Index
A
a-posteriori clock synchronization 436
abcast 297-299, 327
locally and globally total ordering 307
locally total and globally total order 293-294
access control technologies 420-422
accidental failures compared to attack 211
accuracy (of a synchronized clock) 435
ACID properties of a database system 133-134
acknowledgment implosion 412-413
actions (transactional) 540
active messages 148-150
active replication 227
Active/X 96, 188-189
actuators 488, 490, 494-503
addresses
Internet
class D address 40
IP address 40
addressing 39-44
Advanced Automation System (AAS) 531-532
AFS 123-126, 128-129, 138, 422, 424
agent programming languages 186-187
Amoeba 529
analysis of buying patterns 177, 190
Andrew File System. See AFS
ANSA Project 93-95
application-level proxy (in firewalls) 202
architectural structures for reliable systems 391-393
argument
end-to-end 48-49
Argus 460, 540
Arjuna 540-541
AS/400 database server product 460
ASN.1 66
assumptions about environments 519
asynchronous consensus problem 245
asynchronous message agent technology 198-201
asynchronous message passing (for MOMS) 197
asynchronous model 6-7, 219, 244-245
Asynchronous Transfer Mode. See ATM
at most once semantics 76
ATM 23, 31-35, 153-154
bandwidth allocation 34
connection establishment 34
header 33-34
F/C field 33-34
PTI field 33-34
VCI field 33-34
VPI field 33-34
quality-of-service 34
reliability 35
atomic broadcast. See multicast
atomic rename operation 137
atomicity 134, 278-280
authentication 15, 45, 71, 175-178, 415-431
in AFS 123
in Kerberos 415
in ONC security 426-427
authentication (with wrappers) 360
authentication process 420
authentication server (in Kerberos) 425
authentication services 16
authorization 212
automatic order handling 190
availability
continuous 509
in secure systems 426, 429-431
versus consistency 344
available copies replication method 470
Avalon 541
avatars 169
avoiding unilateral abort in transactional systems 470
B
backflow of information to sender 412-413
bandwidth allocation (for ATM) 34
Bayou 541
binding 58, 65-66, 103, 110
Black Widow applets 184
body (of a message) 11
Bohrbugs 207
broadcast 27. See also multicast
hardware 12
storm 27
broken read locks 470
buffering 50
bulk data transfer tools 363
burst transmission 87
Byzantine agreement 242, 495
Byzantine failure model 6, 225-226, 241-245, 249, 282, 314-315, 416, 430
lower bounds 243
C
cache coherency in Sprite 124-125
cache management policy 118-119
caching 58-59, 120. See also replicated data
caching in the NFS system 119
caching Web proxies
consistency options 369
Camelot 542
Capstone 424, 428
CASD protocol 438, 477
CASE tools 184-185.
See also Computer Aided Software Engineering tools (CASE)
for distributed computing 190
for reliability 217
causal gap freedom 305-306
causal order 219
controversy 346-349
in overlapping process groups 305-306
with multiple, overlapping process groups 291
cbcast 284, 297-299, 327, 346-349, 532
compared to synchronous multicast protocol 444
in overlapping process groups 305-306
checkpoints 345, 533
Chorus 529-530
CICS (IBM's transactional product) 542
class D Internet address 40
client/server computing 57-59, 81, 253
client/server system
consistent/inconsistent states 79
clients of a process group. See communication from nonmembers to a group
Clipper chip 428
clock synchronization 433-437
closely synchronous execution 315
Clouds 460
cluster API 505, 514-515
cluster computer architectures 505-515
cluster computing used in telecommunication coprocessors 448
CMIP 490-495
Coda 124
coherent caching Web proxy 366-367
Common Object Request Broker Architecture. See CORBA
communication
segment 152
technologies 22
communication from a group to a nonmember 297
communication from nonmembers to a group 294-297
complexity as a threat to reliability 209-210
components off the shelf (COTS) 352
Computer Aided Software Engineering tools (CASE) 184-185, 190, 217
computer network 4
concurrency control 132-133
tools 363
connection establishment (ATM) 34
conservative scheme 305-306
consistency 4, 88-90, 192, 215-216, 337-338, 463-467
consistency in caching Web proxies 391-393
consistent and inconsistent cuts 221, 289-290
consistent caching 359
consistent cuts in log-based recovery 533
consistent/inconsistent states of client/server systems 79
continuous availability 4, 509
Continuous Media Toolkit (CMT) 399-401
convoy phenomenon in reliable systems 411
coordinator-cohort algorithm 333-334
copy on write 144
CORBA xxi-xxiii, 16-17, 19, 49, 61, 93-111, 199-202, 206-210, 357, 401-403, 515, 525, 540, 545-546
event notification service 106-108, 197-201
hardening applications with Horus/Electra 401-403
interface definition language 98, 104-105
Interobject Broker Protocol 109
introducing reliability technologies with 354
life-cycle service 108
naming service 106
Object Request Broker 96-97, 105-106
Orbix example 101
persistent object service 108
rebinding to a different server after failure 103
reference model 96-104
reliability issues 103
reliability properties of CORBA solutions 109-110
replication services 103-104
transaction service 108-109
transactional services 102-103
viewed as a wrapper technology 354
correct specification 5
correlated events 498-499
COTS (components off the shelf) 352
critical dependencies 18
cyclic UDP 400-401
D
data access patterns in distributed file systems 124
data replication. See replicated data
database server 57
DCE 16, 61, 66, 71,96
defense against intrusion and attack 211
Delta-4 530
denial of access in secure systems 426
DES 423-424
detecting failures 210
dialback security mechanisms 418
digital signatures (used in firewalls) 202
dimensions of the system validation problem 517-521
dining philosophers' problem 308
distorted timelines 221
distributed CASE tools 184-185
distributed commit problem 227-238
distributed computing architectures
PC 96
distributed computing environments 16.
See also DCE
distributed computing systems, reliability in.
See DCE
distributed database systems 129-131
abort viewed as a tool 134-135
ACID properties 134-135
concurrency control 132-133, 456
nested transactions 458
serializability 131
state shared by clients and server 134
transactional model 129-131, 450-471
write-ahead log 453-454
distributed object abstraction 94
distributed programming languages 363-364
distributed shared memory 382-383
distributed system management 487-503
distributed transaction 456
DNS 69. See also Domain Name Service
Domain Name Service 40-43
DSM 386
dynamic membership model 225, 249-253, 267-269, 336-345
dynamic uniformity 251-268, 272, 282, 293, 299, 317-334, 465, 550
performance implications 340-341
E
e-mail 194-195
Electra 401-403
electronic mail. See e-mail
embedded systems 495
Encina 139, 460, 467, 542
encryption used in virtual private networks 419
end-to-end argument 48-49, 346
ENS. See event notification service
enterprise Web servers 391-393
equity trading system based on Horus 412
error correction 84-85
Ethernet 25-27
event dispatch 72-74
event notification service 106-108, 198-201.
See also CORBA
exactly once semantics 76
exponential convergence of gossip protocols 474
extended virtual synchrony 318-322
external data representation. See XDR
F
F/C field (ATM header) 33-34
fail-over in CORBA 354
fail-stop failures 5
fail-stop model 225-226, 265
failure detectors 210
failures 5-6, 206-213
detecting 210
false sharing 386
fault tolerance 4, 88-90, 163, 359, 387-388, 497
primary backup 89
fault-tolerant real-time control 434
fault-tolerant tools 363
fbcast 283, 297-299
fbufs 146-148
FDDI. See Fiber Distributed Data Interface
Fiber Distributed Data Interface 27-28
Ficus 126
file handle 118
file servers 57
stateful 122-129
file transfer protocols 194
Firefly RPC costs 143
firewall protection (with wrappers) 360
firewalls 201-202, 353, 417-419
flow control 85-86, 413
flush 309
Fortezza 427-429
fourth-generation languages (4GLs) 364-371
fragmentation 12
G
gap-freedom guarantee 317
gateway 202
GIF 174
Global Positioning System. See GPS receivers
globally total order 307
GMS. See group membership service
gossip protocols 473-485
GPS receivers 70, 433-437, 553-554
group address 397
group communication and Java applets 391-393
group communication in Web applications 366-367
group membership protocol 80-81, 255, 345
group membership service 253-266, 280-281, 442
extensions to allow partition and merge 266
primary partition properties 264-266
summary of properties 280-281
group object 397
groupware video protocols 267
guaranteed execution tools 363
guardians 540
GUI builders 184-185, 190
H
halting failures 5, 225
hardware cryptographic protection 419
hardware fault tolerance 512
Harp 121, 468, 530-531
HAS 531-532
header (of a message) 11
Heisenbugs 207-208, 316
high availability 4
Horus system
basic performance 403-404
protocol accelerator 405-409
real-time protocols 445
replication in the Web 394-397
robust groupware application 399-401
scalability 410
story behind name 391
virtually synchronous process groups 397
hostile environments 211-213
HotJava 179-184
how computers fail 206-213
HTML 168-169
HTTP 170-173
commands 171-173
HyperText Markup Language 168-169
HyperText Transport Protocol 170-173
I
IDL 98. See also CORBA, remote procedure call
IIOP 106
impossibility results for the asynchronous model 248, 341
IN coprocessor fault tolerance 448
inconsistent failure detection in available copies 470-471
information warfare 211-213, 499-503
inode 118
instrumentation of a distributed system 489-490
integration of process groups with database proper 471
intentional threats 211
