Difference between revisions of "DistOS 2015W Session 6"
| Line 56: | Line 56: | ||
• Three types of certificates | • Three types of certificates | ||
• CFS required to authorized certificate | • CFS required to authorized certificate | ||
• Because directory groups only modify their shared state via a Byzantine-fault-tolerant protocol, we trust the group not to make | |||
an incorrect update to directory metadata. This metadata includes an access control list (ACL) of public keys of all users | |||
who are authorized writers to that directory and to files in it | |||
• Both file content and user-sensitive metadata (meaning file and directory names) are encrypted for privacy. | |||
'''System Architecture''' | '''System Architecture''' | ||
| Line 66: | Line 70: | ||
'''Security''' | '''Security''' | ||
• GUID and ACLs used for write, encryption used for reads. | • GUID and ACLs used for write, encryption used for reads. | ||
• To prevent unauthorized reads, it encrypts | |||
all data in the system that is not completely public and distributes the encryption key to those users with read permission | |||
Revision as of 17:45, 9 February 2015
Midterm
The midterm from last year is now available.
Group 1
Team: Kirill, Jamie, Alexis, Veena, Khaled, Hassan
| FARSITE | OceanStore | |
|---|---|---|
| Fault Tolerance | Used Byzantine Fault Tolerance Algorithm - Did not manage well | Used Byzantine Fault Tolerance Algorithm - Did not manage well |
| Cryptography | Trusted Certificates | A strong cryptographic algorithm on read-only operations |
| Implementation | Did not mention what programming they used, but it was based on Windows. They did not implement the file system | Implemented in JAVA |
| Scalability | Scalable to a University or large corporations, maximum 105 | Worldwide scalability, maximum 1010 |
| File Usage | Was designed for general purpose files | Was designed for small file sizes |
| Scope | All clients sharing the available resources | Transient centralized service |
| Object Model | Didn't use the object model | Used the object model |
Group 2
Team Members: Apoorv, Ambalica, Ashley, Eric, Mert, Shivjot
==Group 3== DANY, MOE, DEEP, SAMEER, TROY
FARSITE
Security • Cascading certificates system through directory hierarchy • Keys • Three types of certificates • CFS required to authorized certificate • Because directory groups only modify their shared state via a Byzantine-fault-tolerant protocol, we trust the group not to make
an incorrect update to directory metadata. This metadata includes an access control list (ACL) of public keys of all users
who are authorized writers to that directory and to files in it
• Both file content and user-sensitive metadata (meaning file and directory names) are encrypted for privacy.
System Architecture • Client Monitor, directory group, file host • When space runs out in directory group, delegate’s ownership to sub tree to other delegate group.
OCEANSTORE
Security • GUID and ACLs used for write, encryption used for reads. • To prevent unauthorized reads, it encrypts
all data in the system that is not completely public and distributes the encryption key to those users with read permission