Difference: DS (3 vs. 4)

Revision 42008-03-06 - GiorgosVerigakis

Line: 1 to 1

Distributed Systems


The global inter-networking infrastructure that has become essential for contemporary day-to day computing and communication tasks, has also enabled the deployment of several large-scale data sharing overlays. Communities collaboratively aggregate and distribute file and storage resources either in the controlled environment of the Grid, or hidden under the anonymity cloak created by peer-to-peer protocols. Both designs exhibit unique properties and characteristics: Peer-to-peer algorithms address the formation of vast, heterogeneous and dynamic sharing networks, while Grids focus on policy enforcement and accounting features. A distributed data management facility that will assimilate respective practices has been envisioned by numerous related research initiatives, especially when there is a need to incorporate disperse resources in large pools, without relinquishing participants of their respective rights. In this paper, we describe the Distributed File Services (DFS) architecture - a peer-to-peer service overlay, which allows distinct administrative entities to form arbitrary file distribution relationships. Each DFS peer can be uniquely authenticated and maintains direct control of its own namespace and storage assets by defining corresponding authorization directives and policies. The peer-to-peer nature of the system allows for scalable deployment and resource allocation, either in a stand-alone scenario or in the Grid context. Moreover, we introduce the notion of a "web of files", as a non-hierarchical, global-scale namespace of distributed data collections and elaborate on a prototype implementation that features novel semantics for integrating our architectural principles and concepts into the operating system level.
DFS is our proposal for a data storage substrate. In our design, we clearly separate File and Storage resources. The storage management is provided by the Virtual Block Store (VBS), which is an independent layer, but one that uses the generic interfaces and protocols of the DFS.


The DFS Architecture is based on the following principles:
  • Each DFS User is identified by a cryptographic certificate. DFS Users are uniquely identified by their cryptographic certificate. With this certificate, they can be named, authenticated, authorized, accounted, attributed an action, associated with an entity or with each other. User throughout this text means DFS User.
  • Any resource is identified by an authority DFS User. Any resource and policy concerning resources is identified by and submitted to the unconditional authority of a unique DFS User.
  • Any action upon a resource has an agent DFS User. The agent of any action concerning resources is ultimately attributed to a single DFS User. This facilitates the accountability of users for their actions and simplifies resource access control.
  • Any action upon a resource is a transaction between an agent user and an authority user. Any resource manipulating action is equivalent to a transaction between the agent of the action and the authority of the resource. The agent must acquire the permission of the authority in order to successfully perform the action.


This site is powered by the TWiki collaboration platform Powered by Perl

No permission to view TWiki.WebBottomBar