To appear in the Proceedings of the Fifth Goddard Space Flight Center Conference on Mass Storage Systems and Technologies, Sept., 1996, Baltimore, MD.


Derived Virtual Devices: A Secure Distributed File System Mechanism

Rodney Van Meter, Steve Hotz, Gregory Finn
Information Sciences Institute
University of Southern California
Marina del Rey, CA 90292
{rdv,hotz,finn}@isi.edu
(310) 822-1511

Sat Jul 20 09:50:48 PDT 1996

Abstract:

This paper presents the design of derived virtual devices (DVDs). DVDs are the mechanism used by the Netstation Project to provide secure shared access to network-attached peripherals distributed in an untrusted network environment. DVDs improve Input/Output efficiency by allowing user processes to perform I/O operations directly from devices without intermediate transfer through the controlling operating system kernel. The security enforced at the device through the DVD mechanism includes resource boundary checking, user authentication, and restricted operations, e.g. read-only access. To illustrate the application of DVDs, we present the interactions between a network-attached disk and a file system designed to exploit the DVD abstraction. We further discuss third-party transfer as a mechanism intended to provide for efficient data transfer in a typical NAP environment. We show how DVDs facilitate third-party transfer, and provide the security required in a more open network environment.




Netstation Project Home Page
this page maintained by:
rdv@alumni.caltech.edu
Rodney D. Van Meter III
Wed May 8 13:15:04 PDT 1996