Prime Institute of Engineering Technology, Navsari

(134)

Subject Name:- Distributed System

Subject Code:- 3170719

25-Question Bank

Q-1. What is a distributed system? List out the advantages of

Distributed System.
Distributed system as a “collection of independent computers that appear to the
users of the system as a single computer” There are two essential points in this
definition:
• Independent This means that, architecturally, the machines are capable of
operating independently.
• Single computer : The second point is that the software enables this set of
connected machines to appear as a single computer to the users of the
system. This is known as the single system image and is a major goal in
designing distributed systems that are easy to maintain and operate.
The figure below shows a simple distributed systems for a number of applications
running through different operating

Fig. Distributed System

Advantages of Distributed System
1. Applications in Distributed Systems are Inherently Distributed
Applications.
2. Information in Distributed Systems is shared among geographically
distributed users.
3. Resource Sharing (Autonomous systems can share resources from remote
locations).
4. It has a better price performance ratio and flexibility.
5. It has shorter response time and higher throughput.
6. It has higher reliability and availability against component failure.
7. It has extensibility so that systems can be extended in more remote
locations and also incremental growth.

Disadvantages of Distributed System

1. Relevant Software for Distributed systems does not exist currently.
2. Security possess a problem due to easy access to data as the resources are
shared to multiple systems.
3. Networking Saturation may cause a hurdle in data transfer i.e., if there is a
lag in the network then the user will face a problem accessing data.
4. In comparison to a single user system, the database associated with
distributed systems is much more complex and challenging to manage.
5. If every node in a distributed system tries to send data at once, the network
may become overloaded.
Q-2. Explain how simple client-server communication is done.
The Client-server model is a distributed application structure that partitions tasks
or workloads between the providers of a resource or service, called servers and
service requesters called clients.
In the client-server architecture, when the client computer sends a request for data
to the server through the internet, the server accepts the requested process and
delivers the data packets requested back to the client.
Clients do not share any of their resources. Examples of the Client-Server Model
are Email, World Wide Web, etc.

Advantages of Client-Server Model

➢ Centralized system with all data in a single place.
➢ Cost efficient requires less maintenance cost and Data recovery is possible.
➢ The capacity of the Client and Servers can be changed separately.
Disadvantages of Client-Server Model
➢ Clients are prone to viruses, Trojans, and worms if present in the Server or
uploaded into the Server.
➢ Servers are prone to Denial of Service (DOS) attacks.
➢ Data packets may be spoofed or modified during transmission.
➢ Phishing or capturing login credentials or other useful information of the
user are common and MITM(Man in the Middle) attacks are common.
Q-3. Discuss the issues related to designing a Distributed System.
1. Fault Tolerance:
The system must keep working even if some parts fail.

2. Consistency vs. Availability:

You have to choose between having up-to-date data everywhere or
ensuring the system always responds.

3. Network Problems:
Communication failures can cause parts of the system to be isolated.

4. Synchronization:
Keeping all parts of the system in sync, especially when data is updated.

5. Scalability:
The system should handle more users or data without slowing down.

6. Latency:
Delays in communication between different parts of the system can affect
performance.

7. Security:
Protecting data and ensuring safe communication between parts of the
system.

8. Concurrency:
Handling multiple operations at the same time without conflicts.

9. Heterogeneity:
Different parts of the system may use different hardware or software, which
can complicate things.

10.Data Consistency:
Ensuring data is correct and up-to-date across the system.
Q-4. What is Code Migration? Explain reasons for code
migration.
➢ Traditionally, communication in distributed systems is concerned with
exchanging data between processes.
➢ Code migration in the broadest sense deals with moving programs between
machines, with the intention to have those programs be executed at the
target
➢ process migration in which an entire process is moved from one machine
to another
➢ Code migration is often used for load distribution, reducing network
bandwidth, dynamic customization, and mobile agents.
➢ Code migration increases scalability, improves performance, and provides
flexibility.

Models for Code Migration

➢ To get a better understanding of the different models for code migration,
we use a framework described in Fuggetta et al. (1998).
➢ In this framework, a process consists of three segments.
➢ The code segment: It is the part that contains the set of instructions that
make up the program that is being executed.
➢ The resource segment: It contains references to external resources needed
by the process, such as files, printers, devices, other processes, and so on.
➢ The execution segment: It is used to store the current execution state of a
process,consisting of private data, the stack, and, of course, the program
counter.
Reasons for Code Migration:
✓ Performance
✓ Flexibility
✓ Overall system performance can be improved if processes are moved from
heavily-loaded to lightly loaded machines.
✓ How system performance is improved by code migration?
✓ Using load distribution algorithms
✓ Using qualitative reasoning
✓ Migrating parts of the client to the server
✓ Migrating parts of the server to the client
✓ The traditional approach to building distributed applications is to partition
the application into different parts, and decide in advance where each part
should be executed.

