This is less a blog entry than a sort of episode of The Shady Tree Mechanic. In it we look under the hood on a humid East Coast summer afternoon. Under inspection: high-performance event processing.
High-performance event processing applications need basic and sometimes more-than-basic security features. This is true for stock trading applications that have been the bread-and-butter of event processing to date - and it will be just as true for new, emerging event processing applications, such as health care.
Real-time is always relative, of course - and architects always have to weight processing time versus cost to implement. But it may be guessed that event processing architects will increasingly need to balance the need for speed (processing) with the need for privacy (security) if event processing goes into wider and wider use. Security entails hurdles and typically slows down performance.
This week at the Usenix conference in Boston, Imperial College, University of Cambridge, and National Health Service UK researchers discussed their work on balancing the needs of high-speed event processing and information security. They call their system "DEFCon," for "Decentralized Event Flow CONtrol." The researchers say they have obtained a good mix of speed and safety in event processing.
Their method is said to achieve this mix via use of safe "inter-isolate" communication in Java applications. A goal is to avoid event unit objects that have references to each other. Instead they have reference only to objects "controlled by DEFCon."
In a paper, they write: "For objects exchanged through events, we want to provide the semantics of passing objects by value, and exploit a single address space to avoid data copying." Basically, they want low latency messaging between processing units ... which can be a challenge to the Java developer. It is hard to do the secure process isolation, have a quick system, and use basic Java skills. Enter the DEFCon API.
The U.K researchers did not have to call their system DEFCon, but who can blame them? "DEFCON," among other things, happens to be the U.S. DoD's designation for the defense readiness condition of the U.S. military. It is not for sure that DEFCon 1 has ever been used, but it is certain that many a feature film has "gone to DEFCON 1," just before a few thrilling bits where Martians, Vin Diesel, or Steven Segal blow up or save the world. Also for certain: a few more APIs will come this way to enable the event processing tools for wider use.
The Usenix 2010 proceedings, including the U.K. researchers' paper on event processing is available as a downloadable PDF.