Final Examination
CSci 555 / Neuman-Ryutov-Kim Fall 2003

  1. (10 points) How do the job manager and the system manager on Prospero Resource Manager (PRM) correspond to the similar components in the paper on Scheduler Activations?



  2. (10 points) RPC and HCS (Heterogeneous Computer Systems) Project
    Compare and contrast RPC with THERE in HCS.



  3. (10 points) Leases assume that the clocks on the servers and clients are reasonably synchronized. What would be the implications if the server clock advances too fast or the client clock advances too slow? What happens with the opposite case (faster client clock and slower server clock)? Explain your answer.



  4. (10 points) Describe approaches used to reduce overhead associated with lease management.



  5. (10 points) Are there any relationships between the approaches used in IVY and Leases? Briefly explain your answer(s).



  6. (20 points) Attacks on a system can be categorized as insider or outsider attacks. An insider attack is an attack by an entity inside the security perimeter related to a company or organization (e.g., employee) that is authorized to access system resources but uses them in a way not approved by those who granted the authorization. An insider typically has an account or, at least, access to the system that is attacked.

    The other category is the outsider attack, which is a threat from someone not directly related to the organization or company. An outsider could be any person on the Internet. An outside attack is initiated from the perimeter, by an unauthorized or illegitimate user of system.

    Consider a commercial organization that conducts e-business e.g., sells goods on-line. The components of such a system include a database of goods, a database of transactions, sensitive customer information, as well as internal organizational and employee information.

    1. (5 points) Is this system vulnerable to insider attacks? If yes explain why: describe sensitive resources and possible attacks by the insiders. If no, explain your answer.



    2. (5 points) Is this system vulnerable to outsider attacks? If yes explain why: describe sensitive resources and possible attacks by the outsiders. If no, explain your answer.



    3. (5 points) What security components are important to protect the system?



    4. (5 points) Suggest explicit security policies supported by the security components you identified in your answer to 6c that protect the system against the attacks you identified in your answer to 6a and 6b.



  7. (30 points + 5 points extra credit) You have been hired by a new internet startup "Indelible" to build a peer-to-peer backup system. You were hired very early in the design process, and as such you have not been provided with much guidance about what is required from such a system. Your first task is to identify the issues in building such a system, including 1) the choice of peers to which one backs up data, and 2) the list of peers from which one accepts backups, 3) how one identifies and organizes backed up objects, 4) how one protects such objects, and 5) how one decides which objects to backup. Performance, storage capacity, reliability, privacy, and fairness will be critical in the system you build.



    1. (15 points) Discuss each of the five numbered issues above, mentioning the implications for the critical characteristics mentioned above.



    2. (10 points)
    3. (5 points) Pick one of the above issues and describe a design that exhibits favorable characteristics. Your score for these two parts will depend both on your solution (7b 10 points) and on (7c 5 points) the challenge of yor choice of characteristics (i.e., if you pick the trivial issues and characteristics you will get a poor score for challenge).



    4. (5 points, extra credit) Pick a second challenging design issue and describe your solution. (If you describe a second issue and solution, we will pick the best of your two issues to count for 7b and 7c, and assign up to an extra 5 points for the other of your answers).