Q-5. Explain Message-Oriented Communication in detail.

➢ Connection-Oriented Service is basically a technique that is typically used
to transport and send data at session layer.
➢ The data streams or packets are transferred or delivered to receiver in a
similar order in which they have seen transferred by sender. It is actually a
data transfer method among two devices or computers in a different
network, that is designed and developed after telephone system.
➢ Whenever a network implements this service, it sends or transfers data or
message from sender or source to receiver or destination in correct order
and manner.
➢ This connection service is generally provided by protocols of both network
layer (signifies different path for various data packets that belongs to same
message) as well as transport layer (use to exhibits independence among
packets rather than different paths that various packets belong to same
message will follow).

Operations :
There is a sequence of operations that are needed to b followed by users. These
operations are given below :
1.Establishing Connection – It generally requires a session connection to be
established just before any data is transported or sent with a direct physical
connection among sessions.
2.Transferring Data or Message – When this session connection is established,
then we transfer or send message or data.
3.Releasing the Connection – After sending or transferring data, we release
connection.

Different Ways :
There are two ways in which connection-oriented services can be done. These
ways are given below :

1.Circuit-Switched Connection –
Circuit-switching networks or connections are generally known as connection-
oriented networks. In this connection a dedicated route is being established
among sender and receiver and whole data or message is sent through it. A
dedicated physical route or a path or a circuit is established among all
communication nodes, and after that, data stream or message is sent or
transferred.
2.Virtual Circuit-Switched Connection –
Virtual Circuit-Switched Connection or Virtual Circuit Switching is also known
as Connection-Oriented Switching. In this connection, a preplanned route or path
is established before data or messages are transferred or sent. The message Is
transferred over this network is such a way that it seems to user that there is a
dedicated route or path from source or sender to destination or receiver.

Q-6.What is Transparency?Explain various types of Transparency.

Software hides some of the details of the distribution of system resources. It
makes the system more users friendly.
A distributed system that appears to its users and applications to be a single
computer system is said to be transparent.
Users and applications should be able to access remote resources in the same way
they access local resources.
The distributed systems should be perceived as a single entity by the users or the
application programmers rather than as a collection of autonomous systems,
which are co-operation.
The users should be unaware of where the services are located and also the
transferring from a local machine to a remote one should also be transparent.
To make certain aspects of distributed system invisible to the application
programmer so that they need only be concerned with the design of their
particular application.

Type of transparency
a. Access transparency: enables local and remote resources to be accessed using
identical operations.
b. Location transparency: enables resources to be accessed without knowledge
of their location.
c. Concurrency transparency: enables several processes to operate concurrently
using shared resources without interference between them.
d. Replication transparency: enables multiple instances of resources to be used
to increase reliability and performance without knowledge of the replicas by users
or application programmers. `
e. Failure transparency: enables the concealment of faults, allowing users and
application programs to complete their tasks despite the failure of hardware or
software components.
f. Mobility transparency: allows the movement of resources and clients within
asystem without affecting the operation of users or programs.
g. Performance transparency: allows the system to be reconfigures to
implement performance as loads vary.
h. Scaling transparency: allows the system and applications to expand in scale
without change to the system structure or the application algorithms.
i. Access and location transparency together provide network transparency
Q-7. Discuss flat and structured naming with example.
Flat Naming:
Flat names are simply random bit strings, which we refer to as unstructured
names.
Flat names do not contain any information about how to locate the access point
of the associated entity.

Types of Flat Naming approaches:

1. Broadcasting:
o Broadcast the identifier to the complete network. The entity
associated with the identifier responds with its current address.
o Example: Address Resolution Protocol (ARP).
o Resolve an IP address to a MAC address.
o In this approach, the IP address is the identifier of the entity, and the
MAC address is the address of the access point.
2. Forward pointers:
o When an entity moves from location A to location B, it leaves behind
a reference at A to its new location at B.
o To reach the entity, a chain of pointers is followed.
o Example: Each forwarding pointer is implemented as a (client stub,
server stub) pair.
o The server stub contains either a local reference to the actual object
or to a remote client stub for that object.
o The client stub consists of the client's transport-level address
combined with a locally generated number to identify the stub.
3. Home-based approaches:
o This approach keeps track of the current location of an entity and
where it was.
o It is used as a fallback mechanism for location services based on
forwarding pointers.
o Example: Mobile IP.
 4. Distributed hash tables/chord:
o General mechanism: Chord uses an m-bit identifier space to assign
randomly chosen identifiers to nodes as well as keys to specific
qualities.
o Linear approach: An obvious non-scalable approach is to let each
node keep track of the successor (succ[p+1]) as well as its
predecessor (pred[p]).

