1 / 73

Resource Access and Management System

This tutorial introduces a system for managing resource access rights, permissions, and virtualized naming within a distributed environment. Key features include permission setting, name virtualization, and resource identification techniques. Learn how to control access, describe access rights, and handle resource naming effectively.

vivian-kirkland
Télécharger la présentation

Resource Access and Management System

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Client Utility Tutorial Hewlett-Packard Confidential

  2. Kernel Applications Physical Resources e.g., CPU time slice, disk NT/Unix - “OS for Devices” Operating System Hewlett-Packard Confidential

  3. Core Kernel Kernel Kernel Applications Physical Resources e.g., CPU time slice, disk CUSP - “OS for the Internet” Services Information and Services Resources (sub-services) e.g., location, brokering, provisioning, monitoring, security, billing, management CUSP Operating System Hewlett-Packard Confidential

  4. Resource Access Standard Resource Model Legacy Resource Abstraction (eg: NTFS) Basic Services Interrupt Scheduling Handling Memory Timer Services Management Legacy OS Hewlett-Packard Confidential

  5. Hewlett-Packard Confidential

  6. System Structure • Collection of Logical Machines • Logical Machine • Active entity - Core • Passive entity - Repository • Mailbox metaphor for requests to Core Hewlett-Packard Confidential

  7. Fundamentals • Every resource registered with Core • Tasks access resources by name • Core associates name with resource metadata • Each task has an outbox connected to the Core • Outgoing message has envelope and payload • Each task has zero or more inboxes • Incoming message has envelope and payload Hewlett-Packard Confidential

  8. A First Request App API Core Router Repository Hewlett-Packard Confidential

  9. Open a File • Construct outbox envelope and append payload • Name field - (/mydoc.txt) • Payload - (open rw /mydoc.txt) • Look up /mydoc.txt • Finds resource description in repository • Forwards to designated resource proxy Name: /mydoc.txt Payload: open rw /mydoc.txt Hewlett-Packard Confidential

  10. Problem How can a resource owner control access without needing to authenticate a large number of potential users? How can a task describe the access rights it wants to use for a particular request? Use keys to unlock permissions Hewlett-Packard Confidential

  11. Extracting Access Rights App API Core Permission Router Repository Hewlett-Packard Confidential

  12. Setting Up Permissions • Inserted by resource owner • Recorded with resource metadata in repository • (Lock,Permission) pair • Permission forwarded if lock opened Hewlett-Packard Confidential

  13. Request with Access Rights • Outbox envelope includes collection of keys • Key rings - (mykeys) • Name field - (/mydoc.txt) • Payload - (open rw /mydoc.txt) • Inbox envelope gets permissions • Name: /mydoc.txt • Permissions: read,write • Payload: open rw /mydoc.txt Hewlett-Packard Confidential

  14. Problem How can a task find its “stuff” no matter where it runs? Virtualize names All names are personal to task Core identifies actual resource being referenced Hewlett-Packard Confidential

  15. Name Virtualization App API Core Naming Permission Name Space Name Space Router Repository Hewlett-Packard Confidential

  16. Name Virtualization • Construct outbox envelope • Name field - (/boss_is_dumb) • Label - (/boss_is_smart) • Payload - (open rw /boss_is_smart) • Name manager looks up name in Name Space • Finds resource description in repository • Forwards to resource proxy Name: X928 Label: /boss_is_smart Permissions: read,write Payload: open rw /boss_is_smart Hewlett-Packard Confidential

  17. Problem How does the resource proxy know what resource is being accessed if there is no common name? The resource metadata has a field for resource specific data Hewlett-Packard Confidential

  18. Resource Identification • Construct outbox envelope • Name field - (/resume.txt) • Label - (/doc.txt) • Payload - (open rw /doc.txt) • Name manager looks up /resume.txt in repository • Forwards to resource proxy Name: G3965 Label: /doc.txt Resource data: /u/karp/report.txt,read,write Payload: open rw /doc.txt Hewlett-Packard Confidential

  19. Problem How can one task put a name into another task’s name space while avoiding accidental name conflicts? Give name spaces structure Hewlett-Packard Confidential

  20. Typical Name Space Structure InboxFrame MyDefaultFrame FrameB FrameA MyNameSpace=(MyDefaultFrame,InboxFrame,FrameA,FrameB) Hewlett-Packard Confidential

  21. Name Space Structure • Name space an ordered list of frames • Frames hold collections of name associations • Core looks for names in designated order • Unique frame for each mailbox • Delivery associates names in inbox frame • Receiver can rename or move entries • Name spaces and frames are resources Hewlett-Packard Confidential

  22. Problem How can two or more tasks share a set of names? Each has a name for the same frame Hewlett-Packard Confidential

