cern june 2008 large reliable and secure distributed
play

CERN, June 2008 large, reliable, and secure distributed online - PowerPoint PPT Presentation

Sep 07, 2023 •27 likes •1.05k views

CERN, June 2008 large, reliable, and secure distributed online storage harness idle resources of participating computers old dream of computer science The design of a world-wide, fully transparent distributed file system for simultaneous

  1. CERN, June 2008

  2. large, reliable, and secure distributed online storage harness idle resources of participating computers

  3. old dream of computer science

  4. “The design of a world-wide, fully transparent distributed file system for simultaneous use by millions of mobile and frequently disconnected users is left as an exercise for the reader.” A. Tanenbaum, Distributed Operating System, 1995

  5. lots of research projects OceanStore (UC Berkeley) Past (Microsoft Research) CFS (MIT)

  6. we were inspired by them wanted to make it work first step: closed alpha

  7. upload any file in any size access from anywhere share with friends and groups publish to the world

  8. free and simple application Win, Mac, Linux start from the web, no installation required start with 1 GB provided by us if you want more, you can trade or buy storage

  9. online storage with the “power of P2P” fast downloads no file size limit no traffic limit

  10. privacy all files are encrypted on your computer your password never leaves your computer so no one, not even we, can see your files

  22. how does it work?

  23. data stored in the p2p network users’s computer can be offline how to ensure availability (persistent storage)?

  24. two approaches 1. make sure the data is always in the network move the data when a computer goes offline bad idea for lots of data and high churn rate 2. introduce redundancy

  25. redundany = replication? p = node availability k = redundancy factor p rep = file availability

  26. redundany = replication? example p = 0.25 k = 5 not enough p rep = 0.763

  27. redundany = replication? example p = 0.25 k = 24 unrealistic p rep = 0.999

  28. erasure codes encode m fragments into n need any m out of n to reconstruct reed-solomon (optimal codes) RAID storage systems (vs. low-density-parity-check need (1+e) * m, where e is a fixed, small constant)

  29. availability p = 0.25 m = 100, n = 517, k = n/m = 5.17 p ec = 0.999 k = n/m = 5.17 vs. k = 24 using replication

  31. y d points x

  32. - 1

  33. - 1

  34. alice stores a file roadtrip.mpg

  35. alice drags roadtrip.mpg into wuala

  36. 1. encrypted on alice’s computer (128 bit AES)

  37. 1. encrypted on alice’s computer (128 bit AES) 2. encoded into redundant fragments

  38. 1. encrypted on alice’s computer (128 bit AES) 2. encoded into redundant fragments p2p network 3. uploaded into the p2p network

  39. 1. encrypted on alice’s computer (128 bit AES) 2. encoded into redundant fragments p2p network 4. m fragments uploaded onto our servers (boostrap, backup) 3. uploaded into the p2p network

  40. alice shares the file with bob alice and bob have friendship key alice encrypts file key and exchanges it with bob bob wants to download the file

  41. p2p network

  42. p2p network 1. download subset of fragments (m)

  43. p2p network if necessary, get the remaining fragments from our servers 1. download subset of fragments (m)

  44. 2. decode the file p2p network 1. download subset of fragments (m)

  45. 3. decrypt the file 2. decode the file p2p network 1. download subset of fragments (m)

  46. bob plays roadtrip.mpg 2. decode the file p2p network 1. download subset of fragments (m)

  47. p2p network

  48. maintenance p2p network

  49. maintenance alice’s computer checks and maintains her files p2p network

  50. maintenance alice’s computer checks and maintains her files if necessary, it constructs new fragments and uploads them p2p network

  51. maintenance alice’s computer checks and maintains her files if necessary, it constructs new fragments and uploads them p2p network

  52. maintenance alice’s computer checks and maintains her files if necessary, it constructs new fragments and uploads them p2p network

  53. p2p network

  54. put p2p network

  55. put get p2p network

  56. distributed hash table (DHT) put get p2p network

  57. super nodes

  58. storage nodes

  59. client nodes

  60. get

  61. get

  62. get

  63. get

  64. get

  65. download of fragments (in parallel)

  66. routing napster: centralized :-( gnutella: flooding :-( chord, tapestry: structured overlay networks O(log n) hops :-) n = # super nodes vulnerable to attacks (partitioning) :-(

  67. super node connected to direct neighbors plus some random links random links? piggy-pack routing information

  68. number of hops depends on size of the network (n) size of the routing table (R) which itself depends on the traffic we have lots of traffic due to erasure coding

  69. simulation results n = 10 6 R = 1,000: < 3 hops R = 100: ~ 5 hops reasonable already with moderate traffic

  70. small world effects (see milgram, watts & strogatz, kleinberg) regular graph high diameter :-( high clustering :-)

  71. small world effects (see milgram, watts & strogatz, kleinberg) regular graph random graph high diameter :-( low diameter :-) high clustering :-) low clustering :-(

  72. small world effects (see milgram, watts & strogatz, kleinberg) regular graph random graph mix high diameter :-( low diameter :-) low diameter :-) high clustering :-) low clustering :-( high clustering :-)

  73. routing table n = 10 9 , R = 10,000

  74. incentives, fairness prevent free-riding local disk space online time upload bandwidth

  75. online storage = local disk space * online time example: 10 GB disk space, 70% online --> 7 GB we have different mechanisms to measure and check these two variables

  76. trading storage only if you want to (you start with 1 GB) you must be online at least 17% of the time ( � 4 hours a day, running average) storage can be earned on multiple computers

  77. upload bandwidth the more upload bandwidth you provide, the more download bandwidth you get

  78. “client” storage node asymmetric interest tit-for-tat doesn’t work :-( believe the software? hack it (kazaa lite) :-(

  79. distributed reputation system that is not susceptible to false reports and other forms of cheating must scale well with number of transactions we have lots of small transactions due to erasure coding Havelaar, NetEcon 2006

  80. 1. lots of transactions “observations” Havelaar, NetEcon 2006

  81. 2. every round (e.g., a week) send observations to pre-determined neighbors (hash code) 1. lots of transactions “observations” Havelaar, NetEcon 2006

  82. 2. every round (e.g., a week) send observations to pre-determined neighbors (hash code) 3. discard ego-reports, median, etc. 1. lots of transactions “observations” Havelaar, NetEcon 2006

  83. 2. every round (e.g., a week) send observations to pre-determined neighbors (hash code) 3. discard ego-reports, median, etc. 4. next round, aggregate 1. lots of transactions “observations” Havelaar, NetEcon 2006

  84. 2. every round (e.g., a week) send observations to pre-determined neighbors (hash code) 3. discard ego-reports, median, etc. 4. next round, aggregate 1. lots of transactions 5. update reputation “observations” of storage nodes Havelaar, NetEcon 2006

  85. 2. every round (e.g., a week) send observations to pre-determined neighbors (hash code) 3. discard ego-reports, median, etc. 4. next round, aggregate 1. lots of transactions 5. update reputation “observations” of storage nodes rewarding: upload bandwidth proportional to reputation Havelaar, NetEcon 2006

  86. local approximation of contribution Havelaar, NetEcon 2006

  87. “client” storage node

  88. “client” storage node

  89. “client” storage node

  90. “client” storage node

  91. “client” storage node

  92. “client” storage node

  93. “flash crowd” “client” storage node

  94. content distribution similar to bittorrent “client” tit-for-tat some differences due to erasure codes

  95. encryption 128 bit AES for encryption 2048 bit RSA for authentication all data is encrypted (file + meta data) all cryptographic operations performed locally (i.e., on your computer)

  96. access control cryptographic tree structure untrusted storage doesn’t reveal who has access very efficient for typical operations (grant access, move, etc.) Cryptree, SRDS 2006

  97. vacation roadtrip.mpg switzerland.mpg videos europe.mpg root alice Cryptree, SRDS 2006