Structured Naming:
Structured names are composed of simple, human-readable names. Names are
arranged in a specific structure.
Example: www.dint.engg.cse.cee

1. Name Space:
o Name spaces for structured names can be represented as a labeled,
directed graph with two types of nodes:
▪ A leaf node represents a named entity and has the property
that it has no outgoing edges.
▪ A directory node has a number of outgoing edges, each
labeled with a name.
2. Name Resolution:
o Name resolution is the process of mapping an object's name to its
specific properties, such as its location.
o Example: The client first contacts its naming agent, which further
contacts other name agents until the object is found.
3. Domain Name Server (DNS):
o DNS provides directory services through DNS servers.
o DNS stands for Domain Name System or Domain Name Server.
o It is used to map IP addresses with domain names.
o Since remembering IP addresses is complex, DNS came into play.
Q-8. Explain LDAP in detail.
LDAP stands for Lightweight Directory Access Protocol. LDAP defines a
standard method for accessing and updating information in a directory. It has
gained wide acceptance as the directory access method of the Internet and is
therefore also becoming strategic within corporate intranets.
LDAP is based on X.500. It is a fast-growing technology for accessing common
directory information. Fig. 3.4.1 shows LDAP uses X.500.

Why use LDAP?

1. Centralized management: LDAP allows centralized control of users,
groups, and other data for each application.
2. No need for separate data management: Users do not have to manage
separate data; appropriate people can access the data they need.
3. Distribute and manage shared data: LDAP helps distribute shared data
and manage it efficiently.
4. Minimal data duplication: Information is centrally maintained to avoid
duplication across applications.
5. Accessibility from different locations: Information can be accessed from
different locations without locking users into a particular server.
6. Efficient data updates: LDAP allows frequent updates of the data without
significant overhead.
Other Technical Points:
• LDAP uses TCP/IP for communication between clients and servers.
 • X.500 directory services often underlie LDAP but are simplified for
efficiency.
• Namespace and Directory Entries: Each object in the directory must
have a unique identifier, and LDAP ensures a structured way to store and
retrieve this information.

Q-9. What is cryptography? What is the use of cryptography?

Cryptography is a technique of securing information and communications
through the use of codes so that only those persons for whom the information is
intended can understand and process it.
Thus preventing unauthorized access to information. The prefix “crypt” means
“hidden” and the suffix “graphy” means “writing”.
In Cryptography, the techniques that are used to protect information are obtained
from mathematical concepts and a set of rule-based calculations known as
algorithms to convert messages in ways that make it hard to decode them.
These algorithms are used for cryptographic key generation, digital signing, and
verification to protect data privacy, web browsing on the internet and to protect
confidential transactions such as credit card and debit card transactions.

Uses of Cryptography
Cryptography is widely used in a variety of applications to enhance security and
protect sensitive information. Here are some of its main uses:
1. Data Privacy: Protects sensitive information (such as personal data,
financial details, or classified information) by making it unreadable to
 unauthorized parties. This is commonly used in messaging apps, emails,
and online banking.
2. Authentication: Verifies the identity of users, devices, and systems. For
example, digital signatures and certificates are cryptographic methods to
ensure that messages or documents come from legitimate sources.
3. Data Integrity: Ensures that data has not been altered during transmission
or storage. Cryptographic hashing algorithms, like SHA-256, create unique
fingerprints for data that make it possible to detect any tampering.
4. Secure Communication: Encrypts data transmitted over networks, such
as the Internet, to prevent eavesdropping or interception. SSL/TLS
protocols, which secure HTTPS websites, use cryptography to protect data
exchange.
5. Digital Signatures: Provide non-repudiation, meaning that the sender
cannot deny having sent a message. This is widely used in legal documents,
contracts, and transactions to verify authenticity and origin.
6. Cryptocurrencies: Cryptography is the backbone of blockchain
technology, which underlies cryptocurrencies like Bitcoin and Ethereum.
It secures transactions, controls the creation of new units, and verifies asset
transfers.

Q-10. What is Clock Synchronization? Explain Berkeley algorithm

in detail.
Clock Synchronization refers to syncing the time displayed by any two given
clocks, such that either both the clocks display the exact same time at the exact
same moment, and this remains constant over the passage of time, or both clocks
show time with a difference that remains constant over the passage of time, such
as if clock A is ahead by 6 hours as compared to clock B, then clock A should
remain ahead by 6 hours as compared to clock B at any given point in time.
Ideally, all clocks should be in perfect sync. However, realistically this is difficult
to achieve.
Example
As an example, let’s consider a distributed system consisting of one server and
multiple clients. The clients may assume that the server has a perfect time and
request the time from the server so they can set their own time accordingly.
Berkeley Algorithm:
• A single time server can fail, blocking timekeeping.
• The Berkeley algorithm is a distributed algorithm for timekeeping.
• Assumes all machines have equally accurate local clocks.
• Obtains the average from participating computers and synchronizes clocks
to that average.
• The time server periodically sends a message ("time=?") to all computers
in the group.
• Each computer in the group sends its clock value to the server.
• The server has prior knowledge of the propagation time from node to
server.
• The time server reads the clock values of the reply messages using
propagation time and then takes a fault-tolerant average.
• The time server readjusts its own time and sends the adjustment (positive
or negative) to each node.

