Re: suggestion on distributed systems

[Peter Dambier <peter at echnaton.serveftp.com>]

Stephane Bortzmeyer wrote:
> On Mon, Jan 23, 2006 at 12:44:11AM +0530,
>  Neil Harwani <neil.harwani at gmail.com> wrote 
>  a message of 128 lines which said:
>
>
> > I am not sure whether this idea that I am about to write has been
> > implemented before

"Operating Systems, Design and Implementation" by
Andrew S. Tannanbaum and Albert S. Woodhull,
ISBN 0-13-638677-6 Prentice Hall

Not only do the discuss every aspect of an operating system but
they include as an example and for homework practice the complete
Minix operating system plus source.

Tannenbaum has already written a distributed operating system and
you can find many of his ideas in this book.

Minix is also the origin of the linux operating system.

Minix is really modular. You can easyly take it apart and play
with the peaces. In particalur the devide between memory manager
and filesystem suggests to run the pieces distributed over
many computers.

Minix is designed as an academic exercise. I guess it might
give you ideas if not more.
> The idea is interesting but it is clearly underspecified. Before a
> serious discussion can take place, you really have to specify it more
> completely. If you want the discussion to occur at the IETF, an
> Internet-Draft is the proper form:
>
> http://www.ietf.org/ietf/1id-guidelines.html
>
> Technically, I would suggest to think seriously about the Security
> Considerations of your Internet-Draft...
>
>
> > 1. Have a variable system built into all OSes which have internet
> > interface which can allocate space and resources as per what amount
> > of space and resources are free on the OS.
>
>
> The big problem is to create a jail strong enough so that the hosted
> programs do not compromise or DoS the machine. This is *not* a trivial
> problem.

Dr. Bernstein has written an intersting stack of modules

daemontools-0.76

is a stack for building demons. It provides a mechanism that
unifies the world of different unixes, linuxes and bsds broviding
a common interface and getting rid of any special treatment for
demons that differenciates them from "normal" programmes.

ucspi-tcp-0.88

provides a different tcp/ip stack that gets rid of most security
holes in common tcp/ip and socket libraries.

djbdns-1.05

finally gets rid of the "Buggy Internet Name Deamon" bind. Bind
before the version 9 did show several problems. Bernstein shows
an alternative for bind and resolver libraries.

http://lifewithdjbdns.org/

> > Example : Suppose a server of paypal has to process millions of
> > records every month. If a high percentage of this processing is
> > encrypted and sent to container on various systems running on
> > internet, the same work can be done with less powerfull paypal
> > servers.
>
>
> Very bad example: first, all Paypal requests require access to the
> central database. And, second, Paypal would certainly not trust random
> Internet machines for its processing.

The example is good. It is management that is bad :)


Cheers
Peter and Karin Dambier


--
Peter and Karin Dambier
The Public-Root Consortium
Graeffstrasse 14
D-64646 Heppenheim
+49(6252)671-788 (Telekom)
+49(179)108-3978 (O2 Genion)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at echnaton.serveftp.com
mail: peter at peter-dambier.de
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/



_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf