We describe an architecture for secure, independent, interworking services (Oasis). Each service is made responsible for the classification of its clients into named roles, using a formal logic to specify precise conditions for entering each role. A client becomes authenticated by presenting credentials to a service that enable the service to prove that the client conforms to its policy for entry to a particular role. During authentication a data structure is created that embodies the proof. An authenticated client is issued a role membership certificate (RMC) for its subsequent use with that service. An RMC is an encryption-protected capability which includes the role name, the identity of the principal to which it was issued and a reference to the issuing service. A proof rule of one service may refer to an authenticated user of another; that is, an RMC issued by one service may be required as a credential during authentication by another. A dynamic proof tree may thus be built which exhibits amongst other things the trust relationships between the services which the client has entered. The first part of the paper shows how a service may define a set of proof rules (Horn clauses) that specify who may use it and in what way. Delegation of rights may be expressed naturally within these rules. The second part of the paper presents the design details of the system. Associated with each RMC issued by a service, the service keeps a credential record (CR). The CR indicates the predicates against which the RMC was issued and lists all other services which have issued RMCs to this principal based on this CR. If one of these predicates becomes false, the local RMC is immediately invalidated. Event technology is used to achieve rapid revocation of the dependent RMCs issued by other services; any portion of a proof tree which is based on this predicate collapses. The system is inherently decentralised and has a tuneable reaction to network or server failure which allows services to make appropriate decisions when authorization or revocation information is unavailable. A prototype system has been implemented and tested.

This paper describes a file system structure for supporting Quality of Service (QoS) guarantees. The device driver model clearly separates control- and datapath operations and presents a low-level of abstraction. The data-path module provides translation and protection of I/O requests enabling the file system layers to be executed as unprivileged code within shared libraries. Scheduling of low-level operations within the device driver is used to provide isolation between clients and Quality of Service guarantees. 1 Introduction A large proportion of the code executed on behalf of an application in a traditional operating system requires no additional privilege and does not, therefore, need to execute in a separate protection domain. Typically, code which must atomically and securely update important datastructures is rarely executed and usually associated with out-of-band operations such as opening or closing a file. It is only this code which must necessarily execute in a separate p...

le application-specific use of I/O devices. The architecture is applied to several representative classes of device including network interfaces, network connected peripherals, disk drives and framestores. Of these, disks and framestores are of particular interest since they must be shared at a very fine granularity but have traditionally been presented to the application via a window system or file-system with a high-level and coarse-grained interface. A device driver for the framestore is presented which abstracts the device at a low level and is therefore able to provide each client with guaranteed bandwidth to the framebuffer. The design and implementation of a novel client-rendering window system is then presented which uses this driver to enable rendering code to be safely migrated into a shared library within the client. A low-level abstraction of a standard disk drive is also described which efficiently supports a wide variety of file systems, and other applications requiring

Abstract not found

Using current development techniques multimedia application creation is an ad hoc process yielding applications rooted in particular environments. We have designed authoring and presentation facilities which manage the creation and display of interactive multimedia presentations for applications in a distributed context. We illustrate with our prototype platform and applications developed using it. 1 Introduction A multimedia environment integrates continuous media such as digital audio and video with the text and still pictures already supported in standard distributed computing environments. Workstations with bit-mapped displays and running windowing systems allow control over the presentation of visual media. Speakers allow audio to be played. Input devices such as cameras and microphones are becoming standard for the capture of audio and video. Storage services for continuous media have been developed and ATM networking technology supports the transport of multiservice traffic. U...

As multimedia applications become part of mainstream computing, storage systems have to deal with many different file types, each with their own usage patterns and resource requirements. However, conventional file systems do not recognise this heterogeneity, and treat all stored data alike. By using file classes and interfaces to describe files of different types, useful information can be provided by the application and used by the file system to choose appropriate storage policies. An architecture is proposed by which file systems can provide support for different file classes in a flexible and extensible manner. This architecture is based on the Multi-Service Storage Architecture (MSSA) and will be implemented on the Nemesis operating system, which provides the resource guarantees necessary for multimedia applications. 1 Introduction Everything is a file. Or at least if you use UNIX it is. The file abstraction has been one of the most widely used concepts in the design and implemen...

The rapidly advancing technology of cellular communication and wireless LAN makes ubiquitous computing feasible where the mobile users can have access to the location independent information and the computing resources. Multimedia networking is another emerging technological trend of the 1990s and there is an increasing demand for supporting continuous media traffic in wireless personal communication environment. In order to guarantee the strict performance requirements of realtime traffic, the connection-oriented approaches are proving to be more efficient compared to the conventional datagram based networking. This dissertation deals with a network architecture and its design issues for implementing the connection-oriented services in a mobile radio environment. The wired backbone of the proposed wireless LAN comprises of high speed ATM switching elements, connected in a modular fashion, where the new switches and the user devices can be dynamically added and reconnected for maintai...

We propose an innovative control architecture for ATM that allows users to reserve in advance complex connection patterns in the network. It offers control over the resources via schedules but alleviates the potential over-conservative nature of the resource allocation by coupling it with real-time measurement of actual use of the resources.

This research advocates the architecture of using the switched network as the interconnect among the loosely coupled storage devices for large scale video on demand(VOD) servers. The article proposes a flexible and scalable network striped distributed storage system framework to exploit the above architecture. Quality of Service(QoS) and implementation issues are also discussed in the end. 1 Introduction Large scale storage servers for video on demand (VOD) are becoming more important. Though a single modern disk can support the playing back and recording of several MPEG-I or MPEG-II streams, the bandwidth requirement of many concurrent streams is well beyond the performance of a server based on one disk or a small scale disk array. The most important aspect of the architectural part of a large scale video server is the interconnect structure from the basic storage units(the disks) to the customers (the set-top boxes(STB)). Generally, there are four types of interconnect: backplane, ...