Decentralized Access Control in Distributed File Systems

The Internet enables global sharing of data across organizational boundaries. Distributed file systems facilitate data sharing in the form of remote file access. However, traditional access control mechanisms used in distributed file systems are intended for machines under common administrative control, and rely on maintaining a centralized database of user identities. They fail to scale to a large user base distributed across multiple organizations. We provide a survey of decentralized access control mechanisms in distributed file systems intended for large scale, in both administrative domains and users. We identify essential properties of such access control mechanisms. We analyze both popular production and experimental distributed file systems in the context of our survey

Cirrus, A Digtially Responsible Global FIlesystem

Cirrus is a distributed filesystem that uses an overlay network that extends the service domain of file servers to global scale without diminishing the quality of service. Cirrus, developed over many years, is operational today and is ready for testing and bench marking. Cirrus’ distributed shared memory implementation provides a fast and secure method of transporting all network traffic within the overlay network

Secure Isolation and Migration of Untrusted Legacy Applications

Sting applications often contain security holes that are not patched until after the system has already been compromised. Even when software updates are applied to address security issues, they often result in system services being unavailable for some time. To address these system security and availability issues, we have developed peas and pods. A pea provides a least privilege environment that can restrict processes to the minimal subset of system resources needed to run. This mechanism enables the creation of environments for privileged program execution that can help with intrusion prevention and containment. A pod provides a group of processes and associated users with a consistent, machine-independent virtualized environment. Pods are coupled with a novel checkpoint-restart mechanism which allows processes to be migrated across minor operating system kernel versions with different security patches. This mechanism allows system administrators the flexibility to patch their operating systems immediately without worrying over potential loss of data or needing to schedule system downtime. We have implemented peas and pods in Linux without requiring any application or operating system kernel changes. Our measurements on real world desktop and server applications demonstrate that peas and pods impose little overhead and enable secure isolation and migration of untrusted applications

Samba Openldap Performance in a Simulated Environment

The Information Technology world is developing so fast and it is been reported that Open Source tools will eventually take over proprietary tools in no to distant future. The Open Source Community is integrating its products with that of the proprietary ones and the integration of Windows machines into Linux network is evident of such practices. The purpose of this project is to implement Samba with OpenLDAP in a simulated environment. This implementation is conducted within a virtual environment by simulating the setup of Linux and Windows Operating systems by reducing physical setup of machines. Samba will act as an interface between Linux and Windows, files will be accessible to both server and client. OpenLDAP stores the user accounts and configuration files. A performance test carried out on Samba determining effect on CPU power and Memory usage shows a decrease in the CPU power and an increase in Memory usage

Design and implementation of a computational cluster for high performance design and modeling of integrated circuits

Modern microelectronic engineering fabrication involves hundreds of processing steps beginning with design, simulation and modeling. Tremendous data is acquired, managed and processed. Bringing together Information Technology (IT) into a functional system for microelectronic engineering is not a trivial task. Seamless integration of hardware and software is necessary. For this purpose, knowledge of design and fabrication of microelectronic devices and circuits is extremely important along with knowledge of current IT systems. This thesis will explain a design methodology for building and using a computer cluster running software used in the production of microelectronic circuits. The cluster will run a Linux operating system to support software from Silvaco and Cadence. It will discuss the selection, installation, and verification of hardware and software based on defined goals. The system will be tested via numerous methods to show proper operation, focusing on TCAD software from Silvaco and custom IC design software from Cadence. To date, the system has been successfully tested and performs well. Since the target applications are doing simulations that are independent of each other, parallelization is very easy and user friendly. By simply adding more computers with more CPUs, the maximum number of people and processes that can be supported scales linearly. With a staged approach and the selection of the right software for the job, the integration of IT components to build a computer cluster for microelectronic applications can be completed successfully

Network Function Virtualization technologies applied to cellular systems

Future 5G networks will exploit the inherent flexibility associated to the introduction of Network Function Virtualization (NFV) technologies in both the core network and even the Radio Access Network (RAN) through the software implementation of network functions running on general purpose computing/storage resources. The advent of the NFV paradigm provides an inherent capability to add new functionalities, extend, upgrade or evolve existing functionalities and to customize the network on a per-tenant basis. In this context, this work intends to make an analysis of the cuFuture 5G networks open a new spectrum of possibilities, both at the level of services it can offer, and at the level of its deployment. This thesis aims to make a study of some of the technologies that make possible the arrival of 5G, such as virtualization and virtualization applied to networks, NFV. In order to better understand the defined standard for NFV, the analysis of market NFV-MANO available tools is included. In addition, the study and evaluation of the deployment process of a virtualized 5G network scenario has been performed with HPE NFV Director

Data communication networks--a comparative evaluation of the MIT and Harvard environments

Thesis (M.S.)--Massachusetts Institute of Technology, Sloan School of Management, 1987.Vita.Bibliography: leaves 84-86.by Phillip Seung-Ho Yoo.M.S

Deploying and Maintaining a Campus Grid at Clemson University

Many institutions have all the tools needed to create a local grid that aggregates commodity compute resources into an accessible grid service, while simultaneously maintaining user satisfaction and system security. In this thesis, the author presents a three-tiered strategy used at Clemson University to deploy and maintain a grid infrastructure by making resources available to both local and federated remote users for scientific research. Using this approach virtually no compute cycles are wasted. Usage trends and power consumption statistics collected from the Clemson campus grid are used as a reference for best-practices. The loosely-coupled components that comprise the campus grid work together to form a highly cohesive infrastructure that not only meets the computing needs of local users, but also helps to fill the needs of the scientific community at large. Experience gained from the deployment and management of this system may be adapted to other grid sites, allowing for the development of campus-wide, grid-connected cyberinfrastructures