build a massive marine science data storage platform solutions,using the linux cluster technology,design and development based on a hadoop cloud computing platform.keywords:cloud computing;marine sciencedata;hadoop;distributed computing传统的对大规模数据处理是使用分布式的高性能计算、网格计算等技术，需要耗费昂贵的计算资源，而且对于如何把大规模数据有效分割和计算任务的合理分配都需要繁琐的编程才能实现，而hadoop分布式技术的发展正解决了以上的问题。

2013Skew-Aware Task Scheduling in Clouds云计算中倾斜度感知的任务调度李东生，陈宜兴，理查德·胡亥国防科技大学，计算机学院，并行与分布式处理国家实验室，中国国立大学莱佛士商学院，新加坡dsli@摘要：数据扭曲是MapReduce一样的云系统中慢任务出现的一个重要原因。

在本文中，我们提出了一个斜感知任务调度（SATS）机制针对MapReduce类似系统的迭代应用。

该机构利用迭代应用中在相邻迭代的数据分布的相似性，来减少数据扭曲造成的落伍的问题。

它在当前迭代的任务的执行过程中收集数据的分布信息，并用这些信息来指导下一次迭代时任务的数据分割。

我们在HaLoop系统落实机制，在一个集群中部署。

实验结果表明，该机制可以处理数据扭曲，有效地提高负载平衡。

关键词：数据扭曲；任务调度；云计算；负载均衡1、简介近年来云计算已经成为一个有前途的技术，而且MapReduce是最成功的一个大规模数据密集型云计算的实现平台[1] - [3]。

