I have three gurobi floating licenses for my project on my laptop, and each license contains different TokenServer and Port information. Depending on the situation, I need to specify which license I should use. The Gurobi Python API allows the user to specify which floating license to use when solving an optimization model by using the following way to set up the environment for the model:
"With gurobipy.Env(connectionparams={"TokenServer": "localhost", "TSPORT":port_number}) as env:"
Can anyone please inform me how to implement this in Pyomo? Any help on this issue will be greatly appreciated.
I read Pyomo document, but cannot find similar commands to ones provided by Gurobi Python API
Related
We all know situations when you cannot go open source and freely distribute software - and I am in one of these situations.
I have an app that consists of a number of binaries (compiled from C sources) and Python code that wraps it all into a system. This app used to work as a cloud solution so users had access to app functions via network but no chance to touch the actual server where binaries and code are stored.
Now we want to deliver the "local" version of our system. The app will be running on PCs that our users will physically own. We know that everything could be broken, but at least want to protect the app from possible copying and reverse-engineering as much as possible.
I know that Docker is a wonderful deployment tool so I wonder: is it possible to create encrypted Docker containers where no one can see any data stored in the container's filesystem? Is there a known solution to this problem?
Also, maybe there are well known solutions not based on Docker?
The root user on the host machine (where the docker daemon runs) has full access to all the processes running on the host. That means the person who controls the host machine can always get access to the RAM of the application as well as the file system. That makes it impossible to hide a key for decrypting the file system or protecting RAM from debugging.
Using obfuscation on a standard Linux box, you can make it harder to read the file system and RAM, but you can't make it impossible or the container cannot run.
If you can control the hardware running the operating system, then you might want to look at the Trusted Platform Module which starts system verification as soon as the system boots. You could then theoretically do things before the root user has access to the system to hide keys and strongly encrypt file systems. Even then, given physical access to the machine, a determined attacker can always get the decrypted data.
What you are asking about is called obfuscation. It has nothing to do with Docker and is a very language-specific problem; for data you can always do whatever mangling you want, but while you can hope to discourage the attacker it will never be secure. Even state-of-the-art encryption schemes can't help since the program (which you provide) has to contain the key.
C is usually hard enough to reverse engineer, for Python you can try pyobfuscate and similar.
For data, I found this question (keywords: encrypting files game).
If you want a completely secure solution, you're searching for the 'holy grail' of confidentiality: homomorphous encryption. In short, you want to encrypt your application and data, send them to a PC, and have this PC run them without its owner, OS, or anyone else being able to scoop at the data.
Doing so without a massive performance penalty is an active research project. There has been at least one project having managed this, but it still has limitations:
It's windows-only
The CPU has access to the key (ie, you have to trust Intel)
It's optimised for cloud scenarios. If you want to install this to multiple PCs, you need to provide the key in a secure way (ie just go there and type it yourself) to one of the PCs you're going to install your application, and this PC should be able to securely propagate the key to the other PCs.
Andy's suggestion on using the TPM has similar implications to points 2 and 3.
Sounds like Docker is not the right tool, because it was never intended to be used as a full-blown sandbox (at least based on what I've been reading). Why aren't you using a more full-blown VirtualBox approach? At least then you're able to lock up the virtual machine behind logins (as much as a physical installation on someone else's computer can be locked up) and run it isolated, encrypted filesystems and the whole nine yards.
You can either go lightweight and open, or fat and closed. I don't know that there's a "lightweight and closed" option.
I have exactly the same problem. Currently what I was able to discover is bellow.
A. Asylo(https://asylo.dev)
Asylo requires programs/algorithms to be written in C++.
Asylo library is integrated in docker and it seems to be feаsable to create custom dоcker image based on Asylo .
Asylo depends on many not so popular technologies like "proto buffers" and "bazel" etc. To me it seems that learning curve will be steep i.e. the person who is creating docker images/(programs) will need a lot of time to understand how to do it.
Asylo is free of charge
Asylo is bright new with all the advantages and disadvantages of being that.
Asylo is produced by Google but it is NOT an officially supported Google product according to the disclaimer on its page.
Asylo promises that data in trusted environment could be saved even from user with root privileges. However, there is lack of documentation and currently it is not clear how this could be implemented.
B. Scone(https://sconedocs.github.io)
It is binded to INTEL SGX technology but also there is Simulation mode(for development).
It is not free. It has just a small set of functionalities which are not paid.
Seems to support a lot of security functionalities.
Easy for use.
They seems to have more documentation and instructions how to build your own docker image with their technology.
For the Python part, you might consider using Pyinstaller, with appropriate options, it can pack your whole python app in a single executable file, which will not require python installation to be run by end users. It effectively runs a python interpreter on the packaged code, but it has a cipher option, which allows you to encrypt the bytecode.
