219 research outputs found
Recommended from our members
Performance of Size-Changing Algorithms in Stackable File Systems
Stackable file systems can provide extensible file system functionality with minimal performance overhead and development cost. However, previous approaches are limited in the functionality they provide. In particular, they do not support size-changing algorithms, which are important and useful for many applications, such as compression and security. We propose fast index files, a technique for efficient support of size-changing algorithms in stackable file systems. Fast index files provide a page mapping between file system layers in a way that can be used with any size-changing algorithm. Index files are designed to be recoverable if lost and add less than 0.1\% disk space overhead. We have implemented fast indexing using portable stackable templates, and we have used this system to build several example file systems with size-changing algorithms. We demonstrate that fast index files have very low overhead for typical workloads, only 2.3\% over other stacked file systems. Our system can deliver much better performance on size-changing algorithms than user-level applications, as much as five times faster
File System Design Approaches
In this article, the file system development design approaches are discussed.
The selection of the file system design approach is done according to the needs
of the developers what are the needed requirements and specifications for the
new design. It allowed us to identify where our proposal fitted in with
relation to current and past file system development. Our experience with file
system development is limited so the research served to identify the different
techniques that can be used. The variety of file systems encountered show what
an active area of research file system development is. The file systems may be
from one of the two fundamental categories. In one category, the file system is
developed in user space and runs as a user process. Another file system may be
developed in the kernel space and runs as a privileged process. Another one is
the mixed approach in which we can take the advantages of both aforesaid
approaches. Each development option has its own pros and cons. In this article,
these design approaches are discussed.Comment: 5 pages, 6 figure
Armada: a Parallel I/O Framework for Computational Grids
High-performance computing increasingly occurs on “computational grids” composed of heterogeneous and geographically distributed systems of computers, networks, and storage devices that collectively act as a single “virtual” computer. One of the great challenges for this environment is to provide efficient access to data that is distributed across remote data servers in a grid. In this paper, we describe our solution, a framework we call Armada. Armada allows applications to flexibly compose modules to access their data, and to place those modules at appropriate hosts within the grid to reduce network traffic
ファイル同期昨日を持つファイルシステムの設計と実装
近年スマートフォンなどのモバイル端末の普及が進み,これらの端末間でのファイル共有が広く利用されている.一般にファイル共有の手法として,ネットワークファイルシステムなどによるファイルの一元管理や,端末間でのファイル同期が挙げられる.これらのうち,モバイル端末間のファイル共有においては,ファイルがサーバにあるためオフラインアクセスができない一元管理よりも,オフラインでもファイルにアクセス可能なファイル同期が適しており,今後の主流になると考えられる.ファイル同期の例として,ファイル同期ツールやオンラインストレージサービスなどがある.これらの方式ではいずれも端末上のアプリケーションが同期を処理している.同期のためには同期対象のファイルにアクセスする必要があるが,アプリケーションがアクセスできるファイルが制限されているサンドボックス環境では,上記のいずれの方式も使えない.また,これらの方式ではファイルをパスで指定するため,ファイルを移動すると同期設定が維持できないという問題もある.本研究では端末間でのファイル同期を行うファイルシステムである FSyncFS を提案する. FSyncFS はカーネル空間で動作するため,サンドボックス環境におけるファイルアクセスの制約を受けずに同期処理を行うことができる.また,それぞれのファイルに同期設定情報を持たせることでファイルごとの同期設定を可能にし,ファイルのパスに依存しないファイル同期を実現する.FSyncFS のプロトタイプとして, PC 上で動作する Linux のファイルシステムを実装した.プロトタイプはスタッカブルファイルシステムとして実装したため,任意のファイルシステムにファイル同期機能を追加することができる.端末間でのファイル同期は専用の同期サーバを介して行われる.また,ローカルファイルアクセスと同期サーバとの通信を並行に動作させ,前者の遅延を少なくした.本提案の FSyncFS により,アプリケーションがサンドボックス環境で動作するモバイル端末において,基盤的機能としてのファイル同期を,広くアプリケーションに提供できる.電気通信大学201
Building Blocks for Adaptive Modular Sensing Systems
This thesis contributes towards the development of systems and strategies by which sensor and actuator components can be combined to produce flexible and robust sensor systems for a given application. A set of intelligent modular blocks (building blocks) have been created from which composite sensors (made up of multiple sensor and actuator components) can be rapidly reconfigured for the construction of Adaptive Modular Sensing Systems. The composite systems are expected to prove useful in several application domains including industrial control, inspection systems, mobile robotics, monitoring and data acquisition. The intelligent building blocks, referred to as transducer interface modules, contain embedded knowledge about their capabilities and how they can interact with other modules. These modules encapsulate a general purpose modular hardware architecture that provides an interface between the sensors, the actuators, and the communication medium. The geometry of each transducer interface module is a cube. A connector mechanism implemented on each face of the module enables physical connection of the modules. Each module provides a core functionality and can be connected to other modules to form more capable composite sensors. Once the modules are combined, the capabilities (e.g., range, resolution, sample rate, etc.) and functionality (e.g., temperature measurement) of the composite sensor is determined and communicated to other sensors in the enviornment. For maximum flexibility, a distributed software architecture is executed on the blocks to enable automatic acquisition of configuration-specific algorithms. This logical algorithm imparts a collective identity to the composite group, and processes data based on the capabilities and functionalities of the transducers present in the system. A knowledge representation scheme allows each module in the composite group to store and communicate its functionality and capabilities to other connected modules in the system
A FIREWALL MODEL OF FILE SYSTEM SECURITY
File system security is fundamental to the security of UNIX and Linux systems since in these systems almost everything is in the form of a file. To protect the system files and other sensitive user files from unauthorized accesses, certain security schemes are chosen and used by different organizations in their computer systems. A file system security model provides a formal description of a protection system. Each security model is associated with specified security policies which focus on one or more of the security principles: confidentiality, integrity and availability. The security policy is not only about “who” can access an object, but also about “how” a subject can access an object. To enforce the security policies, each access request is checked against the specified policies to decide whether it is allowed or rejected.