MapReduce的使用一个简单的数据并行的编程模型，有两个基本的操作，即，Map和Reduce操作。

用户可以根据应用程序的要求自定义Map功能和Reduce功能。

每个map任务取一片输入数据，并产生一个用Map功能的key/value对的集合，这是初步地用Reduce功能做Reduce任务。

这种编程模型很简单，但功能强大，许多大规模数据处理应用程序可以由模型来表示。

类MapReduce的系统可以在云计算中自动调度多个分布在机器中的Map和/或Reduce任务。

作为同步步骤仅存在于Map阶段和Reduce阶段之间，任务执行在相同的阶段具有高平行度，并且因此并发性和系统的可扩展性可以被高度增强。

Hadoop[4]和它的变体（例如，HaLoop [5]和Hadoop++ [6]）是典型的类MapReduce系统。

由于在类MapReduce系统中Map和Reduce阶段之间存在同步步骤，在任一阶段慢任务可能减慢整个工作的执行。

文献信息：文献标题：A Study of Data Mining with Big Data（大数据挖掘研究）国外作者：VH Shastri，V Sreeprada文献出处：《International Journal of Emerging Trends and Technology in Computer Science》,2016,38(2):99-103字数统计：英文2291单词，12196字符；中文3868汉字外文文献：A Study of Data Mining with Big DataAbstract Data has become an important part of every economy, industry, organization, business, function and individual. Big Data is a term used to identify large data sets typically whose size is larger than the typical data base. Big data introduces unique computational and statistical challenges. Big Data are at present expanding in most of the domains of engineering and science. Data mining helps to extract useful data from the huge data sets due to its volume, variability and velocity. This article presents a HACE theorem that characterizes the features of the Big Data revolution, and proposes a Big Data processing model, from the data mining perspective.Keywords: Big Data, Data Mining, HACE theorem, structured and unstructured.I.IntroductionBig Data refers to enormous amount of structured data and unstructured data thatoverflow the organization. If this data is properly used, it can lead to meaningful information. Big data includes a large number of data which requires a lot of processing in real time. It provides a room to discover new values, to understand in-depth knowledge from hidden values and provide a space to manage the data effectively. A database is an organized collection of logically related data which can be easily managed, updated and accessed. Data mining is a process discovering interesting knowledge such as associations, patterns, changes, anomalies and significant structures from large amount of data stored in the databases or other repositories.Big Data includes 3 V’s as its characteristics. They are volume, velocity and variety. V olume means the amount of data generated every second. The data is in state of rest. It is also known for its scale characteristics. Velocity is the speed with which the data is generated. It should have high speed data. The data generated from social media is an example. Variety means different types of data can be taken such as audio, video or documents. It can be numerals, images, time series, arrays etc.Data Mining analyses the data from different perspectives and summarizing it into useful information that can be used for business solutions and predicting the future trends. Data mining (DM), also called Knowledge Discovery in Databases (KDD) or Knowledge Discovery and Data Mining, is the process of searching large volumes of data automatically for patterns such as association rules. It applies many computational techniques from statistics, information retrieval, machine learning and pattern recognition. Data mining extract only required patterns from the database in a short time span. Based on the type of patterns to be mined, data mining tasks can be classified into summarization, classification, clustering, association and trends analysis.Big Data is expanding in all domains including science and engineering fields including physical, biological and biomedical sciences.II.BIG DATA with DATA MININGGenerally big data refers to a collection of large volumes of data and these data are generated from various sources like internet, social-media, business organization, sensors etc. We can extract some useful information with the help of Data Mining. It is a technique for discovering patterns as well as descriptive, understandable, models from a large scale of data.V olume is the size of the data which is larger than petabytes and terabytes. The scale and rise of size makes it difficult to store and analyse using traditional tools. Big Data should be used to mine large amounts of data within the predefined period of time. Traditional database systems were designed to address small amounts of data which were structured and consistent, whereas Big Data includes wide variety of data such as geospatial data, audio, video, unstructured text and so on.Big Data mining refers to the activity of going through big data sets to look for relevant information. To process large volumes of data from different sources quickly, Hadoop is used. Hadoop is a free, Java-based programming framework that supports the processing of large data sets in a distributed computing environment. Its distributed supports fast data transfer rates among nodes and allows the system to continue operating uninterrupted at times of node failure. It runs Map Reduce for distributed data processing and is works with structured and unstructured data.III.BIG DATA characteristics- HACE THEOREM.We have large volume of heterogeneous data. There exists a complex relationship among the data. We need to discover useful information from this voluminous data.Let us imagine a scenario in which the blind people are asked to draw elephant. The information collected by each blind people may think the trunk as wall, leg as tree, body as wall and tail as rope. The blind men can exchange information with each other.Figure1: Blind men and the giant elephantSome of the characteristics that include are:i.Vast data with heterogeneous and diverse sources: One of the fundamental characteristics of big data is the large volume of data represented by heterogeneous and diverse dimensions. For example in the biomedical world, a single human being is represented as name, age, gender, family history etc., For X-ray and CT scan images and videos are used. Heterogeneity refers to the different types of representations of same individual and diverse refers to the variety of features to represent single information.ii.Autonomous with distributed and de-centralized control: the sources are autonomous, i.e., automatically generated; it generates information without any centralized control. We can compare it with World Wide Web (WWW) where each server provides a certain amount of information without depending on other servers.plex and evolving relationships: As the size of the data becomes infinitely large, the relationship that exists is also large. In early stages, when data is small, there is no complexity in relationships among the data. Data generated from social media and other sources have complex relationships.IV.TOOLS:OPEN SOURCE REVOLUTIONLarge companies such as Facebook, Yahoo, Twitter, LinkedIn benefit and contribute work on open source projects. In Big Data Mining, there are many open source initiatives. The most popular of them are:Apache Mahout:Scalable machine learning and data mining open source software based mainly in Hadoop. It has implementations of a wide range of machine learning and data