Approach:

• A time server periodically (approximately once in 4 minutes) sends its time

to all the computers and polls them for the time difference.
• The computers compute the time difference and then reply.
• The server computes an average time difference for each computer.
• The server commands all the computers to update their time (by gradual
time synchronization).

At 3:00, the time daemon tells the other machines its time and asks for theirs.
They respond with how far ahead or behind the time daemon they are.
The time daemon computes the average and tells each machine how to adjust
its clock.
Q-11. Define virtualization. Explain architecture of virtual
machine.
Virtualization plays an important role and function in cloud computing. It helps
in reducing the space or costs associated with the investment.
This technology allows end users to run multiple desktop operating systems and
applications simultaneously on the same hardware and software.
Virtualization in cloud computing simplifies the creation of virtual machines and
makes it easier to run multiple machines.
It also helps create a virtual ecosystem of server operating systems, multiple
storage facilities, and multiple operating systems.
Cloud computing is an application or service associated with a virtual ecosystem.
Such ecosystems can be public or private.
Due to virtualization, the need for physical infrastructure can be reduced.
The terms cloud computing and virtualization are now used interchangeably and
are rapidly converging.
Virtualization Architecture is defined as a model that describes the concept of
virtualization. The use of virtualization is important in cloud computing. In cloud
computing, end users share data through an application called the cloud.
However, end users can share their entire IT infrastructure with virtualization
itself.
Architecture of the Virtualization
In the diagram above, virtualization includes virtual applications and virtual
infrastructure services.
• The virtual application services help in application management, and the
virtual infrastructure services can help in infrastructure management.
• Both services are integrated into the virtual data center or operating system.
Virtual services can be used on any platform and programming
environment. These services can be accessed from the local cloud or
external cloud. In return, cloud users must pay a monthly or annual fee to
the third party.
• This fee is paid to third parties for providing cloud services to end users,
who in turn provide applications in different forms according to the needs
of cloud end users.
• A hypervisor separates the operating system from the underlying hardware.
It allows the host computer to run multiple virtual machines simultaneously
and share the same computer resources.

Q-12.What is multicasting? List the characteristics of multicasting.

Multicast communication allows a process to send the same message to a group
of processes.
As multicast operations can provide the programmer with delivery guarantees
that are difficult to realize for the application programmer using ordinary unicast
operations.
Group communication simplifies building reliable efficient distributed systems.

Fig. Multicasting Communication

Multicast messages provide a useful infrastructure for constructing
distributed systems with the following characteristics:
1. Replicated services: A replicated service consists of a group of members.
Client requests are multicast to all the members of the group, each of which
performs an identical operation.
2. Better performance: Performance of service is increase by using data
replication. User's computer is used for replication. Each time the data change,
the new value is multicast to the processes managing the replicas.
3. Propagation of event notifications: Multicast to a group may be used to
notify processes when something happens. For example, a news system might
notify interested users when a new message has been posted on a particular
newsgroup. Group view is the lists of the current group members. When a
membership change occurs, the application is notified of the new
membership.
4. One-to-Many Communication: Multicasting allows one sender to send data
to multiple receivers that are part of a multicast group. This is more efficient
than sending separate unicast messages to each receiver.
5. Multicast Group Concept: Receivers interested in receiving multicast data
must join a multicast group. The sender only sends data once, and the network
infrastructure (routers and switches) ensures the data is distributed to all
members of the group.
6. Efficient Use of Network Resources: Instead of sending multiple copies of
the same data (as in unicast communication), multicasting sends a single
stream of data, which is then replicated by routers only where necessary. This
conserves bandwidth and reduces network traffic.

Q-13. What is RPC? Discuss the design issues for RPC.

➢ Low level message passing is based on send and receive primitives.
➢ Remote Procedure Call (RPC) is a protocol that one program can use to
request a service from a program located in another computer on a network
without having to understand the network's details.
➢ A procedure call is also sometimes known as a function call or a subroutine
call.
➢ More sophisticated is allowing programs to call procedures located on
other machines.
➢ RPC is a request–response protocol, i.e., it follows the client-server model
Key Design Issues for RPC

