Subject: Re: Looking for NetBSD kernel programmer...
To: Feico Dillema <>
From: Lord Isildur <>
List: tech-kern
Date: 02/28/2002 12:32:08
You might want to look at some of the work being done by the PASIS 
project at CMU, and look around for pasis. 
Similar stuff there.


On Thu, 28 Feb 2002, Feico Dillema wrote:
> Our base design is a distributed storage system called Pesto, which can be
> regarded as a base layer on top of which a complete filesystem can be
> implemented (the base storage system does not implement a file name space
> e.g.). One of our main objectives is to reduce overall system complexity,
> and have a common layer that implements basic security mechanisms
> (crypto, logging) and safety mechanisms (replication, logging).
> Safety in our context then means adding the ability to withstand
> faults (fault tolerance) and ---for situations where this may be
> impossible, like violations of trust--- adding the ability to recover
> (including being able to produce evidence of what went wrong and how,
> in order to be able to persue recovery in the real-world, e.g. in a
> court of law).
> > but what is "mobility"?
> With support for `mobility' we mean that the base system should work
> efficiently on resource poor machines like PDAs and even (modern)
> smartcards. More importantly, we treat mobile nodes as first-class
> citizens in the system (as opposed to e.g. Coda). Also, we
> support disconnected, semi-disconnected operation by separating
> replication (distibution of updates) and consistency control, by
> seperating the acquisition of authorization and its actual use.
> Other features e.g. allow delegation and offline delegation of
> both (and separate) access to storage resources and access to content
> further strengthening the usefullness of resource poor devices in the
> system as a whole.
> > and "security"? it depends of what user/group/access right you set for
> > files&dirs, possibly ACL's, but what really special you invent.
> Security is about being able to enforce your security policy. A secure
> system in practice is one that makes it easy to state and manage your
> policies and to enforce them. Or, in other words, a system that makes
> it difficult for your security policies to be violated. So, it is a
> management problem that can be simplified using well-known security
> mechanisms like encryption.
> We basically a special, but simple, cryptographic scheme to simplify
> management of a user's security policies. It allows a user to worry
> about his policies, without having to worry about the mechanisms
> that enforce them.
> > if something really special put it's description publically. if not,
> There's a short work-in-progress paper on-line here:
> Two papers have been submitted for publication (one on overall design,
> the other on its security aspects in particular), and hence  will be
> made public at some point in time, but are available on request only
> for now.
> > better do implementation to another more popular OS like windows.
> We hope, in time, to make a variety of different implementations.
> However, normally, in our academic setting we have no man-power to
> build more than research proof-of-concept prototypes with limited
> usability.  However, instead of only producing publishable papers we
> also like to produce publishable and usable code.  I do not find it
> so strange that we choose our first such implementation on the best
> quality code-base available, i.e. NetBSD. I am working on a PhD, not a
> popularity contest.
> Apologies for continuing off-topic, but I felt somewhat provoked. I
> will not let myself be provoked into further off-topic postings on
> this list. To those that have replied to me already in private:
> Thanks for your interest! I will send you more technical and
> administrative details by email tomorrow.
> Thank you,
> Feico.