mining algorithms: clustering, classification, collaborative filtering and frequent patternmining.R: open source programming language and software environment designed for statistical computing and visualization. R was designed by Ross Ihaka and Robert Gentleman at the University of Auckland, New Zealand beginning in 1993 and is used for statistical analysis of very large data sets.MOA: Stream data mining open source software to perform data mining in real time. It has implementations of classification, regression; clustering and frequent item set mining and frequent graph mining. It started as a project of the Machine Learning group of University of Waikato, New Zealand, famous for the WEKA software. The streams framework provides an environment for defining and running stream processes using simple XML based definitions and is able to use MOA, Android and Storm.SAMOA: It is a new upcoming software project for distributed stream mining that will combine S4 and Storm with MOA.Vow pal Wabbit: open source project started at Yahoo! Research and continuing at Microsoft Research to design a fast, scalable, useful learning algorithm. VW is able to learn from terafeature datasets. It can exceed the throughput of any single machine networkinterface when doing linear learning, via parallel learning.V.DATA MINING for BIG DATAData mining is the process by which data is analysed coming from different sources discovers useful information. Data Mining contains several algorithms which fall into 4 categories. They are:1.Association Rule2.Clustering3.Classification4.RegressionAssociation is used to search relationship between variables. It is applied in searching for frequently visited items. In short it establishes relationship among objects. Clustering discovers groups and structures in the data.Classification deals with associating an unknown structure to a known structure. Regression finds a function to model the data.The different data mining algorithms are:Table 1. Classification of AlgorithmsData Mining algorithms can be converted into big map reduce algorithm based on parallel computing basis.Table 2. Differences between Data Mining and Big DataVI.Challenges in BIG DATAMeeting the challenges with BIG Data is difficult. The volume is increasing every day. The velocity is increasing by the internet connected devices. The variety is also expanding and the organizations’ capability to capture and process the data is limited.The following are the challenges in area of Big Data when it is handled:1.Data capture and storage2.Data transmission3.Data curation4.Data analysis5.Data visualizationAccording to, challenges of big data mining are divided into 3 tiers.The first tier is the setup of data mining algorithms. The second tier includesrmation sharing and Data Privacy.2.Domain and Application Knowledge.The third one includes local learning and model fusion for multiple information sources.3.Mining from sparse, uncertain and incomplete data.4.Mining complex and dynamic data.Figure 2: Phases of Big Data ChallengesGenerally mining of data from different data sources is tedious as size of data is larger. Big data is stored at different places and collecting those data will be a tedious task and applying basic data mining algorithms will be an obstacle for it. Next we need to consider the privacy of data. The third case is mining algorithms. When we are applying data mining algorithms to these subsets of data the result may not be that much accurate.VII.Forecast of the futureThere are some challenges that researchers and practitioners will have to deal during the next years:Analytics Architecture:It is not clear yet how an optimal architecture of analytics systems should be to deal with historic data and with real-time data at the same time. An interesting proposal is the Lambda architecture of Nathan Marz. The Lambda Architecture solves the problem of computing arbitrary functions on arbitrary data in real time by decomposing the problem into three layers: the batch layer, theserving layer, and the speed layer. It combines in the same system Hadoop for the batch layer, and Storm for the speed layer. The properties of the system are: robust and fault tolerant, scalable, general, and extensible, allows ad hoc queries, minimal maintenance, and debuggable.Statistical significance: It is important to achieve significant statistical results, and not be fooled by randomness. As Efron explains in his book about Large Scale Inference, it is easy to go wrong with huge data sets and thousands of questions to answer at once.Distributed mining: Many data mining techniques are not trivial to paralyze. To have distributed versions of some methods, a lot of research is needed with practical and theoretical analysis to provide new methods.Time evolving data: Data may be evolving over time, so it is important that the Big Data mining techniques should be able to adapt and in some cases to detect change first. For example, the data stream mining field has very powerful techniques for this task.Compression: Dealing with Big Data, the quantity of space needed to store it is very relevant. There are two main approaches: compression where we don’t loose anything, or sampling where we choose what is thedata that is more representative. Using compression, we may take more time and less space, so we can consider it as a transformation from time to space. Using sampling, we are loosing information, but the gains inspace may be in orders of magnitude. For example Feldman et al use core sets to reduce the complexity of Big Data problems. Core sets are small sets that provably approximate the original data for a given problem. Using merge- reduce the small sets can then be used for solving hard machine learning problems in parallel.Visualization: A main task of Big Data analysis is how to visualize the results. As the data is so big, it is very difficult to find user-friendly visualizations. New techniques, and frameworks to tell and show stories will be needed, as for examplethe photographs, infographics and essays in the beautiful book ”The Human Face of Big Data”.Hidden Big Data: Large quantities of useful data are getting lost since new data is largely untagged and unstructured data. The 2012 IDC studyon Big Data explains that in 2012, 23% (643 exabytes) of the digital universe would be useful for Big Data if tagged and analyzed. However, currently only 3% of the potentially useful data is tagged, and even less is analyzed.VIII.CONCLUSIONThe amounts of data is growing exponentially due to social networking sites, search and retrieval engines, media sharing sites, stock trading sites, news sources and so on. Big Data is becoming the new area for scientific data research and for business applications.Data mining techniques can be applied on big data to acquire some useful information from large datasets. They can be used together to acquire some useful picture from the data.Big Data analysis tools like Map Reduce over Hadoop and HDFS helps organization.中文译文：大数据挖掘研究摘要数据已经成为各个经济、行业、组织、企业、职能和个人的重要组成部分。

