ABSTRACT
Mobile nodes rely on external services to provide safety, sharing, and additional resources. Unfortunately, as mobile nodes move through the networking infrastructure, the costs of accessing servers change. Fluid replication allows mobile clients to create replicas where and when they are needed. Unfortunately, one must trust the nodes holding these replicas, and establishing trust in autonomously administered nodes is a difficult task. Instead, we argue that trust should be deferred. In this position paper, we present the design of Stonewall, a system that defers trust decisions through the use of two mechanisms: packages and receipts. The former ensure confidentiality and detect breaches of integrity; the latter detect breaches of non-repudiation.
- M. G. Baker, J. H. Hartman, M. D. Kupfer, K. W. Shirriff, and J. K. Ousterhout. Measurements of a distributed file system. In Proceedings of the Thirteenth ACM Symposium on Operating Systems Principles, pages 198-212, Pacific Grove, CA, USA, October 1991. Google ScholarDigital Library
- M. Blaze, J. Feigenbaum, and J. Lacy. Decentralized trust management. In Proceedings 1996 IEEE Symposium on Security and Privacy., pages 164-73, May 1996. Google ScholarDigital Library
- D. W. Chadwick, A. J. Young, and N. K. Cicovic. Merging and extending the PGP and PEM trust models --- the ICETEL trust model. IEEE Network, 11(3):16-24, May-June 1997. Google ScholarDigital Library
- W. Ford. Advances in public-key certificate standards. SIGSAC Review, 13(3):9-15, July 1995. Google ScholarDigital Library
- J. S. Heidemann, T. W. Page, R. G. Guy, G. J. Popek, J.-F. Paris, and H. Garcia-Molina. Primarily disconnected operation: experience with Ficus. In Proceedings of the Second Workshop on the Management of Replicated Data, pages 2-5, November 1992.Google ScholarCross Ref
- R. Housley, W. Ford, W. Polk, and D. Solo. Internet X.509 public key infrastructure certificate and CRL profile. Internet RFC 2459, 1999 January. Google ScholarDigital Library
- J. H. Howard, M. L. Kazar, S. G. Menees, D. A. Nichols, M. Satyanarayanan, R. N. Sidebotham, and M. J. West. Scale and performance in a distributed file system. ACM Transactions on Computer Systems, 6(1):51-81, February 1988. Google ScholarDigital Library
- J. J. Kistler and M. Satyanarayanan. Disconnected operation in the Coda File System. ACM Transactions on Computer Systems, 10(1):3-25, February 1992. Google ScholarDigital Library
- L. Lamport. Time, clocks, and the ordering of events in a distributed system. Communications of the ACM, 21(7):558-65, July 1978. Google ScholarDigital Library
- D. Mazières, M. Kaminsky, M. F. Kaashoek, and E. Witchel. Separating key management from file system security. In Proceedings of the Seventeenth ACM Symposium on Operating Systems Principles, pages 124-39, Kiawah Island, SC, USA, December 1999. Google ScholarDigital Library
- L. B. Mummert, M. R. Ebling, and M. Satyanarayanan. Exploiting weak connectivity for mobile file access. In Fifteenth ACM Symposium on Operating Systems Principles, pages 143-55, Copper Mountain Resort, CO, USA, December 1995. Google ScholarDigital Library
- G. C. Necula and P. Lee. Safe kernel extensions without run-time checking. In Second USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 229-43, Seattle, WA, USA, October 1996. Google ScholarDigital Library
- B. Noble, B. Fleis, and M. Kim. A case for fluid replication. In Network Storage Symposium, Seattle, WA, USA, October 1999.Google Scholar
- K. Petersen, M. J. Spreitzer, D. B. Terry, M. M. Theimer, and A. J. Demers. Flexible update propagation for weakly consistent replication. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles, pages 288-301, Saint Malo, France, October 1997. Google ScholarDigital Library
- J. I. Schiller and D. Atkins. Scaling the web of trust: combining Kerberos and PGP to provide large scale authentication. In Proceedings USENIX Winter 1995 Technical Conference, pages 93-94, New Orleans, LA, USA, January 1995.Google Scholar
- D. B. Terry, A. J. Demers, K. Petersen, M. J. Spreitzer, M. M. Theimer, and B. B. Welch. Session guarantees for weakly consistent replicated data. In Proceedings of 3rd International Conference on Parallel and Distributed Information Systems, pages 140-9, Austin, TX, USA, September 1994. Google ScholarDigital Library
- Deferring trust in fluid replication
Recommendations
Branch replication scheme: A new model for data replication in large scale data grids
Data replication is a practical and effective method to achieve efficient and fault-tolerant data access in grids. Traditionally, data replication schemes maintain an entire replica in each site where a file is replicated, providing a read-only model. ...
Comments