Embed Size (px)
DESCRIPTION
3 Chapter 2: System Models From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design Edition 3, © Addison-Wesley 2001
Citation preview
1
Distribuerede systemer og sikkerhed – 7. februar 2002
From Coulouris, Dollimore and KindbergDistributed Systems:
Concepts and DesignEdition 3, © Addison-Wesley 2001
Presentation based on slides for the book:
Slides modified by Jens B Jorgensen, University of Aarhus
2
Instruktorer
Hold 1: Onsdag 8-11, lokale 1-532-316, Lisa Wells.
Hold 2: Mandag 12-15, H2.28, Thomas Ljungberg (Thomas Mailund vikar 11/2).
Hold 3: Torsdag 11-14, lokale 1-532-316, Thomas Mailund.
Hold 4: Torsdag 11-14, lokale 1-521-228, Thomas Ljungberg (Thomas Pedersen vikar 14/2).
Hold 5: Onsdag 9-12, Kollokvium G4, Thomas Pedersen.
3
Chapter 2: System Models
From Coulouris, Dollimore and KindbergDistributed Systems:
Concepts and DesignEdition 3, © Addison-Wesley 2001
4
System models – what and why?
System model: Abstract, consistent description of a relevant aspect of a
distributed system. Description of the main entities of a system and their
interaction, and individual and collective behaviourAid for design, analysis, discussion, etc.
Make assumptions explicit. Investigate what is possible or impossible.
5
Architectural and fundamental models
Architectural model: Description of the components of a system and the relationship between them.
Fundamental models: Description of properties that are common in architectural models: Interaction model. Failure model. Security model.
6
Architectural models
Describe the components of systems and their interaction; describe mapping of components to computers.
Define useful patterns for the distribution of data and workload.
Define the functional roles of components and the patterns of communication between them.
7
Architectural models – layered architecture
Applications, services
Computer and network hardware
Platform
Operating system
Middleware
8
Basic architectural models – client-server
Server
Client
Client
invocation
result
Serverinvocation
result
Process:Key:
Computer:
9
Basic architectural models – multiple servers
Server
Server
Server
Service
Client
Client
Partition set of objects orreplicate set of objects
10
Basic architectural models – proxy server and caching
Client
Proxy
Web
server
Web
server
serverClient
Cache: Store of recently used data objectscloser than the objects themselves
Proxy servers increase performance and availability
11
Basic architectural models – peer processes
Coordination
Application
code
Coordination
Application
code
Coordination
Application
code
12
Other architectural models – mobile code, web applets
a) client requests results in the downloading of applet code
Web server
ClientWeb serverApplet
Applet codeClient
b) client interacts with the applet
13
Other architectural models – spontaneous networking
Internet
gateway
PDA
service
Music service
serviceDiscovery
Alarm
Camera
Guestsdevices
LaptopTV/PC
Hotel wirelessnetwork
Easy connection and integration; limited connectivity; problems withsecurity and privacy; discovery service with registration and lookup.
14
Architectural models – design requirements
Performance issues: Responsiveness. Throughput. Balancing computational loads.
Quality of service: Reliability. Security. Performance. Adaptability.
Use of caching and replication. Dependability issues:
Correctness. Security. Fault tolerance.
15
Architectural models in practice
Often specified in UML, the Unified Modeling Language, e.g., as: Class diagrams. Object diagrams. Component diagrams. Deployment diagrams.
For more info, see www.uml.org
16
Fundamental models
Description of properties that are common in architectural models: Interaction model (performance/timing model?):
Performance of processes and communication channels, absence of a global clock, timing problems, …
Failure model: Failures of processes and communication channels, reliable communication, …
Security model: Possible threats to processes and communication channels, secure channels, …
17
Interaction model – basic issues
Performance of processes.Performance of communication channels:
Latency. Bandwidth. Jitter.
Computer clocks and timing events. Lack of global notion of time.
18
Interaction model – synchronous vs. asynchronous
Synchronous distributed systems – bounds on: Process execution speed. Message transmission delays. Local clock drift rates.
Asynchronous distributed systems – no bounds.
19
Interaction model – event ordering
send
receive
send
receive
m1 m2
2
1
3
4X
Y
Z
Physical time
Am3
receive receive
send
receive receive receivet1 t2 t3
receive
receivem2
m1
20
Failure model – basic issues
The ways in which failures in a distributed system may occur.
Types of failures: Arbitrary (Byzantine) failures. Omission failures. Timing failures.
21
Failure model – process omission failures
A process fails to perform actions that it is supposed to do.
Process omission failures: Crash. Fail-stop.
Use timeouts.
22
Failure model – communication omission failures
process p process q
Communication channel
send
Outgoing message buffer Incoming message buffer
receivem
Network transmission error Send-omission failure Receive-omission failure
23
Failure model – timing failures
Applicable in synchronous distributed systems.Bounds exceeded for:
Process execution time. Message transmission delay. Clock drift rate.
24
Failure model – remedies
Masking failures: Hiding failures. Converting failures into less severe ones.
Ensuring reliability of one-to-one communication: Validity: Any message sent is eventually delivered. Integrity: All messages received have been sent; no
messages are delivered twice.
25
Security model – basic issues
Protecting objects against unauthorized access. Specify who is allowed to perform which operations. Use access rights.
Securing processes and their interactions.Securing communication channels. Identifying threats.
26
Security model – objects and principals
Network
invocation
resultClient
Server
Principal (user) Principal (server)
ObjectAccess rights
27
Security model - enemies
Communication channel
Copy of m
Process p Process qm
The enemym’
An enemy is capable of sending any message to any process, and read or copy any message in transfer between a pair of processes
28
Security model – threats
Issues: Servers. Clients. Communication channels. Denial of service. Mobile code.
Remedies: Cryptography. Authentication. Secure channels.
29
Security model – secure channels
Principal A
Secure channelProcess p Process q
Principal B
30
Summary
Architectural models: Basic client-server. Multiple servers. Proxies and caching. Peer processes. …
Fundamental models: Interaction. Failure. Security.