HDFS和MapReduce是大数据领域中两个非常重要的技术，它们分别负责存储和计算大规模数据。

以下是部分关于HDFS和MapReduce的参考文献。

一、关于HDFS的参考文献1. Shvachko, Konstantin, et al. "The hadoop distributed file system." 2010 IEEE 26th symposium on mass storage systems and technologies (MSST). IEEE, 2010.2. Borthakur, Dhruba. "HDFS architecture guide.". Apache Software Foundation (2014).3. Ren, Kui, et al. "Towards high performance and scalable distributed file systems." 2016 IEEE International Conference on Networking, Architecture, and Storage (NAS). IEEE, 2016.4. Matloff, Norman S. "Hadoop and HDFS: Basic concepts." University of California, Davis 2 (2011): 2012.5. White, Tom. Hadoop: The Definitive Guide. O'Reilly Media, 2012.二、关于MapReduce的参考文献1. Dean, Jeffrey, and Sanjay Ghemawat. "MapReduce: simplified data processing on large clusters." Communications of the ACM 51.1 (2008): 107-113.2. Lin, Jimmy, and Chris Dyer. "Data-Intensive Text Processing with MapReduce." Synthesis Lectures on Human Language Technologies3.1 (2010): 1-177.3. Lammel, Ralf. "Google's MapReduce programming model-revisited." ACM Queue 7.2 (2009): 30-39.4. Heitkoetter, Henning, and Jan Stender. "The MapReduce programming model." Proc. of the 1st International Conference on Cloud Computing and Services Science. 2010.5. Min, Yuting, et al. "Deep mining: a mapreduce optimization framework." Proceedings of the VLDB Endowment 5.9 (2012): 806-817.以上是关于HDFS和MapReduce的部分参考文献，这些文献从不同方面介绍了HDFS和MapReduce的原理、架构和应用。

hadoop英文参考文献Hadoop是一个开源的分布式计算平台，它基于Google的MapReduce算法和Google文件系统(GFS)的思想，能够处理大规模的数据集。

对于研究Hadoop的人来说，阅读Hadoop的英文参考文献是非常必要的。

下面是一些Hadoop的英文参考文献：1. Apache Hadoop: A Framework for Running Applications on Large Clusters Built of Commodity Hardware. This paper describes the architecture of Hadoop and its components, including the Hadoop Distributed File System (HDFS) and MapReduce.2. Hadoop MapReduce: Simplified Data Processing on Large Clusters. This paper provides an overview of the MapReduce programming model and how it can be used to process large data sets on clusters of commodity hardware.3. Hadoop Distributed File System. This paper provides a detailed description of the Hadoop Distributed File System (HDFS), including its architecture, design goals, and implementation.4. Hadoop Security Design. This paper describes the security features of Hadoop, including authentication, authorization, and auditing.5. Hadoop Real World Solutions Cookbook. This book providespractical examples of how Hadoop can be used to solve real-world problems, including data processing, data warehousing, and machine learning.6. Hadoop in Practice. This book provides practical guidance on how to use Hadoop to solve data analysis problems, including data cleaning, data modeling, and data visualization.7. Hadoop: The Definitive Guide. This book provides a comprehensive overview of Hadoop and its components, including HDFS, MapReduce, and YARN. It also includes practical examples and best practices for using Hadoop.8. Pro Hadoop. This book provides a deep dive into Hadoop and its ecosystem, including HDFS, MapReduce, YARN, and a variety of tools and frameworks for working with Hadoop.9. Hadoop Operations. This book provides guidance on how to deploy, manage, and monitor Hadoop clusters in production environments, including best practices for performance tuning, troubleshooting, and security.以上是一些Hadoop的英文参考文献，它们涵盖了Hadoop的各个方面，对于学习和使用Hadoop都是非常有帮助的。