  23. Sharing Names Hewlett-Packard Confidential

  24. Problem How can the core begin the name look-up procedure? Use default frame as anchor Hewlett-Packard Confidential

  25. Name Look-up Procedure • Outbox has associated frame • Look for default name space • Use mandatory key ring • Find name mapping for name space • Find name mapping for key rings • Step through frames looking for names Hewlett-Packard Confidential

  26. Problem How can an administrator know what’s going on? Record resource access requests Hewlett-Packard Confidential

  27. Structure of the CU Core Monitor Data Base App API Core Monitor Naming Permission Name Space Name Space Router Repository Hewlett-Packard Confidential

  28. Monitor • Monitor records all requests • Database is a resource like any other • Requests to database specify keys • Monitoring task has a different set of keys • Management task has keys to change repository entries Hewlett-Packard Confidential

  29. Problem How can a task add name bindings to its protection domain? Describe resource Hewlett-Packard Confidential

  30. Resource Look-up • Attribute-based look-up get {DOC=“CU Architecture”,VER=3.8}, bind to /cuarch.doc in frame CUArch • Search repository for matches • Use designated arbitration if many found • Error return if no matches Hewlett-Packard Confidential

  31. What can be done if no attribute grammar can describe a new kind of resource? Make grammar a resource that can be specified with the attributes Problem Hewlett-Packard Confidential

  32. Attribute Grammars • Define a new grammar and register it with Core • Built up out of Core supplied components • Data types: integer, string, etc. • Comparisons: equal, greater than, longer, etc. • Logic: AND, OR • Other: valid names, required, bounds • Name grammar in a resource description or as part of a look-up request Hewlett-Packard Confidential

  33. Attribute Grammar Grammar Toolkit ShoeSizeGrammar Size=int, > 6, <12 Width=char,From(A,B,C,D,E) Hewlett-Packard Confidential

  34. Grammar Matching Rules • Each grammar has matching rules for each field • Can match fields in other grammars • Service can translate between grammars Hewlett-Packard Confidential

  35. Problem How do machines share resources Connect with DRIP Hewlett-Packard Confidential

  36. Distributed Resource Interchange Protocol • Agree on a connection mode (TCP, IR) • Agree on a DRIP version • Mutually authenticate • Derive session key (optional) • Set up proxy for other machine • Exchange resource descriptions • Register in each Core repository with proxy as handler Hewlett-Packard Confidential

  37. Connecting Two Machines Hewlett-Packard Confidential

  38. Problem How does a task use a resource from another machine? The same way it uses any other resource Hewlett-Packard Confidential

  39. Using a Remote Resource Request Reply Hewlett-Packard Confidential

  40. Using a resource from another machine • Get a name association (transfer or look-up) • Specify name in outbox envelope • Core forwards to proxy as handler • Proxy forwards request over the wire • Proxy on owning side names resource in its outbox envelope • Its Core routes request to handler • Reply sent back along same path Hewlett-Packard Confidential

  41. Problem How can an application limit what it might find? How can the application speed up searches? Use views into the repository Hewlett-Packard Confidential

  42. Specifying a Look-Up My Stuff His Stuff Her Stuff Default Hewlett-Packard Confidential

  43. Repository Views • Any task can create a repository view • View for “MyStuff” • Proxy uses view for imported resources • Registered resources can be added • Name association for repository view can be given out • Look-up names an ordered list of repository views • Default view contains all resources Hewlett-Packard Confidential

  44. Must resource descriptions be pushed or can they be pulled? Repository view may specify an extended look-up handler Problem Hewlett-Packard Confidential

  45. HerHandler HisHandler Extending a Look-up My Stuff His Stuff Her Stuff Hewlett-Packard Confidential

  46. Extending a Look-up • Repository view specifies task to continue look-up • If look-up fails, requester gets a partial binding • Core asked to complete binding • Examples • Proxy can pull resource description across wire • File system may register files on demand • If successful, requester gets name association Hewlett-Packard Confidential

  47. Finding a Machine • What if extended look-up fails? • Need to find a machine • Do a discovery at an advertising service • Get back one or more connection objects • Initiate connection and import desired resources Hewlett-Packard Confidential

  48. Problem How can applications that need additional resources ensure that they are available? Resource description points to other resources to be bound to names Hewlett-Packard Confidential

  49. Inheriting Resources Resource Metadata Inheritance Field (Application’s name, Repository Handle) (/word97,53384) (/times8.fnt,593) (/times12.fnt,4937) (/times16.fnt, 332) s s s Hewlett-Packard Confidential

  50. How does a user login to the system? Attribute based look-up of a Protection Domain Problem Hewlett-Packard Confidential

More Related