1. Transparency:
• Make remote calls feel like local calls, hiding network
details from the programmer.
• Allow the client to connect to services without needing to
know their exact location.
• Handle network and server failures so the client isn’t
affected by them directly.
2. Performance:
• Latency: Minimize network delays to make remote calls as
fast as possible.
• Efficiency: Use methods to send and receive data quickly,
minimizing extra steps that slow things down.
• Concurrency: Allow the server to handle multiple calls at
once, so it can serve many clients efficiently.
3. Parameter Passing:
• Data Conversion (Marshalling): Convert data to a network-
friendly format before sending it and back when receiving
it.
• References: Since memory cannot be directly shared
between computers, RPC systems usually send copies of
data rather than direct references.
4. Communication Protocol:
• Choose a reliable method to send data over the network,
typically TCP, so messages don’t get lost.
• Have a system for managing requests and responses,
including retries if something goes wrong.
5. Error Handling:
• Handle network issues that can cause RPCs to fail by
retrying or notifying the client of failures.
• Manage server crashes and partial failures without
disrupting the whole system.
6. Security:
• Authentication: Verify who is requesting access to prevent
unauthorized use.
• Encryption: Secure data as it travels over the network to
keep it private.
• Authorization: Allow only specific users to access certain
functions.
7. Scalability:
• Load Balancing: Spread client requests across multiple
servers to handle large numbers of users.
• Stateless Design: Make it easier to scale by not storing data
between calls unless absolutely needed.
Q-14. Write a short note on digital signature.
ANS: The Digital Signature is a technique which is used to validate the
authenticity and integrity of the message.
• A digital signature uses a pair of asymmetric keys.
• A valid digital signature helps the receiver to know the message comes
from the authentic sender and is not altered in between.
• When a person creates a digital signature, two additional encrypted files
are created. These are the "private key" which stays with the signature
owner, and the "public key" which is sent along with the signed document
to let the recipient open it.
• To verify digital signatures, the recipient applies verification techniques to
a combination of the message and the signature to verify authenticity. So
here a copy of the signature is not stored anywhere.

• Features of Digital Signature:

o Message Integrity, Message Authentication, Message
Nonrepudiation
• (c) Explain bully election algorithms. And compare it with ring election
algorithm.
• Many organizations across industries use digital signatures to streamline
their operations. Some of them include:
1.Government Institutions
2.Financial Service Providers
3.Healthcare Providers
Q-15.Explain monotonic – Read and write consistency
model.
Monotonic - Read consistency model
• Assume read operations by a single process P at two different local copies
of the same data store.
• Once read, subsequent reads on that data item return the same or more
recent values.
Example:
• Automatically reading your personal calendar updates from different
servers.
• Monotonic Reads guarantee that the user sees all updates, no matter from
which server the automatic reading takes place.
Example:
• Reading (not modifying) incoming mail while you are on the move.
• Each time you connect to a different email server, that server fetches (at
least) all the updates from the server you previously visited.
Example:
• The read operations performed by a single process P at two different local
copies of the same data store.
• The vertical axis shows the two different local copies of the data store. We
call them Location1 and Location2.
• Horizontal axis shows the time. Operations carried out by a single process
P in boldface are connected by a dashed line representing the order in
which they are carried out.
 • Location1: Write(X1), Read(X1).
• Location2: Write(X1: X2), Read(X2).

• Process P1 first performs a read operation on X at Location1, returning the

value of X1. This value results from the write operations in Write (X1)
performed at Location1. Later, P1 performs a read operation on X at
Location2, shown as Read (X2).
• To guarantee monotonic-read consistency, all operations in Write (X1)
should have been propagated to Location2 before the second read operation
takes place.

• Location1: Write(X1), Read(X1), Write(X1).

• Location2: Write(X2), Read(X2).

Situation in which monotonic-read consistency is not guaranteed. After

process P1 has read X1 at Location1, it later performs the operation Read
(X2) at Location2. But, only the write operations in Write (X2) have been
performed at Location2. No guarantees are given that this set also contains
all operations contained in Write (X1).

Monotonic - write consistency model

• n a monotonic-write consistent store, the following condition holds:
A write operation by a process on a data item X is completed before
any successive write operation on X by the same process.
• A write operation on a copy of item X is performed only if that copy has
been brought up to date by means of any preceding write operation, which
may have taken place on other copies of X. If need be, the new write must
wait for old ones to finish.
Example:
 • Updating a program at server S2 and ensuring that all components on
which compilation and linking depend are also placed at S2.

Example:
• Maintaining versions of replicated files in the correct order everywhere.
• The write operations performed by a single process P at two different local
copies of the same data store.
• Resembles to PRAM, but here we are considering consistency only for a
single process (client) instead of for a collection of concurrent processes.
• Fig. 5.3.3 (a) shows monotonic-write consistent data store and a data store
that does not provide monotonic-write consistency.

The Write(X2) requires that Write(X1) is updated on Location2 before it.

• Write(X2) (Write(X1) has not been propagated to Location2).

Example 1:
• Updating a program at server S2, and ensuring that all components on
which compilation and linking depend are also placed at S2.