  98. bob doesn’t see that claire has also access and vice versa bob vacation roadtrip.mpg claire switzerland.mpg videos europe.mpg root alice Cryptree, SRDS 2006

  99. bob doesn’t see that granting access to this claire has also access and all subfolders takes and vice versa just one operation all subkeys can be bob derived from that parent key vacation roadtrip.mpg claire switzerland.mpg garfield videos europe.mpg root alice Cryptree, SRDS 2006

  100. demo

Recommend

Techniques for implementing &amp; running robust and reliable DB centric Grid Applications

Techniques for implementing &amp; running robust and reliable DB centric Grid Applications

Techniques for implementing &amp; running robust and reliable DB centric Grid Applications International Symposium on Grid Computing 2008 11 April 2008 Miguel Anjo , CERN Physics Databases CERN IT Department CH-1211 Genve 23 Switzerland

528 views • 27 slides
Focus Area: Secure and Reliable Secure and Reliable Computing Base Presenter: Sean Smith,

Focus Area: Secure and Reliable Secure and Reliable Computing Base Presenter: Sean Smith,

Trustworthy Cyber Infrastructure for the Power Grid Presentations Focus Area: Secure and Reliable Secure and Reliable Computing Base Presenter: Sean Smith, Dartmouth College TCIP Industry Day October 17, 2007 University of Illinois

310 views • 16 slides
Context : Deployment of secure and reliable energy management devices Issues : Large

Context : Deployment of secure and reliable energy management devices Issues : Large

ANOMALY DETECTION USING HARDWARE PERFORMANCE COUNTERS ON A LARGE SCALE IOT DEPLOYMENT Context : Deployment of secure and reliable energy management devices Issues : Large scale deployment Resources constrained IoT devices

413 views • 3 slides
2 GPT Strategy Focused on delivering secure, reliable returns Our Strategy We own and actively

2 GPT Strategy Focused on delivering secure, reliable returns Our Strategy We own and actively

2 GPT Strategy Focused on delivering secure, reliable returns Our Strategy We own and actively manage a diversified portfolio of quality Australian property assets , delivering long term benefits For our Investors We are a secure , reliable

820 views • 33 slides
2 Our Strategy Focused on delivering secure, reliable returns Our Strategy We own and actively

2 Our Strategy Focused on delivering secure, reliable returns Our Strategy We own and actively

2 Our Strategy Focused on delivering secure, reliable returns Our Strategy We own and actively manage a diversified portfolio of quality Australian property assets , delivering long term benefits For our Investors We are a secure , reliable

518 views • 32 slides
HEPiX spring 2008 - Organisation g Helge Meinhard / CERN-IT 05 May 2008 CERN IT Department

HEPiX spring 2008 - Organisation g Helge Meinhard / CERN-IT 05 May 2008 CERN IT Department

HEPiX spring 2008 - Organisation g Helge Meinhard / CERN-IT 05 May 2008 CERN IT Department CH-1211 Genve 23 Switzerland www.cern.ch/ i t Welcome A warm welcome to all of you by CERN and by the local organisers and by the local

393 views • 13 slides
Security of P2P Systems Faraz Makari March 6, 2008 Seminar on Advanced Topics in Distributed

Security of P2P Systems Faraz Makari March 6, 2008 Seminar on Advanced Topics in Distributed

Security of P2P Systems Faraz Makari March 6, 2008 Seminar on Advanced Topics in Distributed Computing WS 07/08 MPI-SWS (Saarland University), Petr Kuznetsov Motivation 1. Introduction 2. Secure Routing 3. Fairness and trust 4. Secure

989 views • 77 slides
Multiparty Session Types and their Applications to Large Distributed Systems Nobuko Yoshida and

Multiparty Session Types and their Applications to Large Distributed Systems Nobuko Yoshida and

Multiparty Session Types and their Applications to Large Distributed Systems Nobuko Yoshida and Raymond Hu Imperial College London 1 Session Type Projects COST Action Behavioural Types for Reliable Large-Scale Software Systems , over 60

