Caching. Andrew Security Andrew Scale and Performance Sprite Performance.

Slides:

Advertisements

Similar presentations

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Advertisements

Andrew File System CSS534 ZACH MA. History  Originated in October 1982, by the Information Technology Center (ITC) formed with Carnegie Mellon and IBM.

Access Control Chapter 3 Part 3 Pages 209 to 227.

Distributed Storage March 12, Distributed Storage What is Distributed Storage?  Simple answer: Storage that can be shared throughout a network.

CS-550: Distributed File Systems [SiS]1 Resource Management in Distributed Systems: Distributed File Systems.

Andrew File System (AFS)

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CS582: Distributed Systems Lecture 13, 14 -

Multiple Processor Systems Chapter Multiprocessors 8.2 Multicomputers 8.3 Distributed systems.

Caching in Distributed File System Ke Wang CS614 – Advanced System Apr 24, 2001.

Coda file system: Disconnected operation By Wallis Chau May 7, 2003.

Other File Systems: AFS, Napster. 2 Recap NFS: –Server exposes one or more directories Client accesses them by mounting the directories –Stateless server.

1 CS 194: Distributed Systems Distributed File Systems Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Distributed File System: Design Comparisons II Pei Cao Cisco Systems, Inc.

G Robert Grimm New York University Scale and Performance in Distributed File Systems: AFS and SpriteFS.

Jeff Chheng Jun Du.  Distributed file system  Designed for scalability, security, and high availability  Descendant of version 2 of Andrew File System.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

NFS. The Sun Network File System (NFS) An implementation and a specification of a software system for accessing remote files across LANs. The implementation.

Distributed File System: Design Comparisons II Pei Cao.

Module 2: Planning to Install SQL Server. Overview Hardware Installation Considerations SQL Server 2000 Editions Software Installation Considerations.

Distributed File Systems Sarah Diesburg Operating Systems CS 3430.

Lecture 23 The Andrew File System. NFS Architecture client File Server Local FS RPC.

Distributed File Systems Concepts & Overview. Goals and Criteria Goal: present to a user a coherent, efficient, and manageable system for long-term data.

CSE 486/586, Spring 2012 CSE 486/586 Distributed Systems Distributed File Systems Steve Ko Computer Sciences and Engineering University at Buffalo.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Distributed Systems Principles and Paradigms Chapter 10 Distributed File Systems 01 Introduction 02 Communication 03 Processes 04 Naming 05 Synchronization.

Networked File System CS Introduction to Operating Systems.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.

Secure Socket Layer (SSL)

Advanced Operating Systems - Spring 2009 Lecture 21 – Monday April 6 st, 2009 Dan C. Marinescu Office: HEC 439 B. Office.

Distributed File Systems

Distributed File Systems Case Studies: Sprite Coda.

Authentication Applications Unit 6. Kerberos In Greek and Roman mythology, is a multi-headed (usually three-headed) dog, or "hellhound” with a serpent's.

DFS & Active Directory Joshua Hedges |Brandon Maxfield | Robert Rivera | Will Zilch.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Distributed File Systems Overview  A file system is an abstract data type – an abstraction of a storage device.  A distributed file system is available.

Chapter 20 Distributed File Systems Copyright © 2008.

What is a Distributed File System?? Allows transparent access to remote files over a network. Examples: Network File System (NFS) by Sun Microsystems.

AFS (Andrew File System) A Distributed File System Zihou Wang.

Kerberos Named after a mythological three-headed dog that guards the underworld of Hades, Kerberos is a network authentication protocol that was designed.

Introduction to DFS. Distributed File Systems A file system whose clients, servers and storage devices are dispersed among the machines of a distributed.

SPECULATIVE EXECUTION IN A DISTRIBUTED FILE SYSTEM E. B. Nightingale P. M. Chen J. Flint University of Michigan.

1 Linux Networking and Security Chapter 5. 2 Configuring File Sharing Services Configure an FTP server for anonymous or regular users Set up NFS file.

Presented By: Samreen Tahir Coda is a network file system and a descendent of the Andrew File System 2. It was designed to be: Highly Highly secure Available.

Jinyong Yoon,  Andrew File System  The Prototype  Changes for Performance  Effect of Changes for Performance  Comparison with A Remote-Open.

CCNA4 v3 Module 6 v3 CCNA 4 Module 6 JEOPARDY K. Martin.

Caching in the Sprite Network File System Scale and Performance in a Distributed File System COMP 520 September 21, 2004.

