Module 3 - Distributed System
Module 3 - Distributed System
Page no: 1
Skeleton: In the remote JVM, each remote object may have a corresponding skeleton (in Java 2 platform-only
environments, skeletons are not required). The skeleton is responsible for dispatching the call to the actual
remote object implementation. When a skeleton receives an incoming method invocation it does the following:
• unmarshals (reads) the parameters for the remote method,
• Invokes the method on the actual remote object implementation, and marshals (writes and transmits) the
result (return value or exception) to the caller.
Page no: 2
11. The client stub unmarshals the results and passes them to the caller. (shown in fig 3.3)
Page no: 3
Fig 3.5 conventional and Asynchronous RPC
Implementing RPC:
RPC is generally implemented over a request‐reply protocol that supports two‐way exchange of messages in client‐
server interactions
The protocol is based on 3 communication primitives
• doOperation: used by a client to invoke a remote operation. doOperation sends a request message to the
remote server and returns the reply message
• getRequest: used by a server to acquire request messages
• sendReply: used by a server to send the reply message to the client after it has invoked the operation
specified in the request message. Shown in fig 3.6.
Page no: 4
Fig 3.7 Event and notifications
A dealer process creates an object to represent each named stock that the user asks to have displayed.
An event source can generate events of one more different type. Each event has attributes that specify
information about that event.
The architecture of distributed event notification specifies the roles of participants as in Fig.3.8: It is designed
in a way that publishers work independently from subscribers. Event service maintains a database of published
events and of subscribers’ interests.
The roles of the participants are:
• Object of Interest – This is an object experiences change of state, as a result of its operations being
invoked.
• Event – An event occurs at an object of interest as the result of the completion of a method invocation.
• Notification – A notification is an object that contains information about an event.
• Subscriber – A subscriber is an object that has subscribed to some type of events in another object.
• Observer objects – The main purpose of an observer is to separate an object of interest from its
subscribers.
• Publisher – This is an object that declares that it will generate notifications of particular types of event.
Page no: 5
• An object of interest inside the event service sends notification via the observer to the subscribers.
• The observer queries the object of interest outside the event service and sends notifications to the
subscribers.
A variety of delivery semantics can be employed:
• IP multicast protocol – information delivery on the latest state of a player in an Internet game
• Reliable multicast protocol – information provider / dealer
• Totally ordered multicast - Computer Supported Cooperative Working (CSCW) environment
• Real-time – nuclear power station / hospital patient monitor
Roles for observers – the task of processing notifications can be divided among observers:
• Forwarding – Observers simply forward notifications to subscribers.
• Filtering of notifications – Observers address notifications to those subscribers who find these notifications
are useful.
• Patterns of events – Subscribers can specify patterns of events of interest.
• Notification mailboxes – A subscriber can set up a notification mailbox which receives the notification on
behalf of the subscriber
SECURITY:
• There is a pervasive need for measures to guarantee the privacy, integrity, and availability of resources in
distributed systems.
• Security attacks take various forms: Eavesdropping, masquerading, tampering, and denial of service.
• Designers of secure distributed systems must cope with the exposed interfaces and insecure network in an
environment where attackers are likely to have knowledge of the algorithms used to deploy computing
resources.
• Cryptography provides the basis for the authentication of messages as well as their secrecy and integrity.
Page no: 6
The recipient uses a corresponding private key to decrypt the message.
Uses of Cryptography:
– Secrecy and integrity (to stop eavesdropping and tampering) also use redundant information
(checksums) for maintaining integrity.
– Authentication
– Digital Signatures
Algorithms to perform encryption and decryption
1. RSA (Rivest, Adi Shamir and Leonard Adleman):
RSA was first described in 1977 by Ron Rivest, Adi Shamir and Leonard Adleman of the Massachusetts
Institute of Technology. Public-key cryptography, also known as asymmetric cryptography, uses two
different but mathematically linked keys, one public and one private. The public key can be shared with
everyone, whereas the private key must be kept secret. In RSA cryptography, both the public and the private
keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt
it. This attribute is one reason why RSA has become the most widely used asymmetric algorithm: It provides
a method of assuring the confidentiality, integrity, authenticity and non-reputability of electronic
communications and data storage.
Algorithm:
RSA encrypts messages through the following algorithm, which is divided into 3 steps:
1) Key Generation
a) Choose two distinct prime numbers p and q.
b) Find n such that n = pq.
n will be used as the modulus for both the public and private keys.
c) Find the Φ
Φ =(p-1)(q-1).
d) Choose an e such that 1 < e < Φ, and such that e and Φ share no divisors other than 1 (e and Φ are
relatively prime).
e is kept as the public key exponent.
e) Determine d (using Extended Euclidean algo table method) which satisfies the congruence relation
de ≡ 1 (mod φ(n)). Or ax +by= gcd(e, Φ )
Page no: 7
M ≡ Cd (mod n).
