Distributed Systems

Document Sample
Distributed Systems Powered By Docstoc
					       Chapter Two
Distributed System Models
    Objectives


To Learn the deferent models of Distributed
 System.
Recap

Definition of DS
Examples of DS
DS Advantages
Challenges of the design
  Heterogeneity
  Openness
  Security
  Scalability
  Failure handling
  Concurrency
  Transparency
System Models

  Architectural model
    Client-server model
    Multiple servers model
    Proxy servers model
     Peer Process model
  Fundamental model
    Interaction model
    Failure model
    Security model
System Models

  Architectural models
    Are concerned with the placement of its
     parts (components) and the relationships
     between them
  Fundamental model
    Are concerned with a more formal
     description of the properties that are
     common in all of architecture model
    Introduction


•    Why do we need model?
     –   Each model is intended to provide an abstract, simplified but consistent
         description of a relevant aspect of distributed system design
•    Architecture model
     –   defines the way in which the components of systems interact with one another
         and the way in which they are mapped onto the underlying network of
         computers
     –   Client/Server vs. Peer to Peer
     –   variants of C/S
            partition of data or replication as cooperating servers
            caching of data by proxy servers and clients
            use of mobile code and mobile agents
            requirement to add and remove mobile devices in a convenient manner
    Introduction …continued

•     Fundamental model
      –   concerned with a more formal description of the properties that are common in
          all of the architectural models
      –   The interaction model deals with performance and with the difficulty of
          setting time limits in a distributed system
      –   The failure model attempts to give a precise specification of the faults
          that can be exhibited by processes and communication channels
      –   The security model discusses the possible threats to processes and
          communication channels
Software and hardware service layers in distributed systems



                  Applications, serv ic es



                       Middleware




                    Operating s y stem
                                                    Platf orm

              Computer and network hardware
    Software layer

•   Software and hardware service layers in distributed systems

•   Platform
    – The lowest-level hardware and software layers, e.g., Intel
       x86/Windows, SPARC/SunOS, PowerPC/MacOS
•   Middleware
    – A layer of software, mask heterogeneity, provide a convenient
       programming model to application programmers
    – Examples: RPC, RMI, CORBA, DCOM, Isis(group
       communication system)
    System architectures


•     What is system architecture?
      –   The division of responsibilities between system components
          (applications, server and other processes) and the placement of the
          components on computers in the network
•     Main distributed system architectures
1. Client-Server model
    – Be Historically the most important and remain the most widely employed
    – Servers may in turn be clients of other servers
2. Services provided by multiple servers
    – Partition the set of service objects on different servers, e.g. workflow
         system
    – Maintain replicated service objects on several hosts, e.g. Sun NIS
3. Proxy servers and caches
    – A cache is a store of recently used data objects that is closer than the
         objects themselves
    – E.g., web page cache at web browser or web proxy server
Clients invoke individual servers



   Client    inv ocation                        inv ocation           Serv er


             res ult                               res ult
                           Serv er



   Client
                           Key :
                                   Proc es s:                 Computer:
A service provided by multiple servers

                               Serv ic e



                               Serv er

         Client


                               Serv er


         Client
                               Serv er
Example of client Server Architecture Model (WEB)




Browsers are clients of DNS and web servers (HTTP). Some intranets
are configured to interpose a Proxy server. Proxy servers fulfil several
purposes – when they are located at the same site as the client, they
reduce network delays and network traffic.
When they are at the same site as the server, they form a security
checkpoint and they can reduce load on the server.
Try it for EMAIL
Web proxy server



  Client                     Web
                             serv er
                   Prox y
                   serv er


  Client                     Web
                             serv er
proxy server model

 proxy server’s main function is to receive a request from client
  web browser, perform that request and return the results to the
  browser
 proxy server: a shared cache of resources
 Cache: a close store of recently used data
   Considerably increases performance in many applications
   Requires cache coherence protocol
 Caching documents means keeping a local copy of internet
  documents, so that the server doesn’t need to request them over and
  over again.
 proxy server model
   Distinguish between buffering and caching.
 Buffering: a technique for storing data transmitted from a sending process to a
  receiving process in local memory or secondary (disk) storage until the
  receiving process is ready to consume it. For example, when reading data
  from a file or transmitting messages through a network, it is beneficial to
  handle it in large blocks.
 Caching: a technique for optimizing access to remote data objects by holding
  a copy of them in local memory or secondary (disk) storage. Accesses to
  parts of the remote object are translated into accesses to the corresponding
  parts of the local copy. Unlike buffering, the local copy may be retained as
  long as there is local memory available to hold it. A cache management
  algorithm and a release strategy are needed to manage the use of the
  memory allocated to the cache. (If we interpret the word ‘remote’ in the sense
  of ‘further from the processor’, then this definition is valid not only for client
  caches in distributed systems but also for disk block caches in operating
  systems and processor caches in cpu chips.)
Advantage of proxy servers