Example 2:
• Maintaining versions of replicated files in the correct order everywhere.
Q-16.What is Replication? Write about motivations for replication.
Replication is the process of creating and maintaining multiple copies of the same
data or resources across different servers, databases or locations in a network.
In distributed computing and database systems, replication is used to ensure that
identical copies of data exist in multiple places, improving availability, reliability,
and performance.

Key Purposes of Replication:

1. Data Availability: Ensures that data remains accessible even if one or
more servers go down, as other copies of the data are still available.
2. Fault Tolerance: Protects against data loss from hardware failures,
network issues, or other disruptions, making systems more resilient.
3. Improved Performance: Reduces data access time for users by storing
copies closer to them geographically or within the network.
4. Load Balancing: Distributes user requests across multiple servers,
preventing any single server from becoming a bottleneck.

Q-17. Explain CORBA’s common Data Representation.

Common Data Representation (CDR) is used to represent structured or primitive
data types passed as arguments or results during remote invocations on Common
Object Request Broker Architecture (CORBA) Distributed Object.
It enables clients and servers written in different programming languages to work
together.
For Example. It translates little-endian to big-endian. It assumes prior agreement
on type, so no information is given with data representation in messages.
CDR makes this possible by:
1. Standardizing Data Format: CDR defines how data is formatted so that
it’s consistent across systems.
2. Handling Byte Order: Different computers store data differently (big-
endian vs. little-endian). CDR manages these differences, so data is always
read correctly.
 3. Supporting Various Data Types: CDR works with simple data (like
numbers) and complex data (like arrays and structures).
4. Object References: CDR can encode references to objects, allowing
CORBA to work with remote objects as if they were local.

Q-18. Explain Firewall in detail.

A firewall can be defined as a special type of network security device or a
software program that monitors and filters incoming and outgoing network traffic
based on a defined set of security rules. It acts as a barrier between internal private
networks and external sources (such as the public Internet).
The primary purpose of a firewall is to allow non-threatening traffic and prevent
malicious or unwanted data traffic for protecting the computer from viruses and
attacks. A firewall is a cybersecurity tool that filters network traffic and helps
users block malicious software from accessing the Internet in infected computers.

Types of Firewalls
1. Packet-Filtering Firewall: Checks each packet individually, blocking or
allowing based on simple rules like IP addresses and port numbers.
 2. Stateful Inspection Firewall: Tracks ongoing connections and only allows
data if it’s part of a recognized connection.
3. Proxy Firewall: Acts as a middleman, filtering data for specific
applications (like web traffic).
4. Next-Generation Firewall (NGFW): Combines traditional firewall
functions with advanced features like intrusion prevention, detecting and
blocking complex threats.

Benefits of Firewalls
• Protects the Network: Blocks unauthorized access and cyber threats.
• Controls Access: Allows or blocks specific data or users.
• Monitors Traffic: Logs network activity to detect suspicious behavior.

Q-19. What is name space? Give hierarchy of name servers.

What is name space?
• A name space is a collection of all valid names recognized by a particular
service.
• It allows simple but meaningful names to be used.
• Structured name space allows similar sub-names without clashes and to
group related names.
• Name spaces are of two types: Flat name spaces and Hierarchical name
spaces.
• The name assigned to machines must be carefully selected from a name
space, with complete control over the binding between the names and IP
addresses.

Hierarchy of Name Servers

• To distribute the information among many computers, DNS servers are
used.
• Creates as many domains as there are first-level nodes. Fig. 3.3.3 shows
the hierarchy of name servers.
In the diagram:
• Root server at the top.
• Below it, servers such as Arpa server, edu server, com server, and in server.
• Further down are specific domain servers like Stes.edu, vtu.edu,
vtubooks.com, and abc.com.
• In a zone, a server is responsible and has some authority. The server makes
a database called the zone file and keeps all the information for every node
under that domain.
• Domain and zone are the same if a server accepts responsibility for a
domain and does not divide the domain into subdomains.
• Domain and zone are different if a server divides its domain into
subdomains and delegates part of its authority to another server.
• The diagram shows a root server at the top with the zones for "edu" and
"Stes" domains below it.
• A root server is a server whose zone consists of the whole tree. A root server
usually does not store any information about domains but delegates its
authority to other servers.
• Primary server: It stores a file about the zone for which it is an authority.
It is responsible for creating, maintaining, and updating the zone file.
• Secondary server: It transfers the complete information about a zone from
another server and stores the files on its local disk. These servers neither
create nor update the zone files.
Q-20. Define names, identifiers and addresses.
Naming is about mapping between names, addresses, identifiers and the referred
entities
Names (a bit-or character-string referring to an entity)
✓ e.g. John Smith or ftp-server
• Can be human-friendly(or not) and location dependent(or not)

Addresses (define access points)

• Entities can be operated through an access point
• The name of an access point is an address
✓ e.g. phone number, or IP-address + port for a service

Identifiers (unique identifiers)

A (true) identifier is a name with the following properties
1. Each identifier refers to at most 1 entity and
2. Each entity is referred to by at most 1 identifier
3. An identifier always refers to the same entity (never reused)
✓ e.g. John Smith + social security number, or MAC address

Q-21. Discuss Kerberos in detail.