interface definition language. See IDL
Internet
domain name service 40-43
protocol 39
IP 44
IP multicast 46-55
Internet Inter-ORB Protocol. See IIOP
Internet Packet Multicast Protocol. See IP Multicast
Interobject Broker Protocol 109
IOB. See Interobject Broker Protocol
IP address 40
IP multicast 46-55
and scalability of reliable group process 412-413
IP over ATM (reliability issues raised) 35
IP protocol 44
ISDN 28-31
Isis toolkit 532
story behind name 391
iterated multicast 295
J
Java 179-184
applets structured as object groups 366-367
groupware opportunities 366-367
integrated with group communication tools 391-393
JPEG 174
K
Kerberos 71-72, 123, 422-430
key escrow 424, 428
L
layered protocol architectures (pros and cons) 10
LCS. See life-cycle service
LFS 128-129
life-cycle service 108
lightweight process groups 310
lightweight remote procedure call 143-146,
lightweight tasks. See threads
lightweight threads 73-74
load-balancing 329-331
tools 363
local procedure call 76
locally total order 307
Locus 533
log-based database representation 468
log-based recovery 533-534
log-structured file system 128-129
logging tools 363
logical clock 219. See also vector clock used to implement cbcast 285
Lotus Notes 130
LPC. See local procedure call
M
Mach 529
Management Information Base (MIB) 490-495
Manetho 533-534
MARS 434
marshaling 66-68
master-slave parallel programming style 150
mbufs 50
measurements of distributed file systems 124
message
body 11
header 11
message bus architectures 198-201
message-oriented middleware 138-139.
See also MOMS (message-oriented middleware)
messages
active 148-150
Meta system 487
MIB used for failure detection 210
MOMS (message-oriented middleware) 197-198
monitoring and logging (with wrappers) 360
monitoring tools 363
MPEG 174
multicast 27, 266-267. See also broadcast
consistency issues 345
hardware messages 12
ordering domains 308-309
ordering options 269-276
ordering protocols (causal and total) 282-294
reliable 12
stability 306
totally ordered 292-294
multicast for video data 267
multilevel architecture for group computing tools 391-393
multiphase commit 456
multiple protocol stacks in Transis 539
N
nack implosion 412-413
naming service 15, 69-70, 106
NavTech 534
negative-acknowledgment 87-88
nested transaction model
problems with concurrent data structures 460
nested transactions 457-463
Netscape Navigator
plug-ins 188
network
database server 57
file server 57, 118-122, 130. See also NFS replication for high availability 121
network bulletin boards 195-197
network, computer 4
network database server 129-135
See also distributed database system, transactions;distributed database systems: transactional model
Network File System. See NFS
Network Information Service 69. See also NIS
network of workstations 505-506
network OLE 96
network partitioning 6, 318-322
newsgroups 195-197
Newtop 541
NFS 66, 80, 115-140, 426-427
caching 119
prefetching 120
reliability of 120
security of 426-429
security problems with 421
NIS 69
NNTP 196
nondeterminism (sources) 362
nonvolatile memory 468
nonvolatile RAM (NVRAM) (used in Harp) 531
NOW. See network of workstations
NT/Exchange 96
NT/Server 96
O
object code editing
as a tool in Web agent applications 185-187
object group 354
object orientation
groupware solutions. See Electra;Orbix + Isis
technologies supporting. See CORBA; OLE-2; Orbix
viewed as a wrapper technology 355
Object Request Broker 96-97
off-the-shelf-components (COTS) 352
OLE-2 96
introducing reliability technologies with 354
viewed as a wrapper technology 354
omission failures 5
ONC 61, 362, 426-427
security of 426-429
Open Network Computing (ONC) 16.