Example:
1. Choose p = 3 and q = 11
2. Compute n = p * q = 3 * 11 = 33
3. Compute ф = (p - 1) * (q - 1) = 2 * 10 = 20
4. Choose e such that 1 < e < ф and e and ф are coprime. Let e = 7
5. Compute a value for d such that (d * e) % ф = 1. One solution is d = 3 [(3 * 7) % 20 = 1] which is come with
the help of extended Euclidean algo table method:
Step x y F or d k
1 1 0 20 -
2 0 1 7 2
3 1 -2 6 1
4 -1 3 1 6
Stop here because f==1
Now the value of d(private key is)= 3
6. Public key is (e, n) => (7, 33)
7. Private key is (d, n) => (3, 33)
8. The encryption of m = 2 is c = 27 % 33 = 29
9. The decryption of c = 29 is m = 293 % 33 = 2
Page no: 8
Fig 3.10 Internal process of encryption
• Initial and final Permutation: The initial and final permutations are straight Permutation boxes (P-boxes)
that are inverses of each other. They have no cryptography significance in DES. The initial and final
permutations are shown as follows – shown in fig 3.11.
Page no: 9
Fig 3.12 16-Feistel round
Expansion Permutation Box −Since right input is 32-bit and round key is a 48-bit, we first need to expand right
input to 48 bits. Permutation logic is graphically depicted in the following illustration – shown in fig 3.13
Page no: 10
There are a total of eight S-box tables. The output of all eight s-boxes is then combined in to 32 bit section.
DES Analysis
The DES satisfies both the desired properties of block cipher. These two properties make cipher very strong.
• Avalanche effect − A small change in plaintext results in the very grate change in the cipher text.
• Completeness −Each bit of cipher text depends on many bits of plaintext.
During the last few years, cryptanalysis has found some weaknesses in DES when key selected are weak keys.
These keys shall be avoided.
Page no: 11
Sun Network File System:
Network File System (NFS) is a distributed file system (DFS) developed by Sun Microsystems. This allows
directory structures to be spread over the net- worked computing systems.
A DFS is a file system whose clients, servers and storage devices are dispersed among the machines of
distributed system. A file system provides a set of file operations like read, write, open, close, delete etc. which
forms the file services. The clients are provided with these file services. The basic features of DFS are multiplicity
and autonomy of clients and servers. shown in fig 3.17.
Page no: 12
Any directory within an exported file system can be mounted remotely on a machine. When the server receives
a mount request, it returns a file handle to the client. File handle is basically a data-structure of length 32 bytes.
It serves as the key for further access to files within the mounted system. shown in fig 3.18.
In UNIX term, the file handle consists of a file system identifier that is stored in super block and an inode
number to identify the exact mounted directory within the exported file system. In NFS, one new field is added
in inode that is called the generic number.
Mount can be is of three types -
• Soft mount: A time bound is there.
• Hard mount: No time bound.
• Automount: Mount operation done on demand.
Mount Protocol:
• Mount protocol establishes a local name for remote files
• Users access remote files using local names; OS takes care of the mapping
Page no: 13
Fig 3.20 Semantics of file sharing
Client Caching: Delegation
NFS V4 supports open delegation
Server delegates local open and close requests to the NFS client
Uses a callback mechanism to recall file delegation. shown in fig 3.21.
Page no: 14
Fig 3.22 RPC failure
Andrews File System (AFS)
The Andrew File System (AFS) is a location-independent file system. AFS makes it easy for people to work
together on the same files, no matter where the files are located. AFS users do not have to know which machine
is storing a file. AFS is a distributed file system which makes it as easy to access files stored on a remote
computer as files stored on the local disk. shown in fig 3.23
AFS is a distributed file system, with scalability as a major goal. Its efficiency can be attributed to the following
practical assumptions (as also seen in UNIX file system):
• Files are small (i.e. entire file can be cached)
• Frequency of reads much more than those of writes
• Sequential access common
• Files are not shared (i.e. read and written by only one user)
• Shared files are usually not written
• Disk space is plentiful
AFS distinguishes between client machines (workstations) and dedicated server machines. Caching files in the
client side cache reduces computation at the server side, thus enhancing performance. However, the problem
of sharing files arises. To solve this, all clients with copies of a file being modified by another client are not
informed the moment the client makes changes. That client thus updates its copy, and the changes are
reflected in the distributed file system only after the client closes the file. Various terms related to this concept
in AFS are:
• Whole File Serving: The entire file is transferred in one go, limited only by the maximum size UDP/IP
supports
• Whole File Caching: The entire file is cached in the local machine cache, reducing file-open latency, and
frequent read/write requests to the server
• Write On Close: Writes are propagated to the server side copy only when the client closes the local copy of
the file