Authentication in Kerberos
• It is a network authentication protocol developed at MIT in the
mid-1980s.
• A secret key-based service for providing authentication in open
networks.
• It provides strong authentication for client-server applications.
• There are four parties involved in the Kerberos protocol:
1. User - who uses the client workstation.
 2. Real Server - The server provides services for the user.
3. Authentication Server (AS) - It is the Key Distribution Center
(KDC) in the Kerberos protocol. Each user registers with the AS
and is granted a user identity and a password. The AS verifies the
user, issues a session key to be used between the user and the
Ticket Granting Server (TGS), and sends a ticket to the TGS.
4. Ticket Granting Server (TGS) - Issues a ticket for the real server.
It provides the session key between the user and the server.

Working of Kerberos Authentication:

1. REQUEST FOR KEYS
2. SENDS ENCRYPTED TICKET
3. SENDS DECRYPTED HASH
4. IF AUTHORIZED, SEND SERVICE TICKET
5. GIVES SECRET KEY
6. CLIENT SERVER COMMUNICATION
Q-22. Explain Distributed File System in details.
A distributed file system (DFS) is a networked architecture that allows multiple
users and applications to access and manage files across various machines as if
they were on a local storage device.
Instead of storing data on a single server, a DFS spreads files across multiple
locations, enhancing redundancy and reliability.

• This setup not only improves performance by enabling parallel access but
also simplifies data sharing and collaboration among users.
• By abstracting the complexities of the underlying hardware, a distributed
file system provides a seamless experience for file operations, making it
easier to manage large volumes of data in a scalable manner.

Features of DFS
1. Transparency:
o DFS provides a unified interface, so users can access files without
needing to know where the data is physically stored.
o Types of transparency include:
▪ Location Transparency: Users access files by name, not by
their physical location.
▪ Replication Transparency: Multiple copies of files can be
stored in different locations to improve access speed and
reliability.
▪ Failure Transparency: The system can handle hardware or
network failures without user interruption.

2. Scalability:
o DFS can scale to accommodate more data or additional servers as
storage needs grow.
o Adding more servers or storage devices allows DFS to manage and
distribute increased workloads.
 3. Reliability and Fault Tolerance:
o DFS replicates files across multiple servers, meaning if one server
fails, the system can retrieve data from another location.
o This redundancy ensures that data is still accessible even in the case
of a hardware or network failure.
4. Concurrency Control:
o Multiple users can access and modify files simultaneously.
o DFS ensures consistency, using locking mechanisms and version
control to manage concurrent access and avoid data conflicts.
5. High Availability:
o Data is distributed across various servers, which helps provide
continuous access and reduces downtime.
o Replication and redundancy play a vital role in maintaining
availability.

Q-23. Explain Bully algorithm in detail.

Bully Algorithm:
• The Bully algorithm specifies that the process with the highest identifier
will be the coordinator of the group.
Working:
1. When a process P detects that the coordinator isn’t responding to requests,
it initiates an election:
o P sends an election message to all processes with higher numbers.
o If nobody responds, then P wins and takes over.
o If one of the processes answers, then P's job is done.
2. If a process receives an election message from a lower-numbered process
at any time, it:
o Sends an OK message back.
o Holds an election (unless it’s already holding one).
3. A process announces its victory by sending all processes a message telling
them that it is the new coordinator.
4. If a process that has been down recovers, it holds an election.

Q-24. Explain Ring algorithm in detail.

Ring Algorithm:
• The Ring algorithm assumes that the processes are connected in
a logical ring, and each process is aware of the order of the ring
of processes.
 1. If any process detects failure, it conducts an election message
with its own ID and sends it to its neighbors.
2. If the neighbor is down, the process skips over it and sends the
message to the next process in the ring until a running process is
located.
3. At each step, the process adds its own process ID to the list in the
message and sends the message to its living neighbor.
4. Eventually, the election message comes back to the process that
started it.
5. The process then picks either the highest or lowest process ID in
the list and sends out a message to the group informing them of
the new coordinator and the members of the new ring.
6. When the message has circulated once, it is removed, and
everyone goes back to work.

Q-25. Discuss persistent and non-persistent HTTP connection.