参考文献
[1] 怀特 (Tom White) ．Hadoop权威指南(第3版)［M］. 北京：清华大学出版社，2015.
[2] Arun C.Murthy ，等．Hadoop YARN权威指南［M］. 北京：机械工业出版社，2015.
[3] Jonathan R.Owens, 等．Hadoop实战手册［M］. 北京：人民邮电出版社，2014.
[4] 刘刚．Hadoop应用开发技术详解［M］. 北京：机械工业出版社，2014.
[5] Viktor Mayer-Schönberger, 等．大数据时代:生活、工作与思维的大变革［M］. 浙江：浙
江人民出版社，2013.
[6] 麦肯锡 (McKinsey & Company)．麦肯锡大数据指南［M］. 北京：机械工业出版社，2016.
[7] 卡劳 (Holden Karau),等．Learning Spark［M］. 南京：东南大学出版社，2015.
[8] 彭特里思 (Nick Pentreath)．Spark机器学习［M］. 南京：东南大学出版社，2016.
[9] [美] 卡劳[美] 肯维尼斯科[美] 温德尔[加] 扎哈里亚(作者), 王道远(译者)．Spark快速
大数据分析［M］. 北京：人民邮电出版社，2015.
[10] 里扎 (Sandy Ryza) , 等．Spark高级数据分析［M］. 北京：人民邮电出版社，2015.
[11] 高彦杰，倪亚宇．Spark大数据分析实战［M］. 北京：机械工业出版社，2016.
[12] 于俊，向海，代其锋，马海平. Spark核心技术与高级应用［M］. 北京：机械工程出版
社，2016.
292。

Cloud ComputingChen PengSchool of Information Science and Technology， YanChenNormal College,YanChen ChinaEmail：chenpengyls＠163。

comAbstract--Cloud computing is a new computing model；it is developed based on grid computing．We introduced the development history of cloud computing and its application situation and gave a new definition；took google’s cloud computing techniques as an example,summed up key techniques,such as data storage technology（Google File System），data management technology(BigTable)，as well as programming model and task scheduling model（Map—Reduce）,used in cloud computing;and analyzed the differences among cloud computing,grid computing and traditional super—computing，and fingered out the further development prospects of cloud computing．Key words：cloud computing；data storage;data management；programming modelⅠ。