696 views • 44 slides
SINDES Secure INformation DElivery System Poulhis Marc marc.poulhies@cern.ch CERN/EPFL

SINDES Secure INformation DElivery System Poulhis Marc marc.poulhies@cern.ch CERN/EPFL

SINDES Secure INformation DElivery System Poulhis Marc marc.poulhies@cern.ch CERN/EPFL CERN-IT-FIO group meeting p. 1/17 Outline Motivations Previous system New system General overview Getting a certificate

596 views • 31 slides
Speeding-up Large-Scale Storage with Non-Volatile Memory CERN openlab Open Day 10 June 2015 KL

Speeding-up Large-Scale Storage with Non-Volatile Memory CERN openlab Open Day 10 June 2015 KL

Speeding-up Large-Scale Storage with Non-Volatile Memory CERN openlab Open Day 10 June 2015 KL Yong Sergio Ruocco Data Center Technologies Division about DSI DSI vision Founded in 1992, DSI vision is to be a vital node in a global

276 views • 13 slides
Apache Flink Fast and Reliable Large-Scale Data Processing Fabian Hueske @fhueske 1 What is

Apache Flink Fast and Reliable Large-Scale Data Processing Fabian Hueske @fhueske 1 What is

Apache Flink Fast and Reliable Large-Scale Data Processing Fabian Hueske @fhueske 1 What is Apache Flink? Distributed Data Flow Processing System Focused on large-scale data analytics Real-time stream and batch processing Easy and

667 views • 39 slides
Ensuring a secure, reliable and efficient Power System in a Changing Environment Delivering a

Ensuring a secure, reliable and efficient Power System in a Changing Environment Delivering a

Ensuring a secure, reliable and efficient Power System in a Changing Environment Delivering a Secure Sustainable Power System 17 th August 2011 Outline Agenda Chair: Dick Lewis, Manager, Grid Operations Planning 10.00 a.m. Registration (Tea

833 views • 70 slides
Dual-WAN 3G / ADSL2+ &amp; Secure On-the-go Router Series June 2008 Updated V. 062008 Usage

Dual-WAN 3G / ADSL2+ &amp; Secure On-the-go Router Series June 2008 Updated V. 062008 Usage

Stay Connected Dual-WAN 3G / ADSL2+ &amp; Secure On-the-go Router Series June 2008 Updated V. 062008 Usage Suggestion This presentation document containing competition information is ideally created for the purpose of pre-sell training to

631 views • 38 slides
Introduction From 1975 till 2005: Computing Science at CERN (www.cern.ch) Developing HPC

Introduction From 1975 till 2005: Computing Science at CERN (www.cern.ch) Developing HPC

Introduction From 1975 till 2005: Computing Science at CERN (www.cern.ch) Developing HPC distributed computing solutions for HEP Including EU-DataGrid and EGEE, foundation for the present LHC distributed computing Grid infrastructure

727 views • 36 slides
SDC DB Support for Distributed Computing PanDAMon Integration in CMS Workshop on Analysis

SDC DB Support for Distributed Computing PanDAMon Integration in CMS Workshop on Analysis

SDC DB Support for Distributed Computing PanDAMon Integration in CMS Workshop on Analysis Tools Development May 16 th 2013 Nicol Magini CERN IT-SDC-OL CERN IT Department CH-1211 Geneva 23 date Author etc Switzerland www.cern.ch/i t

474 views • 15 slides
Everything is Quantum The EU Quantum Flagship Our mission is to keep KPN reliable &amp; secure

Everything is Quantum The EU Quantum Flagship Our mission is to keep KPN reliable &amp; secure

Everything is Quantum The EU Quantum Flagship Our mission is to keep KPN reliable &amp; secure and trusted by customers, partners and society part of the vital infra of NL Contents Whats the problem? Whats everyone up to? Are

527 views • 33 slides
Cryptocurrencies Outline and Distributed Electronic payments Consensus Secure transactions