Non-Persistent Connection
Non-Persistent Connections are those connections in which for each object we
have to create a new connection for sending that object from source to destination.
Here, we can send a maximum of one object from one TCP connection.
There are two types:
1. Non-Persistent-Without parallel connection: Each objection takes two RTTs
(assuming no window limit) one for TCP connection and the other for HTTP
image/text file.
2. Non-Persistent-With parallel connection: Non-Persistent with a parallel
connection requires extra overhead in transferring data.
 Non-Persistent & Parallel Connection

Advantages of Non-Persistent Connection

1. Wastage of Resources is very less because the connection opens only when
there is some data to be sent.
2. Non-Persistent Connection is more secure because after sending the data,
the connection gets terminated and nothing can be shared thereafter.
Disadvantages of Non-Persistent Connection
1. In Non-Persistent Connection, it requires a greater CPU overhead for the
transmission of data

Persistent Connection
1. Non-Pipelined Persistent Connection: In a Non-pipeline connection, we first
establish a connection that takes two RTTs then we send all the object’s
images/text files which take 1 RTT each (TCP for each object is not required).
2. Pipelined Persistent Connection: In Pipelined connection, 2RTT is for
connection establishment and then 1RTT(assuming no window limit) for all the
objects i.e. images/text.
 Persistent Without Pipelining and with Pipelining

Advantages of Persistent Connections

• Lower CPU and memory usage because there is less number of
connections.
• Allows HTTP pipelining of requests and responses.
• Reduced network congestion (fewer TCP connections).
• Reduced latency in subsequent requests (no handshaking).
• Errors can be reported without the penalty of closing the TCP connection.
Disadvantages of Persistent Connections
• Resources may be kept occupied even when not needed and may not be
available to others.
• Most modern browsers like Chrome, Firefox, and Internet Explorer use
persistent connections.
Q-26. Write a short note on: Distributed object-based system.
ANS: In distributed object-based systems, the notion of an object plays a key
role in establishing distribution transparency.

• In principle, everything is treated as an object, and clients are

offered services and resources in the form of objects that they can
invoke.
• A distributed object is one whose methods can be invoked by a
remote process, a process running on a computer connected via a
network to the computer on which the object exists.
• A distributed object is an object that can be accessed remotely.
• This means that a distributed object can be used like a regular
object, but from anywhere on the network.
• The location of the distributed object is not critical to the user of
the object.
• A distributed object might provide its user with a set of related
capabilities.
• The application that provides a set of capabilities is often referred
to as a service.
• A Business Object might be a local object or a distributed object.
• The term business object refers to an object that performs a set of
tasks associated with a particular business process.
• Key feature of an object: it encapsulates data, the state, and the
operations on those data, the methods.
• Methods are made available through an interface. The separation
between interfaces and the objects implementing these interfaces
is crucial for distributed systems.
Key Points:
1. Stub and Skeleton Overview:
o A stub (client-side) acts as a proxy for the remote object.
o The client stub communicates with the server skeleton by
sending data over the network.
o The server skeleton passes data to the target object, waits
for a response, and then returns results back to the client
stub.
2. Client Stub Responsibilities:
o Initiate remote calls.
o Marshal (organize) arguments for transmission.
o Notify the remote reference layer to perform the call.
o Unmarshal (interpret) the return value received.
o Notify the remote reference that the call is complete.
3. Server Skeleton Responsibilities:
o Unmarshal incoming arguments from the client.
 o Execute the actual remote object implementation.
o Marshal the return value to send it back to the client.

Q-27. Define failure? List down various reasons for the

occurrence of failure.

Q-28. What is mutual exclusion? Categorize and compare mutual

exclusion algorithms.
The design of distributed mutual exclusion algorithms is complex
because these algorithms have to deal with unpredictable message
delays and incomplete knowledge of the system state on eliminating
the mutual exclusion problem in distributed system approach based on
message passing is used. Below are the three approaches based on
message passing to implement mutual exclusion in distributed systems:
1. Token-based approach.
2. Non-Token based approach.
3. Quorum-based approach.
Token Based Algorithm:
• A unique token is shared among all the sites.
• If a site possesses the unique token, it is allowed to enter its
critical section.
• This approach uses sequence number to order requests for the
critical section.
• Each request for critical section contains a sequence number. This
sequence number is used to distinguish old and current requests.
• This approach ensures Mutual exclusion as the token is unique.
Non-token-based approach:
• A site communicates with other sites in order to determine which
sites should execute critical section next. This requires exchange
of two or more successive rounds of messages.
• This approach uses timestamps instead of sequence number to
order requests for the critical section.
• When a site makes a request for critical section, it gets a
timestamp. Timestamp is also used to resolve any conflict
between critical section requests.
• All algorithms within the non-token-based approach maintains a
logical clock. Logical clocks get updated according to Lamport’s
scheme.
Quorum based approach:
• Each site requests permission to execute the critical section from
all other sites.
• Each site responds only as a subset of sites which is called a
quorum.
• Intersection of sites or Quorum contains a common site.
• This common site is responsible to ensure mutual exclusion.