hadoop词频参考文献Hadoop词频参考文献Hadoop是一个开源的分布式计算框架，用于处理大规模数据集。

它的设计灵感来自于Google的MapReduce和Google File System (GFS)。

Hadoop的核心思想是将大规模数据分布式存储和处理，以实现高效的数据处理和分析。

在Hadoop中，词频是指在文本中某个单词出现的频率。

词频统计是大数据处理中的一个重要应用，可以用于文本挖掘、信息检索等领域。

为了实现高效的词频统计，Hadoop提供了一种分布式计算模型，即MapReduce。

MapReduce将任务分成两个步骤：Map和Reduce。

在Map阶段，将输入数据切分成小的数据块，并为每个单词生成键值对。

在Reduce阶段，对相同键的键值对进行聚合，并计算每个单词的词频。

Hadoop的词频统计算法已经被广泛应用于各种领域。

例如，在自然语言处理领域，研究人员使用Hadoop来处理大规模的语料库，以获取词语的使用频率信息。

在社交网络分析领域，研究人员利用Hadoop来分析用户在社交媒体上的发言，以了解用户的兴趣和行为模式。

除了词频统计，Hadoop还可以用于其他的数据处理任务。

例如，Hadoop可以用于排序、连接、聚合等操作。

它的优点是能够处理大规模的数据集，并且具有高容错性和可扩展性。

由于Hadoop是一个开源框架，所以它的使用成本相对较低，受到了广大研究人员和工程师的青睐。

Hadoop词频参考文献对于研究人员和工程师来说是一个宝贵的资源。

它提供了关于Hadoop词频统计的原理、算法和应用的详细信息。

通过参考这些文献，研究人员和工程师可以更好地理解和应用Hadoop 的词频统计功能，从而提高数据处理和分析的效率。

同时，这些文献也为未来的研究和创新提供了有价值的思路和启示。

希望这些文献能够对读者在Hadoop词频统计方面的学习和研究有所帮助。

原创云计算论文参考文献云计算是一种基于互联网的计算模式，它通过共享的计算资源、存储设备和软件工具，以高效且灵活的方式提供服务。

随着云计算的快速发展，许多研究人员开始关注云计算的各个方面，并进行深入的探索和研究。

本文将介绍一些与云计算相关的原创论文参考文献，以供学术研究者进行参考和借鉴。

1. 文献一：《云计算平台的安全性分析与评估》这篇论文主要研究了云计算平台的安全性分析与评估。

作者在研究中发现，云计算平台的安全性问题主要来自于身份认证、数据隐私保护和网络安全等方面。

为了解决这些问题，作者提出了一种基于多因素认证和加密技术的安全性评估方法，并通过实验验证了该方法的有效性。

该论文为云计算平台的安全性研究提供了重要的参考。

2. 文献二：《基于云计算的大数据分析平台设计与实现》这篇论文重点研究了基于云计算的大数据分析平台的设计与实现。

作者通过对云计算和大数据分析的相关理论进行探究，提出了一种基于Hadoop和Spark的大数据分析平台架构，并详细介绍了其实现方法和算法设计。

该论文对于利用云计算技术进行大数据分析具有重要的实践意义，并在实际应用中取得了良好的效果。

3. 文献三：《面向云计算环境的服务质量保障方法研究》这篇论文研究了在云计算环境下如何保障服务质量。

作者提出了一种基于SLA （Service Level Agreement）的服务质量保障方法，并通过在Amazon EC2云平台上进行测试，验证了该方法的可行性和有效性。