See also ONC
Open Systems Interconnection protocols 39
operating system support for high-performance communication 142-155
optimal clock synchronization 436
ORB. See Object Request Broker
Orbix 101
Orbix+Isis 103-104, 401-403, 532
viewed as a CASE tool 217
orphan termination 540
OSI protocol
layers 9
model 8
overhead of layered protocol 406-407
eliminating processing 407-408
P
packet 11
filter 353
loss rates
UDP over UNIX 51
sniffers 417-419
parallel computing (communication support) 150
parallel programming support 36-37
parallel shared memory systems 7
partition failures 318-322
passwords 417-419
payment security 190
pbcast 473, 475-482
PC distributed computing architectures 96
performance 5
performance issues in file systems 124
persistent data 450-451
persistent object service 108
Phoenix 534
plug-ins (for Web browsers) 188-189
POS. See persistent object service
potential causality 219
potential groupware uses of the Web 366-367
PowerBuilder 185-187
precision (of a synchronized clock) 435
prefetching in NFS 120
prefetching versus whole-file transfer 120
presentation (layer in OSI hierarchy) 8
primary-backup fault tolerance 89, 331-332
in transactional systems 467
primary component of a partitioned network 318-322, 342
privacy 4, 177
private investigator (failure detection scheme) 210
probabilistic clock synchronization 436
probabilistic protocols 473-485
process groups. See virtually synchronous process groups
protocol
CASD 438
compilation 154-155
DNS 69
file transfer 194
gossip 474
group membership 80-81
IP 44
IP multicast 46-55
NFS 66
Simple Mail Transfer 69
sliding window 83-87
stack 395
TCP 45, 83
TCP (over U-Net) 153-154
UDP 45-46
UDP (over U-Net) 153-154
verification 538
Psync 535
PTI field (ATM header) 33-34
publish/subscribe paradigm 199
push-and-pull agent models compared 186-187
PVM 36-37
Q
quality-of-service 142
(for ATM) 34
guarantees in Transis 538-539
negotiation (with wrappers) 360-361
QuickSilver 137
quorum replication 326, 457
R
RADIO product 505
RAID 122
Rampart 535
reactive control 495
real time 434
CASD protocol 438, 532
fault-tolerant, in MARS 434
Horus protocols 445
virtual synchrony 448
reasoning about distributed systems 517-527
recoverability 4, 450-451
Relacs 535
relational model of a system 488-489
release consistency 384-385
reliability
ATM 35
in distributed computing systems 4-7
NFS 120
of IP protocols over ATM 35
reliable communication channel 83
reliable multicast 12
in sychronous systems 438
probilistic protocols 473-485
scalability 410
remote procedure call 57. See also RPC
authentication service 71-72
binding 65-66
burst protocol 76
error handling 65
in reliable distributed systems 77-81
lightweight 143-146
marshaling 66
naming service 69
over a stream 90-91
performance issues 143-144
primary-backup replication 78
protocol 75-77
replay problem 77
stub generation 62
time services 70-71
rename
atomic operation 137
replay problem 76-77
replicated data 58-59, 121-122, 226, 253, 314, 322-327
best solution 326
caching in Web proxies 178-179
high-performance transactional scheme 467-471
in transactional systems 456-457
performance of quorum algorithm 240
probabilistic, using pbcast 483
quorum algorithm 238-241
tools 363
with Byzantine failures 241-244
replication and load-balancing in Web servers 366-367
replication of Web servers 391-393
representations of image data 174-175
rich text format 174
RMP 536
rollback 533
routing 47-48
RPC 60-62. See remote procedure call
RSA 422-424
S
safe atomic multicast. See dynamic uniformity
sandbox approach to agent security 184
scalability of reliable distributed systems 410
secure electronic transfer 177-178, 190
secure sockets layer 177-178, 190
security 4, 24, 71,77, 110, 168, 177, 192, 197, 201-202, 388, 415-431, 510
security (with wrappers) 360
security and availability 429-431
security enclave 360
security of agent systems 184
self-healing systems 519
self-stabilizing systems 519
semantics
at most once 76
exactly once 76
sender-based logging 533
sensors 488, 490-494
session (layer in OSI hierarchy) 8
shared memory tools 363
shared nothing model 505-515
Simple Mail Transfer Protocol
DNS 69
skew (of a synchronized clock) 435
sliding window protocols 83-87
smart cards. See Fortezza
SMTP 194
snapshot of a distributed system 220.