Cryptocurrencies Outline and Distributed Electronic payments Consensus Secure transactions

Cryptocurrencies and Distributed Consensus May 2019 Cryptocurrencies Outline and Distributed Electronic payments Consensus Secure transactions Secure execution: contracts PROF. DR. IR. BART PRENEEL COSIC KU LEUVEN, BELGIUM AND IMEC

248 views • 21 slides
CERN OpenStack Cloud Control Plane *From VMs to K8s* OpenStack Summit - Shanghai 2019 Belmiro

CERN OpenStack Cloud Control Plane *From VMs to K8s* OpenStack Summit - Shanghai 2019 Belmiro

CERN OpenStack Cloud Control Plane *From VMs to K8s* OpenStack Summit - Shanghai 2019 Belmiro Moreira - @belmiromoreira Spyridon Trigazis - @strigazi CERN - Large Hadron Collider (LHC) CERN - Large Hadron Collider (LHC) CERN: Compact Muon

697 views • 35 slides
Server Life-cycle Management with Ironic at CERN Arne Wiebalck &amp; Surya Seetharaman CERN

Server Life-cycle Management with Ironic at CERN Arne Wiebalck &amp; Surya Seetharaman CERN

From Hire to Retire! Server Life-cycle Management with Ironic at CERN Arne Wiebalck &amp; Surya Seetharaman CERN Cloud Infrastructure Team CERN and CERN IT in 1 Minute ... Understand the mysteries of the universe! Large Hadron Collider

311 views • 28 slides
Motivation Large-scale distributed systems becoming more common multiple datacenters, cloud

Motivation Large-scale distributed systems becoming more common multiple datacenters, cloud

Census: Location-Aware Membership Management for Large-Scale Distributed Systems James Cowling Dan R. K. Ports Barbara Liskov Raluca Ada Popa Abhijeet Gaikwad* MIT CSAIL *cole Centrale Paris Motivation Large-scale distributed systems

606 views • 48 slides
Optics solutions for the PS2 ring Y. Papaphilippou CERN February 7 th , 2008 Contributors

Optics solutions for the PS2 ring Y. Papaphilippou CERN February 7 th , 2008 Contributors

John Adams Institute Lecture Optics solutions for the PS2 ring Y. Papaphilippou CERN February 7 th , 2008 Contributors W. Bartmann , M. Benedikt, C. Carli, J. Jowett (CERN) Acknowledgements G. Arduini, R. Garobi, B. Goddard, S.

468 views • 30 slides
Unreliable Failure Detectors for Reliable Distributed Systems Mikel Larrea Departamento de

Unreliable Failure Detectors for Reliable Distributed Systems Mikel Larrea Departamento de

Unreliable Failure Detectors for Reliable Distributed Systems Mikel Larrea Departamento de Arquitectura y Tecnologa de Computadores UPV / EHU Contents References Introduction System Model Failure Detectors Reliable Broadcast The

539 views • 28 slides
CLOUD DELIVERY OF ATSC 3.0 VIA SECURE RELIABLE TRANSPORT JOE SECCIA, PRINCIPAL ARCHITECT

CLOUD DELIVERY OF ATSC 3.0 VIA SECURE RELIABLE TRANSPORT JOE SECCIA, PRINCIPAL ARCHITECT

CLOUD DELIVERY OF ATSC 3.0 VIA SECURE RELIABLE TRANSPORT JOE SECCIA, PRINCIPAL ARCHITECT TELEVISION TRANSMISSION CONNECTING WHATS NEXT MOTIVATION (1) Evolving to NextGen TV is unlike the NTSC DTV conversion. Channel sharing

645 views • 25 slides
Secure, Reliable &amp; Proven Application Performance Management for the Enterprise Web

Secure, Reliable &amp; Proven Application Performance Management for the Enterprise Web

Secure, Reliable &amp; Proven Application Performance Management for the Enterprise Web Performance Matters to the Business Your organization depends on your web applications to do business from customer facing eCommerce, banking or travel

281 views • 6 slides

More recommend