All external access can be forced to go throuth the
 proxy, which therefore creates a single access and
 control point. A proxy server will have to run on a
 fast machine in order to be able to process all the
 request quickly.
Requests for certain sites can be restricted or
 banned. Thus, provides a safer internet
 environment.
Only the IP address of the proxy will be known to
 outsiders, thereby preventing attacks from knowing
 all the IP address of internal machines.
A distributed application based on peer processes


  Application                         Application

 Coordination                         Coordination
    code                                 code




                    Application

                   Coordination
                      code
Web applets

a) client reques t results in the downloading of applet code


                        Client                                  Web
                                                               serv er
                                          Applet code


b) client interacts with the applet


                                                                Web
                   Client        Applet                        serv er
Thin clients

 In a thin client network, the majority of application processing
  is carried out at the server rather than by the individual client.
  Here, clients act as terminals that provide access to
  application and data held on servers. Applications are held
  centrally, with clients accessing them across the network.

 This may only process keyboard input and screen output
  while leaving all application processing to the server. This
  setup generally requires no hard drive for the terminals,
  CDROM drive and even a floppy drive. Though, terminals
  here are unusable if disconnected from the network.
Thin clients

The thin client approach involves much more
 than simply replacing PCs with terminals: it
 represents a server based approach to
 networking,     software  architectures and
 application deployment.

As with any network environment, maintaining a
 thin client network requires careful planning and
 a high level of technical expertise.
Thin clients and compute servers
                                                  Compute server
Network computer or PC


         Thin               network                  Application
         Client                                       Process



  Thin clients- a software that supports a window based user interface
  on a computer that is local to the user while execution application
  programs on a remote computer. (diskless)
Thin Client Technologies
   Microsoft Windows Terminal Services
   ➢ Citrix Metaframe
   ➢ National Semiconductor
   ➢ NeoWare Thin Client Appliances
   ➢ Wyse Technology
   ➢ Sun Ray Appliance
   ➢ Novell Netware
   ➢ Netilla Service Platform
   ➢ Laplink 2000
   ➢ Tarantella
   ➢ PC Anywhere
   ➢ AT&T VNC
   ➢ NetTerminal
   ➢ Netboot
   ➢ Netstation
   ➢ Linux Terminal Server Project
Benefits

Lower total cost of ownership
 Easy software installation, upgrade,
 uninstallation and maintenance
Centralized support, control access and
 administration
Fewer security risk
Leverages existing infrastracture
Lower energy consumption
Access of software applications anywhere
Fundamental model

     Interaction model
       • Composed of process that communicate with one
         another by sending message
     Failure model
       • Reliability and performance of process and
         networks
     Security model
       • Security of resources
variations of the interaction model
Two variations of the interaction model
  Synchronous DS
   Most of multimedia and real time applications
   Video conferences and E-learning
  Asynchronous DS
   Not a time constraint applications
   Text based applications
   Text based applications: FTP, Email, news etc
Real-time ordering of events

    send                                       rec eiv e      rec eiv e
X
    1          m1                                  4
                                       m2
                       send
                                                                   rec eiv e
Y          2            3                                                                  Phy s ic al
           rec eiv e                                                                        tim e


                                                       send
Z
                       rec eiv e   rec eiv e


                                                              m3      m1       m2
A
                                                           rec eiv e rec eiv e rec eiv e
     t1                   t2                                t3
Failure Model

Classified type of errors or failures
3 types of failures
 Omission failures
    Process omission failures
    Communication omission failure
 Arbitrary failures
 Timing failures
Variations on client-server model

Mobile code
Mobile agent (can have serious
 security problems)
Network Computers
Thin client
    Variations on the client-server model

•     Reasons of variation
      –   The use of mobile code and mobile agents
      –   Users need for low-cost computers with limited hardware resources
      –   The requirement to add and remove mobile devices in a convenient manner
• Several variations:
1. Mobile code
    – good interactive response, e.g., applet
2. Mobile agent
    – A running program that travels from one computer to another in a
        network carrying out a task on someone’s behalf, e.g., agilet[IBM],
        worm[Xerox PARC]
3. Network Computers
    – Download its operating system and any application software from a
        remote file server
    – All the application data and code is stored by a file server, so users
        may migrate
 Variations on the client-server model … continued

4. Thin client
    – A software layer that supports a window-based user interface on a
         computer that is local to the user while executing application programs on
         a remote computer
    – Drawback : high latencies
    – Implementation: X-11, VNC[AT&T 1998]
5. Spontaneous networking
    – The form of distribution that integrates mobile devices and other devices
         into a given network
    – Key features: easy connection to a local network, easy integration with
         local services
    – Key design issues
           Convenient connection and integration
           Limited connectivity: mobile device move around continuously, disconnection
           Security and privacy
           Discovery Services: registration service, lookup service
Mobile Code

 mobile code is software transferred between systems, e.g.
  transferred across a network or via a USB flash drive, and
  executed on a local system without explicit installation or
  execution by the recipient. Examples of mobile code include
  scripts (JavaScript, VBScript), Java applets, ActiveX controls,
  Flash animations.
 Mobile code can also download and execute in the client
  workstation via email. Mobile code may download via an
  email attachment (e.g., macro in a Word file) or via an HTML
  email body (e.g., JavaScript).
 In almost all situations, the user is not aware that mobile code
  is downloading and executing in their workstation
Variations on client-server model