The current protection schemes in UNIX/Linux systems focus on the access control. Besides the basic access control scheme of the system itself, which includes permission bits, setuid and seteuid mechanism and the root, there are other protection models, such as Capabilities, Domain Type Enforcement (DTE) and Role-Based Access Control (RBAC), supported and used in certain organizations. These models protect the confidentiality of the data directly. The integrity of the data is protected indirectly by only allowing trusted users to operate on the objects. The access control decisions of these models depend on either the identity of the user or the attributes of the process the user can execute, and the attributes of the objects. Adoption of these sophisticated models has been slow; this is likely due to the enormous complexity of specifying controls over a large file system and the need for system administrators to learn a new paradigm for file protection.
We propose a new security model: file system firewall. It is an adoption of the familiar network firewall protection model, used to control the data that flows between networked computers, toward file system protection. This model can support decisions of access control based on any system generated attributes about the access requests, e.g., time of day. The access control decisions are not on one entity, such as the account in traditional discretionary access control or the domain name in DTE. In file system firewall, the access decisions are made upon situations on multiple entities. A situation is programmable with predicates on the attributes of subject, object and the system. File system firewall specifies the appropriate actions on these situations. We implemented the prototype of file system firewall on SUSE Linux. Preliminary results of performance tests on the prototype indicate that the runtime overhead is acceptable. We compared file system firewall with TE in SELinux to show that firewall model can accommodate many other access control models. Finally, we show the ease of use of firewall model. When firewall system is restricted to specified part of the system, all the other resources are not affected. This enables a relatively smooth adoption. This fact and that it is a familiar model to system administrators will facilitate adoption and correct use. The user study we conducted on traditional UNIX access control, SELinux and file system firewall confirmed that. The beginner users found it easier to use and faster to learn then traditional UNIX access control scheme and SELinux
Recommended from our members
A File System Component Compiler
File System development is a difficult and time consuming task, the results of which are rarely portable across operating systems. Several proposals to improve the vnode interface to allow for more flexible file system design and implementation have been made in recent years, but none is used in practice because they require costly fundamental changes to kernel interfaces, only operating systems vendors can make those changes, are still non-portable, tend to degrade performance, and do not appear to provide immediate return on such an investment. This proposal advocates a language for describing file systems, called FiST. The associated translator can generate portable C code — kernel resident or not — that implements the described file system. No kernel source code is needed and no existing vnode interface must change. The performance of the file systems automatically generated by FiST can be within a few percent of comparable hand-written file systems. The main benefits to automation are that development and maintenance costs are greatly reduced, and that it becomes practical to prototype, implement, test, debug, and compose a vastly larger set of such file systems with different properties. The proposed thesis will describe the language and its translator, use it to implement a few file systems on more than one platform, and evaluate the performance of the automatically generated code
Student-Centered Learning: Functional Requirements for Integrated Systems to Optimize Learning
The realities of the 21st-century learner require that schools and educators fundamentally change their practice. "Educators must produce college- and career-ready graduates that reflect the future these students will face. And, they must facilitate learning through means that align with the defining attributes of this generation of learners."Today, we know more than ever about how students learn, acknowledging that the process isn't the same for every student and doesn't remain the same for each individual, depending upon maturation and the content being learned. We know that students want to progress at a pace that allows them to master new concepts and skills, to access a variety of resources, to receive timely feedback on their progress, to demonstrate their knowledge in multiple ways and to get direction, support and feedback from—as well as collaborate with—experts, teachers, tutors and other students.The result is a growing demand for student-centered, transformative digital learning using competency education as an underpinning.iNACOL released this paper to illustrate the technical requirements and functionalities that learning management systems need to shift toward student-centered instructional models. This comprehensive framework will help districts and schools determine what systems to use and integrate as they being their journey toward student-centered learning, as well as how systems integration aligns with their organizational vision, educational goals and strategic plans.Educators can use this report to optimize student learning and promote innovation in their own student-centered learning environments. The report will help school leaders understand the complex technologies needed to optimize personalized learning and how to use data and analytics to improve practices, and can assist technology leaders in re-engineering systems to support the key nuances of student-centered learning
DSpace Manual: Software version 1.5
DSpace is an open source software platform that enables organizations to:
- Capture and describe digital material using a submission workflow module, or a
variety of programmatic ingest options
- Distribute an organization's digital assets over the web through a search and
retrieval system
- Preserve digital assets over the long term
This system documentation includes a functional overview of the system, which is a
good introduction to the capabilities of the system, and should be readable by nontechnical
personnel. Everyone should read this section first because it introduces
some terminology used throughout the rest of the documentation. For people
actually running a DSpace service, there is an installation guide, and sections on
configuration and the directory structure. Note that as of DSpace 1.2, the
administration user interface guide is now on-line help available from within the
DSpace system. Finally, for those interested in the details of how DSpace works, and
those potentially interested in modifying the code for their own purposes, there is a
detailed architecture and design section
- …