Decentralized naming in distributed computer systems

Designing a global character-string naming facility is an important and difficult problem in distributed systems. Providing global names--names that have the same meaning on any participating machine--is a vital step in welding a collection of individual computers into a single, coherent system. But the nature of large distributed systems makes it difficult to implement global naming with acceptable efficiency, fault tolerance, and security: network communication is costly, system components can fail independently, and parts of the system may belong to many autonomous and mutually-suspicious groups. Existing name service designs do not solve the problem in full; even the best current designs do not have the efficiency or capacity to name every object in a large system--they generally name only hosts or mailboxes, not files. This thesis introduces a new paradigm for name service called decentralized naming. Directories at different levels of the global naming hierarchy are implemented using different techniques. The uppermost (global) level employs conventional distributed name servers for scalability, while at lower (regional and local) levels, naming is handled directly by the managers of the named objects. The name mapping protocol uses multicast for fault tolerance and a specialized caching technique for efficiency. A capability system provides security against counterfeit replies to name lookup requests. The multicast name mapping technique is shown to have optimum resiliency, in the sense that whenever an object is accessible at all, it is accessible by name. An analytical model of cache performance is presented, is validated by comparison with measurements on a prototype implementation, and is used to set a limit on how large directories can grow before they must be treated as global rather than regional. The capability scheme is also analyzed: although it reduces both the efficiency and resiliency of name lookup, its impact can be made as small as desired by limiting the frequency with which security policy is allowed to change.

[1]  Ken Thompson,et al.  The UNIX time-sharing system , 1974, CACM.

[2]  Leslie Lamport,et al.  Time, clocks, and the ordering of events in a distributed system , 1978, CACM.

[3]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[4]  Jon Postel,et al.  File Transfer Protocol , 1985, RFC.

[5]  David R. Cheriton,et al.  Uniform Access to Distributed Name Interpretation in the V-System , 1984, ICDCS.

[6]  Paul V. Mockapetris,et al.  Domain names - implementation and specification , 1987, RFC.

[7]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[8]  Butler W. Lampson,et al.  A Global Authentication Service without Global Trust , 1986, 1986 IEEE Symposium on Security and Privacy.

[9]  Roger M. Needham,et al.  Grapevine: an exercise in distributed computing , 1982, CACM.

[10]  N. S. Barnett,et al.  Private communication , 1969 .

[11]  Bruce Walker,et al.  The LOCUS distributed operating system , 1983, SOSP '83.

[12]  D. W. Wall Mechanisms for broadcast and selective broadcast , 1980 .

[13]  Stephen E. Deering,et al.  Host extensions for IP multicasting , 1986, RFC.

[14]  Yogen K. Dalal,et al.  The clearinghouse: a decentralized agent for locating named objects in a distributed environment , 1983, TOIS.

[15]  Paul V. Mockapetris,et al.  Domain names - concepts and facilities , 1987, RFC.

[16]  Dan Walsh,et al.  Design and implementation of the Sun network filesystem , 1985, USENIX Conference Proceedings.

[17]  David R. Cheriton The V Kernel: A Software Base for Distributed Systems , 1984, IEEE Software.

[18]  Jack B. Dennis,et al.  Segmentation and the Design of Multiprogrammed Computer Systems , 1965, JACM.

[19]  Butler W. Lampson,et al.  Designing a global name service , 1986, PODC '86.

[20]  Stephen E. Deering,et al.  Host groups: a multicast extension for datagram internetworks , 1985, SIGCOMM '85.

[21]  Brian Randell,et al.  The newcastle connection or UNIXes of the world unite! , 1982, Softw. Pract. Exp..

[22]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[23]  Donald E. Knuth,et al.  The Early Development of Programming Languages. , 1977 .

[24]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[25]  Stephen E. Deering,et al.  Host groups: A multicast extension to the Internet Protocol , 1985, RFC.

[26]  E. F. Codd,et al.  Multiprogramming STRETCH: feasibility considerations , 1959, CACM.

[27]  Roger M. Needham,et al.  Experience with Grapevine: the growth of a distributed system , 1984, TOCS.

[28]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[29]  Douglas Brian Terry,et al.  Distributed name servers: naming and caching in large distributed computing environments , 1985 .

[30]  Stephen T. Kent,et al.  Security Mechanisms in High-Level Network Protocols , 1983, CSUR.

[31]  Willy Zwaenepoel,et al.  File access performance of diskless workstations , 1986, TOCS.

[32]  Willy Zwaenepoel,et al.  Distributed process groups in the V Kernel , 1985, TOCS.

[33]  David Reeves Boggs Internet broadcasting , 1982 .

[34]  Jerome H. Saltzer Naming and Binding of Objects , 1978, Advanced Course: Operating Systems.

[35]  David R. Cheriton,et al.  VMTP: a transport protocol for the next generation of communication systems , 1986, SIGCOMM '86.

[36]  Kenneth P. Birman,et al.  A Local Network Based on the UNIX Operating System , 1982, IEEE Transactions on Software Engineering.

[37]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[38]  John K. Ousterhout,et al.  Prefix Tables: A Simple Mechanism for Locating Files in a Distributed System , 1985, ICDCS.

[39]  Stephen Fox,et al.  A recovery algorithm for a distributed database system , 1983, PODS.

[40]  Anita K. Jones The Object Model: A Conceptual Tool for Structuring Software , 1978, Operating Systems.

[41]  Tom Kilburn,et al.  One-Level Storage System , 1962, IRE Trans. Electron. Comput..

[42]  P. G. Neumann,et al.  A general-purpose file system for secondary storage , 1965, Published in AFIPS '65 (Fall, part I).

[43]  Alan Brian Sheltzer Network transparency in an internetwork environment , 1985 .

[44]  John Kunze,et al.  A trace-driven analysis of the unix 4 , 1985, SOSP 1985.