See consistent and inconsistent cuts
SNMP 490-495
specification, correct 5
SPIN project 154-155
split secret schemes 430
Sprite 124-125
cache coherency 124-125
SS7 telecommunication protocol 448
SSL encryption 177-178, 190
stability of a multicast 306
stability of group communication performance 412
state machine approach 314-315
state machine replication
for reactive control 497
state transfer 296, 327-329
state transfer tools 363
stateful client/server systems 115-116, 131
stateful file servers 122-129
stateless client/server system 115
static membership model 225-241, 249-253, 336-345
stock trading system based on Horus 412
StormCast system 186, 536-537
streams 83-91
burst transmission 87
dynamic adjustment of window size 86
error correction 84-85
flow control 85-86
sliding window protocol 83-87
unbreakable (wrapped for reliability) 370-380
used to support remote procedure call 90-91
strong and weak virtual synchrony in Horus 448
synchronous model 7, 242
systems 134
T
TACOMA 186
TCP protocol 45, 83
TCP protocol (over U-Net) 153-154
testing for liveness of an application 210
the Web. See Web, the
Thor system 540
threads 72-74
versus event dispatch 73-74
threats
intentional 211
unintentional 211
three-dimensional Web interfaces 169
three-phase commit 236-238, 456
ticket granting server (in Kerberos) 425-426
time in distributed systems 218-224
time service 15-16
timed asynchronous model 438-445, 531-532
timeliness 5
timing failures 6
TINA 104
toolkits 352-364
tools for consistent caching 391-393
top-level transactions 462
topological knowledge used in cbcast 291
Totem 537-538
Tranmission Control Protocol. See TCP protocol
transaction service 108-109
transactional actors 540
transactional commit protocols 456
transactional model
compared to virtual synchrony 450-451
problems encountered in distributed uses 461
systems that implement transactions 539-542
weak consistency 463-467
transactional system architecture 450-471
transactions 129. See also distributed database systems
Transis 538-539
transport (layer in OSI hierarchy) 8
Tuxedo 110, 139, 467, 542
two-phase commit 456
avoiding need using process group 469
final version of protocol 235
two-phase locking 132-133
U
U-Net 151-154
UDP protocol 45-46
over U-Net 153-154
unauthorized use of resources 212-213
Uniform Resource Indentifier 171
Uniform Resource Locators 170
unintentional threats 211
URI. See Uniform Resource Indentifier
URL. See Uniform Resource Locators
User Datagram Protocol. See UDP protocol
V
V system 529, 539
VCI field (ATM header) 33-34
vector clock 223-224, 531
causal communication with nonmembers of a group 302
timestamp compression 288-289
used to implement cbcast 285-287
verification of protocols 538
video groupware multicast properties 267
view
of a process group 278-279, 397
view-synchronous multicast delivery 317
virtual memory used in communication architecture 146
virtual private network 34, 184, 212, 358, 419
virtual reality metalanguages 169
virtually synchronous execution model 313-334
virtually synchronous process groups 265-266, 394-397
algorithms and tools 322-334
compared to transactional model 450-451
execution model 313-334
extended virtual synchrony 318-322
flush protocol 279
guarantees compared to synchronous model 444
in Horus 397
Isis toolkit 532
replicated data 322-334
reporting membership through views 277-278
security 430
summary of membership properties 280-281
used in complex systems 352-389
virus 211
Visual BASIC 185-187
vnodes 118
VPI field (ATM header) 33-34
VRML 169
W
Web proxy 178-179, 394-397
Web server
replication and load-balancing 366-367
wrapped for fault tolerance 364-371
Web, the xvii, 41-42, 57-59, 115, 167, 177, 194, 364-371
Active/X 188-189
agent programming languages 186
agent-based browsers 179-184
architectural structures and reliability tools 391-393
banking on the Web 189-190
basic authentication protocol 175
browser technologies 167-192
commerce servers 189-190
commercial use of 162, 177-178
consistency issues 192
database servers 189-190
exchange servers 189-190
fault tolerance and load-balancing 366-367
firewalls 201-202
groupware tools and solutions 366-367
HotJava browser 179-184
HTML 168-169
HTTP 170-173
Java 179-184
Java applets structured as object groups 366-367
military use 163
other agent languages 185-187
plug-in technologies 188-189
proxy 167-192
reliability 163-164
replicated data 226-227
replication and reliability 394-397
search engines and Web crawlers 187-188
secure sockets layer 175-176
security 163-164, 188-189, 197
security and privacy issues 177-178
security with digital signatures 366-367
transactional uses 189-190
URL. See Uniform Resource Locators
Web Proxies 178-179
white pages 70
whole file transfer compared with prefetching 120
wide area group communication for the Web 366-367
World Wide Web 41-42, 57-58.
See also Web, the
worm 211
wrappers 352-364
write-ahead log 453-454
write-through policy 118-119
X
x-Kernel 19, 146-147, 394-395, 398, 406
X.500 69-70, 428-429, 547
XDR 66
Xpress Transfer Protocol. See XTP
XTP 52-54
Y
yellow pages 69