CS 111

Scribe Note 12/03/2009

By HoJung Hwang, Wei Wong

 

Mainframes 1960s

 Data-intesive

Data optimization

Reliability

 

Clusters 1990s               

Beawulf

SGE (SUN GRID ENGINE)                                                          

IP Network

Can be heterogeneous (x86-64 is typical)

 

Clouds

 ¡°Clusters of Cluster¡±

Who controls the cloud?                           Security

Who pays?                                            Resource Management

(Political Issue)                              (technical issues)

 

Amazon EC2

Globus

 

Cloud Advantages over clusters/grids

-       Short-Term Commitment (capital investment savings)

-       Pay as you go

-       Can grow quickly as needed (fast scaling) varying demand

 

Cloud Disadvantages

-       Money ->¡± it all depends¡± – run the numbers vs. clusters

-       Privacy data confidentiality

        Encrypt data to & from the cloud

-       Network latency

-       Data transfer bottleneck

archiving

sneakernet style technology

-       Bugs (hard ones that crap up as you scale unsolved problems (if solving it cheaply)

[Conservatism is in order]

-   Other security Dos attack

                   Physical attack

-       Overload risk                                                  

  multiple suppliers

        societal risk    

        overload of data access-often biggest problem

        Scalable storage

 

Vendor Lock-In

Software Licensing  Big Bucks problem (licensing formulas)

                   Free software

                   (Problem : you take linux run it in cloud, don¡¯t distribute it)

 

 

-       Security Again

-       Simpler, easy to manage/understand

-       Prohibit ¡°bad¡± accesses accurately

-       Allow ¡°good¡± accesses accurately

 

Traditional Unix                         Origianl Unix

Ex) rwx  rwx  rwx                     User had 1 group

   User group other                   BDS   multiple groups

I can¡¯t run CS111 on dept servers because only root can create groups

ACLs Access Control Lists

Owner of a resource can specify access list

                               List of principals & their accesses

   $getfacl   (simple ACL)                    $setfacl

    user::rwx

    group::r-x

    other::r-x

 

ACL key idea

      Make sure default ACLs are fight when a resource is created

$ Sudo

#cd /bad/gu

#ls

 

Role-Based Access Control (RBAC)

e.g. backup

     power off

     change grades

 

For each user: which roles can they assume?

 

Mechanisms for enforcing access control

-   ACLs etc.. each resource has an ACL (controlled by OS) attached to it

                all access mediated by OS (syscall)

-       Capabilities: each principal has a  ¡°RCL¡± set of capabilities

 

 

Trusted Software

      From an O.S. viewpoint: OS don¡¯t trust apps because they don¡¯t trust users and apps run on behalf of users (principals)

 

      Setuid(10976): only root can do it

      Setuid program

      Which programs do we trust? =>as few and as small as possible

      How can we trust login? Cryptographic checksum of program

      How does vendor trust login? Login.c ->login.o

 

           gcc.c if compling login.c then generate buggy code / if compling gcc then generate buggy code