Subject: Re: Looking for NetBSD kernel programmer...
To: Feico Dillema <firstname.lastname@example.org>
From: Lord Isildur <email@example.com>
Date: 02/28/2002 12:32:08
You might want to look at some of the work being done by the PASIS
project at CMU, http://www.pdl.cmu.edu and look around for pasis.
Similar stuff there.
On Thu, 28 Feb 2002, Feico Dillema wrote:
> Our base design is a distributed storage system called Pesto, which can be
> regarded as a base layer on top of which a complete filesystem can be
> implemented (the base storage system does not implement a file name space
> e.g.). One of our main objectives is to reduce overall system complexity,
> and have a common layer that implements basic security mechanisms
> (crypto, logging) and safety mechanisms (replication, logging).
> Safety in our context then means adding the ability to withstand
> faults (fault tolerance) and ---for situations where this may be
> impossible, like violations of trust--- adding the ability to recover
> (including being able to produce evidence of what went wrong and how,
> in order to be able to persue recovery in the real-world, e.g. in a
> court of law).
> > but what is "mobility"?
> With support for `mobility' we mean that the base system should work
> efficiently on resource poor machines like PDAs and even (modern)
> smartcards. More importantly, we treat mobile nodes as first-class
> citizens in the system (as opposed to e.g. Coda). Also, we
> support disconnected, semi-disconnected operation by separating
> replication (distibution of updates) and consistency control, by
> seperating the acquisition of authorization and its actual use.
> Other features e.g. allow delegation and offline delegation of
> both (and separate) access to storage resources and access to content
> further strengthening the usefullness of resource poor devices in the
> system as a whole.
> > and "security"? it depends of what user/group/access right you set for
> > files&dirs, possibly ACL's, but what really special you invent.
> Security is about being able to enforce your security policy. A secure
> system in practice is one that makes it easy to state and manage your
> policies and to enforce them. Or, in other words, a system that makes
> it difficult for your security policies to be violated. So, it is a
> management problem that can be simplified using well-known security
> mechanisms like encryption.
> We basically a special, but simple, cryptographic scheme to simplify
> management of a user's security policies. It allows a user to worry
> about his policies, without having to worry about the mechanisms
> that enforce them.
> > if something really special put it's description publically. if not,
> There's a short work-in-progress paper on-line here:
> Two papers have been submitted for publication (one on overall design,
> the other on its security aspects in particular), and hence will be
> made public at some point in time, but are available on request only
> for now.
> > better do implementation to another more popular OS like windows.
> We hope, in time, to make a variety of different implementations.
> However, normally, in our academic setting we have no man-power to
> build more than research proof-of-concept prototypes with limited
> usability. However, instead of only producing publishable papers we
> also like to produce publishable and usable code. I do not find it
> so strange that we choose our first such implementation on the best
> quality code-base available, i.e. NetBSD. I am working on a PhD, not a
> popularity contest.
> Apologies for continuing off-topic, but I felt somewhat provoked. I
> will not let myself be provoked into further off-topic postings on
> this list. To those that have replied to me already in private:
> Thanks for your interest! I will send you more technical and
> administrative details by email tomorrow.
> Thank you,