 Give some examples of faults in hardware and software that
  can/cannot be tolerated by the use of redundancy in a
  distributed system. To what extent does the use of redundancy
  in the appropriate cases make a system fault-tolerant?
Solution
 • Hardware faults - processors, disks, network connections can
  use redundancy e.g. run process on multiple computers, write
  to two disks, have two separate routes in the network available.
 • Software bugs, crashes. Redundancy is no good with bugs
  because they will be replicated. Replicated processes help with
  crashes which may be due to bugs in unrelated parts of the
  system. Retransmitted messages help with lost messages.
  Spontaneous networking in a hotel

                                                Music
                                                service           Alarm
                  gateway                                        service
     Internet


                               Hotel wireless
                               network
      Discovery
       service
                                                               Camera


                       TV/PC                                               Guests
                                                 Laptop      PDA
                                                                           devices
Features of Spontaneous networking:
1. Easy connection to a local network- wireless link, devices is transparently
   reconfigure to obtain connectivity
2. Easy integration of with local services- devices discover automatically what
   services are provided there (discovery service)
Processes and channels

proces s p                                                       proces s q

        send      m                                                       receive



                                     Communic ation c hannel
             Outgoing m ess age buff er                        Inc oming mess age buff er
Omission and arbitrary failures
  Class of failure         Affects      Description
  Fail-stop               Process       Process halts and remains halted. Other processes may
                                        detect this state.
  Crash                   Process       Process halts and remains halted. Other processes may
                                        not be able to detect this state.
  Omission                Channel       A message inserted in an outgoing message buffer never
                                        arrives at the other end’s incoming message buffer.
  Send-omission           Process       A process completes a send, but the message is not put
                                        in its outgoing message buffer.
  Receive-omission Process              A message is put in a process’s incoming message
                                        buffer, but that process does not receive it.
  Arbitrary               Process       Process/channel exhibits arbitrary behaviour: it may
  (Byzantine)               or          send/transmit arbitrary messages at arbitrary times,
                          channel       commit omissions; a process may stop or take an
                                        incorrect step.
2. Arbitrary (Byzantine) failures
      –the worst possible failure semantics
      –Arbitrarily omit intended processing steps or take unintended processing steps. E.g., return a wrong value
      in response to an invocation
      –Arbitrary failures in process is hard to be detected, Arbitrary failures in communication channel exist but
      rare, by recognize and reject the faulty msgs
Timing failures

Class of Failure   Affects   Description
Clock              Process   Process’s local clock exceeds the bounds on its
                             rate of drift from real time.
Performance        Process   Process exceeds the bounds on the interval
                             between two steps.
Performance        Channel   A message’s transmission takes longer than the
                             stated bound.
Masking failures

Reliable Communication?

  Validity: any message in the outgoing
   message buffer is eventually delivered
   to the incoming message buffer
  Integrity: the message received is
   identical to one sent, and no duplicate
   message
 Objects and principals

                                                             Ac cess rights        Object
                                inv ocation

       Client
                                   res ult                             Serv er



   Princ ipal (user)                     Network           Princ ipal (s erv er)




•Principal: the authority that is associated with each invocation and each result.
•Authentication
•Access rights: rules that specify who is allowed to perform the operations of an object
Security model

A DS can be secured by securing processes,
 channels & object
  Process security
  Channel security
  Mobile code security
  Denial of Service attack (a type of attack on a network that
   is designed to bring the network to its knees by flooding it
   with useless traffic. )


Security threats can be defeated by
  Authentication and authorization
  Cryptography
The enemy
 –Threats to processes
     To servers: invocate with a false identity, e.g. cheating a mail server
     To clients: receive false result, e.g. stealing account password
 –Threats to communication channels
     Copy, alter or inject messages
     Save and replay, e.g., retransfer money from one account to another
 –Denial of service: excessive and pointless invocation on services or
 message transmissions in a network, resulting in overloading of physical
 resources (network bandwidth, server processing capacity)
 –Mobile code: malicious mobile program, e.g. Trojan horse attachment

                       Copy of m
                                      The enemy
                                                        m’
    Process p           m                                             Process q
                                Communication channel
Secure channels
•Defeating security threats
    –Cryptography and shared secrets
       Identify each other by the shared secrets that are only known by
       themselves. Cryptography is the base.
   –Authentication – proving the identities supplied by their senders
   –Secure channels
       Each process knows reliably the identities of the principal on whose behalf
       the other process is executing
       Ensure the privacy and integrity of the data transmitted across it
       Each message includes physical or logical time stamp

   Principal A                                                             Principal B


    Process p                   Secure channel                     Process q
Summary

 Distributed System Models
   Architectural model
     • Client-server model
     • Multiple servers model
     • Proxy servers model
     • Peer Process model
   Fundamental model
     • Interaction model
     • Failure model
     • Security model

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:8
posted:9/12/2012
language:Unknown
pages:43