Yes, the key will be somewhere around the executable, and a very savvy costumer might have the means to extract it, thus unraveling a not so readable code. It's up to you to know if your code contains some big secret you need to hide at all costs. I would probably not do it if I wanted to charge big money for any bug solving in the deployed product. I could use it if client has good compliance standards and is not a potential competitor, nor is expected to pay for more licenses.
While I've done this once, I honestly would avoid doing it again.
Regarding the C code, if you can compile it into executables and/or shared libraries can be included in the executable generated by Pyinstaller.
I recently started using IBM Doors program, I also did start writing scripts for it in DXL. However when I checked the eclipse main page, I realized that a tool called MDAccess for Doors exsists. My question is that is it possible to write code in java for Doors if so, what are the disadvantages compared to DXL?
Yes, it is possible to write Java code for DOORS. You already found the solution: MDAccess is a commercial product provided by Sodius. According to the product specs and some marketing presentation it provides access to a DOORS server using the Java programming language.
Sodius sent me this information on personal request, indicating a disadvantage which might concern you:
Our Java layer is done to manipulate DOORS data, meaning read/write
DOORS data. You will not find Java wrappers of DXL functions that
interact with DOORS UI for example.
Note we are able to execute DXL code trough the Java layer so you can
always get this mean to achieve DXL-based operations.
However, it's not too cheap.
This might interest you, as it is using available APIs and does not rely on additional commercial products:
https://www.ibm.com/developerworks/rational/library/oslc-services-rational-doors/index.html
Disclaimer:
I work for IBM DOORS product support, however all information posted here is done so in a personal, private capacity and does not necessarily reflect the position of my employer. Therefore what I post does not constitute an official statement by IBM nor is any endorsement of the information by IBM to be assumed, implied or otherwise.
For your own benefit, please do not contact me in a business capacity on this platform, but use the official IBM Support community web portal. Thank you! :-)
Do I know, whether any load testing tool is there for testing SAP GUI based applications?
I have been using Load Runner as of now, but the license is going to expire soon. So, I am in a position to find the better replacement for the same.
Responses are appreciated :-)
Thanks in advance.
There are no open source tools for testing SAPGUI applications. Architecturally, none of the existing open source applications have hooks to the automation interface used by SAP. So, you may discount the previous answer which concentrates on web-based interfaces or a generic TCP interface. The interface for SAPGUI automation is on the client.
SAPWeb, on the other hand, may be tackled with standard commercial and open source solutions which architecturally support the capture, modification and reproduction of traffic at the HTTP protocol layer.
Renew your LoadRunner license. The cost in hours of labor to modify any of the available open source tools will more than exceed the cost of your LoadRunner license. You will need to establish a relationship with SAP for the interface documentation. You will need to build a recording interface and a playback interface. You can look to the R&D output from the big vendors, HP, Borland, IBM, to see what a non trivial and high engineering dollar challenge this is.
I have used dxdiag before, but I would prefer to point potential users to some tool that's a bit simpler, that they can just run and email me the output.
As well as obvious things like CPU, RAM, graphics, DirectX version and Windows version, I also need to know if ExpressCard (a laptop standard) is supported.
I know this isn't quite a programming question, but it's critical to establishing a way to tell users if their hardware supports our software before we deploy it.
System Information tool (msinfo32). Comes standard with the OS; supports bunch of command-line switches as well, allowing you to automate it.
In particular, you can tell the users to just run the following command and email you the resulting .txt file:
msinfo32 /report "%USERPROFILE%\desktop\configuration.txt"
Or if you want a subset, just filter it out based on the categories.
Not sure where is the info about the ExpressCard in it, but it should be in there somewhere.
All this information will be available through the Windows Management Instrumentation (WMI).
There are some microsoft provided examples available here.
Simple. I use Vault to manage my personal source files. But I don't like to check in/out outside the Delphi IDE.Delphi XE supports Subversion so I wondered... Could I also get Vault to work with this? If not, are there alternative add-ins for Delphi for free available?At work, I use a commercial product as Vault add-in. This is not an option for my work at home, which are just hobby-projects... Vault is also supported by Visual Studio so with Prism, it works. But the Delphi IDE doesn't.Btw, Sourcegear Vault is free for single-user environments. To quote:
Somebody said that Vault is FREE for a single user. Is this true?
Yes. Vault is free for use by a single user. Simply install the product and
do not enter any serial numbers at all. When no serial numbers are
present, Vault behaves as if there is exactly one user license. Note that
this free license does not apply when the product is used by more than one
person. If you have two people who need to use Vault, you will need to
purchase two initial licenses. If you enter a serial number containing only
one license, then the product will still have exactly one license
present.
And to be honest, it works very fine in my own single-user environment. :-)
Available options:
You use and modify the SVN
integration code you can find on
SourceForge (although IMHO it's not
a good implementation, especially
the menu layout).
You write a whole integration on your own using the OpenTool API (it could be a bit complex if you never worked with it)
If Vault supports the MS SCC interface (it should, if it works in VS), you can buy a plug in like SourceConnexion that adds SCC support to Delphi. Don't know if there is a version for XE already