该论文对于提高云计算服务的可靠性和稳定性具有重要意义，为云计算环境下服务质量保障的研究提供了有价值的思路。

4. 文献四：《基于容器的云计算平台资源调度算法研究》这篇论文研究了基于容器的云计算平台资源调度算法。

作者发现，传统的虚拟机技术在资源利用率和性能方面存在一定的局限性，为此提出了一种基于容器技术的资源调度算法。

通过在OpenStack平台上进行实验，作者验证了该算法的有效性，并表明容器技术在云计算平台中具有更好的资源利用率和性能表现。

外文翻译原文Computer programming data structure is an important theoretical basis for the design, it is not only the core curriculum of computer disciplines, and has become a popular elective course other Polytechnic professional, so studied this course well and studied computer are closely related.一、the concept of data structureComputer data structure is the foundation of science and technology professional classes, is the essential core curriculum. All computer system software and application software to use various types of data structures. Therefore, if we want to make better use of computers to solve practical problems, only to several computer programming languages are difficult to cope with the many complex issues. To the effective use of computers, give full play to computer performance, but also must learn and master relevant knowledge of data structure. A solid foundation of "data structure"for learning other computer professional courses, such as operating systems, translation theory, database management systems, software engineering, artificial intelligence, etc. are very useful.二、why should learn from data structure？In the early development of computers, the use of computer designed primarilyto deal with terms. When we use the computer to solve a specific problem, the following general needs through several steps : the first is a specific problem of appropriate abstract mathematical models, and then design or choose a mathematical model of the algorithm,the final procedures for debugging, testing, until they have the ultimate answer.Since then the object is INTEGER, REAL, BOOLEAN, the procedures of the main designers of energy is focused on programming skills, without attention to the data structure. With the expansion of computer applications and development of software and hardware, the issue of non-terms increasing importance. According to statistics, Now dealing with the issue of non-occupancy of more than 90% of the machine time. Such issues involve more complex data structure, the relationshipsbetween data elements generally can not be described by mathematical formula. Therefore, the key to solving such problems is no longer mathematical analysis and calculations, but to devise appropriate data structure, can effectively address the problem.Description of the terms of such non-mathematical model is not a mathematical equation, but such as tables, trees, such as map data structure. Therefore, it can be said that data structure courses primarily designed to study the issue of non-value calculation procedures as a computer operations and the relationship between objects and their operating disciplines.The purpose of the study is to understand the structure of data for computer processing of the identity object to the practical problems involved in dealing with that subject at the computer out and deal with them. At the same time, through training algorithms to improve the thinking ability of students through procedures designed to promote student skills integrated applications and professional qualities.三、the concepts and terminologySystematic study of knowledge in the data structure before some of the basic concepts and terminology to give a precise meaning.Data (Data) is the information carrier, it could be computer identification, storage and processing. It is the computer processing of raw materials, a variety of data processing applications. Computer science, computer processing is the so-called data objects, which can be numerical data can be non - numerical data. Numerical data are integer, the actual number or plural, mainly for engineering computing, scientific computing and commercial processing; Non - numerical data, including characters, text, graphics, images, voice and so on.Data elements (Data Element) is the basic unit of data. In different conditions, data elements can be called elements, nodes, the peak, recording. For example, students information retrieval system table information, a record high, 8 Queen's issue of a state tree, teaching programming issues such as a peak, known as a data element. Sometimes, a data from a number of data elements (Data Item), for example, the student information management system students each data element table is a studentrecord. It includes students of the school, name, sex, nationality, date of birth, performance data items. These data items can be divided into two types : one called early such as student gender, origin, etc., these data were no longer divided in data processing, the smallest units; Another called portfolio, the performance of students who, it can be divided into mathematics, physics, chemistry and other smaller items. Normally, in addressing the question of the practical application of each student is recorded as a basic unit for a visit and treatment.Data objects (Data Object) or data element type (Data Element Class) is the nature of the data elements with the same pool. In a specific issue, the data elements have the same nature (not necessarily equal value elements), belonging to the same data objects (data element type), the data element is an example of such data elements. For example, traffic information systems in the transportation network, is a culmination of all the data elements category, peak a and B each represent an urban middle is the data elements of the two types of examples of the value of their data elements a and B respectively.Data structure (Data Structure) refers to the mutual relationship that exists between one or more data elements together. In any case, between data elements will not be isolated in between them exist in one way or another, such as the relationship between the data element structure. According to the data elements of the relationship between different characteristics, usually have the following four basic categories of the structure :1 assembly structures. In the assembly structure, the relationship between data elements is "belonging to the same pool." Assembly elements relations is a very loose structure.2 linear structures. The structure of the data elements exist between one-to-one relationship.3 tree structure. The structure of the data elements exist between hierarchical relationship.4graphics structure. The structure of the data elements of the relationship that existed between Duoduiduo, graphics structure also known as network structure.C++Builder programming experience一、Database programmingAnd the use of Delphi, Borland C++Builder BDE (Borland Database Engine) database interface, in particular its use BDE Administrator unified management database alias, the database