Mid-Term Examination

CSci 555 / Neuman-Ryutov-Kim Fall 2003

Directions for completing exam

1. (20 points) File Systems (NFS, Sprite FS, AFS, and Coda)
   
   1. (5 points) Discuss the advantages and disadvantages of using callback mechanism from AFS-2. As with the rest of the questions, if you need more information to answer the question, you can make reasonable assumptions. State your assumption and explain your answer.

      
      
      

   2. (5 points) Can callback messages be lost? If so, how does AFS-2 deal with it?

      
      
      

   3. (10 points) Compare and contrast the cache consistency mechanisms used in the file systems we discussed during class (and listed above), in terms of robustness, potential for inconsistency, and network traffic generated.

   
   
   
   
   

2. (35 points)

   Suppose you have been hired to design two systems (applications): a wide-area internet directory service and a filesystem to support a campus-wide collaborative work environment.

   
   
   

   1. (15 points) Compare the design requirements of the two systems given their different sharing patterns, concurrency control and performance requirements.

      
      
      

   2. (20 points) For improved performance, suggest approaches for the use of replication and caching on both systems. Issues you need to address include (but are not restricted to) cache and replica placement, consistency maintenance, and granularity of caching and replication.

      Explain which approaches are most appropriate for each of the two applications.

   
   
   
   
   

3. (45 points) Security

   Consider the authorization system (GAA-API) we discussed during class and the readings. Consider the following applications: SSH, NFS, a desktop publishing application on a stand-alone PC, IPSec, FTP, games on a stand-alone PC, and a webserver.

   1. (35 points) Choose three applications from those listed above that can benefit most from the integration with the GAA-API. For each of the applications that you chose, give examples of the important security requiremtnts that can be expressed using security policies (EACL) and supported by the GAA-API.

      
      
      

   2. (10 points) Discuss the advantages of specifying the security requirements using security policies (EACLS) rather than placing the security checks in the application code?