Information Management NTU Distributed File Systems.

LRPC Firefly RPC, Lightweight RPC, Winsock Direct and VIA.

1 Kerberos n Part of project Athena (MIT). n Trusted 3rd party authentication scheme. n Assumes that hosts are not trustworthy. n Requires that each client.

1 Isolating Web Programs in Modern Browser Architectures CS6204: Cloud Environment Spring 2011.

User Authentication  fundamental security building block basis of access control & user accountability  is the process of verifying an identity claimed.

Chapter Five Distributed file systems. 2 Contents Distributed file system design Distributed file system implementation Trends in distributed file systems.

1 Example security systems n Kerberos n Secure shell.

Ivy: A Read/Write Peer-to- Peer File System Authors: Muthitacharoen Athicha, Robert Morris, Thomer M. Gil, and Benjie Chen Presented by Saurabh Jha 1.

Andrew File System (AFS)

SUBMITTED BY: NAIMISHYA ATRI(7TH SEM) IT BRANCH

IS 4506 Server Configuration (HTTP Server)

Multiple Processor Systems

CSE 451: Operating Systems Winter Module 22 Distributed File Systems

Scale and Performance in a Distributed File System

Distributed File Systems

Distributed File Systems

CSE 451: Operating Systems Spring Module 21 Distributed File Systems

Distributed File Systems

CSE 451: Operating Systems Winter Module 22 Distributed File Systems

Distributed File Systems

AFS (Andrew File System)

Distributed File Systems

Presentation transcript:

Caching

Andrew Security Andrew Scale and Performance Sprite Performance

Andrew File System

Sprite

Network File System

Andrew File System AFS, AFS2, Coda 1983 to present, Satya its champion Ideas spread to other systems, NT

Security Terms Release, Modification, Denial of Service Mutual suspicion, Modification, Conservation, Confinement, Initialization Identification, Authentication, Privacy, Nonrepudiation

System Components Vice Secure Servers Virtue Protected Workstations Venus Virtual File System Authentication Server

Andrew Encryption DES - Private Keys E[msg,key], D[msg,key] Local copy of secret key Exchange of keys doesn’t scale –Web of trust extends to lots of servers –Pair wise keys unwieldy

Andrew Authentication Username sent in the clear Random number exchange –E[X,key] sent to server (Vice) –D[E[X,key],key] = X –E[X+1,key] to client (Venus) BIND exchanges session keys

Authentication Tokens Description of the user ID, timestamp valid/invalid Used to coordinate what should be available from Vice (server) to Virtue (client)

Access Control Hierarchical groups –Project/shared accounts discouraged Positive/Negative Rights U(+) — U(-) VMS linear list & rights IDs Prolog engine in NT Netware has better admin feedback

Resource Usage Network not an issue –Distributed DOS ‘hard’ Server High Water Mark –Violations by SU programs tolerated –Daemon processes given ‘stem’ accnt Workstations not an issue –User files in Vice

Other Security Issues XOR for session encryption PC support via special server Diskless workstations avoided

Enhancements Cells (NT Domains) Kerberos Protection Server for user administration

Sprite Components Client Server Local Disk Server Disk Client CacheServer Cache

Sprite Design Cache in client and server RAM Kernel file system modification –Affects system/paging and user files Cache size negotiated with VM Delayed 30s write-back –Called ‘laissez-faire’ by Andrew

NFS Comparison Presumed optimized RPC access semantics –NFS uses UDP, others TCP Sprite targeting 100+ nodes Andrew targeting 5,000+ nodes

Andrew Scale and Performance Dedicated server process per client Directory redirection for content Whole file copy in cache

Problems already… Context switching in server TCP connection overhead –Session done by kernel Painful to move parts of VFS to other servers –Volume abstraction fixed this later

Cache Management Write on close No concurrent write Versioning User level Delayed write Cache disabled Versioning Kernel level

Function Distribution TestAuth - validate cache GetFileStat - file status Fetch - server to client Store - client to server 61.7% 26.8% 4.0% 2.1%

Performance Improvements Virtue caches directory Local copy assumed correct File id’s, not names, exchanged Lightweight Processes (LWP) –Context data record on server

Andrew Benchmarks

Sprite Throughput

Sprite Benchmarks

Cache Impact - Client

Cache Impact - Server

Cache Impact - Net

Comparison

General Considerations 17-20% slower than local Server bottleneck Scan for files and read almost all local 6-8x faster vs no cache Server cache extends local cache Remote paging fast as local disk! 5x users/server

Fini