operation has nothing to do with the location of the database documents, thus enabling database development easier operation. But in a database application procedures at the same time we have to "release" BDE, the database for some simple procedures may BDE than our own design procedures big, but as the use of BDE InstallShield, add database alias is likely allocation failure. Therefore, we can use the following methods : still in the design stage procedure using BDE alias management database for debugging, but in procedures substantially (as in the main Chuangti OnCreate event processing function) to Table components DatabaseName attributes, such as the use of similar phrases as follows :Table1->DatabaseName = ExtractFilePath (Application->ExeName); OrTable1->DatabaseName= ExtractFilePath (Application->ExeName+ "DB");Thus, no impact on the debugging phase, will be issued if the application procedures Table1 document on the use of databases or their current catalogue "DB" virus, database procedures can be normal operation. You can even be a database to catalogue the documents in the form of character string Register (installed in the installation process), then the procedure in the acquisition of substantially from the catalogue of payrolls, Fuzhi DatabaseName attribute to be. Anyway, you do not need to install relatively large BDE forced users.二、the Registry visitAs in the design process we often required 9x/NT Windows Registry information visit, such as retrieval of information procedures, preservation of information. Register write a subroutine to visit necessary. When the Register to visit, the library will be directly available without always some duplication operation. The following can be used to access cosmetic Licheng, the character string type Jianzhi, and the retrieval of failure to return default value Default.#include < Registry.hpp >int ReadIntFromReg(HKEY Root, AnsiString Key, AnsiString KeyName, int Default) {int KeyValue;TRegistry *Registry = new TRegistry();Registry->RootKey = Root;Registry->OpenKey(Key, false);try {KeyValue = Registry->ReadInteger(KeyName);}catch(...) {KeyValue = Default;}delete Registry;return KeyValue;}void SaveIntToReg(HKEY Root, AnsiString Key, AnsiString KeyName, int KeyValue) {TRegistry *Registry = new TRegistry();Registry->RootKey = Root;Registry->OpenKey(Key, true);Registry->WriteInteger(KeyName, KeyValue);delete Registry;}char *ReadStringFromReg(HKEY Root, AnsiString Key, AnsiString KeyName, char *Default) {AnsiString KeyValue;TRegistry *Registry = new TRegistry();Registry->RootKey = Root;Registry->OpenKey(Key, false);try {KeyValue = Registry->ReadString(KeyName);}catch(...) {KeyValue = (AnsiString)Default;}delete Registry;return KeyValue.c_str();}void SaveStringToReg(HKEY Root, AnsiString Key,AnsiString KeyName, char *KeyValue) {TRegistry *Registry = new TRegistry();Registry->RootKey = Root;Registry->OpenKey(Key, true);Registry->WriteString(KeyName, (AnsiString)KeyValue);delete Registry;}We may use the following access methods (to Windows wallpaper documents) : AnsiString WallPaperFileName =ReadStringFromReg(HKEY_CURRENT_USER,"\\Control Panel\\Desktop", "Wallpaper", "");三、show / hide icons task columnStandard Windows applications generally operating in the mission mandate column on the chart shows, users can directly use the mouse clicking column logo for the mission task cut over, but some applications do not use task column signs, such as the typical Office tools, There are also procedures that can be shown or hidden customization tasks column icon, such as Winamp. We can do the procedure, as long as access Windows SetWindowLong function can drive, as follows : // hidden task column chart :SetWindowLong (Application->Handle.GWL_EXSTYLE, WS_EX_TOOLWINDOW);// task column shows signs :SetWindowLong (Application->Handle.GWL_EXSTYLE, WS_EX_APPWINDOW);四、the establishment of a simple "on" windowA complete Windows applications typically contain a "on the" window to show version information. We customized a dialog box as usual "on the" window of the "on" free customized window, indicates that more information, even including super links. If only show simple version information,Windows ShellAbout function shelf items have sufficient, following this line of code can be "on" Duihuakuang and is Windows standard "on the" Duihuakuang and procedures may show signs such as the use of resources and systems.ShellAbout (Handle, ( "on" +Application->Title+ "#"). C_str ()( "\n"+Application->Title+ "V1.0\n\n" + "夏登城版权所有！"). C_str ()Application->Icon->Handle);五、the two methods to choice catalogueIn our applications, allowing users to choose the regular catalogue, such as software manufacturers, users choose catalogue. This involves catalogue option, we may use the following methods for users to choose one of the catalogue : 1, use SHBrowseForFolder and SHGetPathFromIDList function; Company affirms its function as follows :WINSHELLAPI LPITEMIDLIST WINAPISHBrowseForFolder(LPBROWSEINFO lpbi); WINSHELLAPI BOOL WINAPI SHGetPathFromIDList(LPCITEMIDLIST pidl, LPSTR pszPath); LPBROWSEINFO 和LPITEMIDLIST structure refer Win32 files. This method of selecting catalogues available Windows desktop all available inventory, including networks of other computers sharing catalogue neighbors, but not the new catalogue. Li Cheng allows users to choose the following directory, the directory of choice Licheng return at all trails character string.#include < shlobj.h >char *GetDir(char *DisplayName, HWND Owner) {char dir[MAX_PATH] = "";BROWSEINFO *bi = new BROWSEINFO;bi->hwndOwner = Owner;bi->pidlRoot = NULL;bi->pszDisplayName = NULL;bi->lpszTitle = DisplayName;bi->ulFlags = BIF_RETURNONLYFSDIRS;bi->lpfn = NULL;bi->lParam = NULL;bi->iImage = 0;ITEMIDLIST *il = SHBrowseForFolder(bi);if(il!=NULL) {SHGetPathFromIDList(il, dir);}delete bi;return dir;}We can use the following list to be chosen from :AnsiString at Dir = (AnsiString) GetDir ( "Please select catalogue :" Handle);2, the use of SelectDirectory function. C++Builder the function SelectDirectory achievable catalogue of options, which showed that similar "open" / "preserve" Duihuakuang, but its advantage is to use / non-use keyboard input catalogue members, and allow the creation of new directories. Its original definition as follows : Extern package bool __fastcall SelectDirectory (AnsiString &Directory, TSelectDirOpts Options, 103-116 HelpCtx);Licheng SelectDir allow you to choose the following directory :#include < FileCtrl.hpp >AnsiString SelectDir(AnsiString Dir) {if(SelectDirectory(Dir, TSelectDirOpts()<< sdAllowCreate << sdPerformCreate << sdPrompt,0))return Dir;elsereturn "";}for the following redeployed to the users choice catalogue :AnsiString SelectedDir = SelectDir ( "C:\\My Documents");外文翻译译文数据结构是计算机程序设计的重要理论设计基础，它不仅是计算机学科的核心课程，而且已成为其他理工专业的热门选修课，所以学好这门课程是与学好计算机专业是息息相关的。