Charles S. Kline

The LOCUS distributed operating system

LOCUS is a distributed operating system which supports transparent access to data through a network wide filesystem, permits automatic replication of storage, supports transparent distributed process execution, supplies a number of high reliability functions such as nested transactions, and is upward compatible with Unix. Partitioned operation of subnets and their dynamic merge is also supported. The system has been operational for about two years at UCLA and extensive experience in its use has been obtained. The complete system architecture is outlined in this paper, and that experience is summarized.

Detection of Mutual Inconsistency in Distributed Systems

Many distributed systems are now being developed to provide users with convenient access to data via some kind of communications network. In many cases it is desirable to keep the system functioning even when it is partitioned by network failures. A serious problem in this context is how one can support redundant copies of resources such as files (for the sake of reliability) while simultaneously monitoring their mutual consistency (the equality of multiple copies). This is difficult since network faiures can lead to inconsistency, and disrupt attempts at maintaining consistency. In fact, even the detection of inconsistent copies is a nontrivial problem. Naive methods either 1) compare the multiple copies entirely or 2) perform simple tests which will diagnose some consistent copies as inconsistent. Here a new approach, involving version vectors and origin points, is presented and shown to detect single file, multiple copy mutual inconsistency effectively. The approach has been used in the design of LOCUS, a local network operating system at UCLA.

LOCUS a network transparent, high reliability distributed system

LOCUS is a distributed operating system that provides a very high degree of network transparency while at the same time supporting high performance and automatic replication of storage. By network transparency we mean that at the system call interface there is no need to mention anything network related. Knowledge of the network and code to interact with foreign sites is below this interface and is thus hidden from both users and programs under normal conditions. LOCUS is application code compatible with Unix2, and performance compares favorably with standard, single system Unix. LOCUS runs on a high bandwidth, low delay local network. It is designed to permit both a significant degree of local autonomy for each site in the network while still providing a network-wide, location independent name structure. Atomic file operations and extensive synchronization are supported. Small, slow sites without local mass store can coexist in the same network with much larger and more powerful machines without larger machines being slowed down through forced interaction with slower ones. Graceful operation during network topology changes is supported.

Encryption and Secure Computer Networks

There is increasing growth in the number of computer networks in use and in the kinds of distributed computing applications available on these networks This increase, together with concern about privacy, security, and integrity of information exchange, has created considerable interest in the use of encryptlon to protect information in the networks This survey is directed at the reader who ts knowledgeable about varmus network designs and who now wishes to consider incorporating encryption methods into these designs. It is also directed at developers of encryption algorithms who wish to understand the characteristics of such algorithms useful in network applications. Key management, network encryption protocols, digital signatures, and the utility of conventionalor public-key encryptlon methods are each discussed. A case study of how encryption was integrated into an actual network, the Arpanet, illustrates many issues present m the design of a network encryption facdity.

The PDP-11 virtual machine architecture: A case study

At UCLA, a virtual machine system prototype has been constructed for the Digital Equipment Corporation PDP-11/45. In order to successfully implement that system, a number of hardware changes have been necessary. Some overcome basic inadequacies in the original hardware for this purpose, and others enhance the performance of the virtual machine software. Steps in the development of the modified hardware architecture, as well as relevant aspects of the software structure, are discussed. In addition, a case study of interactions between hardware and software developments is presented, together with conclusions motivated by that experience.

A verifiable protection system

This paper reports on the design and implementation of the UCLA Virtual Machine System, a multiuser operating system base that has been developed to provide ultra high reliability protection and security. Details are presented of the UCLA-VM system, a prototype of which now exists. Concepts which have influenced its structure are discussed, including program verification, security kernels, virtual machines, virtual memory, and the need for flexible information sharing facilities. A new mechanism, capability faulting, is developed in order to remove much of the virtual memory support from the security kernel. Flexible, reliable control of sharing is obtained by extensions to several of these concepts, especially through the use of levels of kernels.

Issues in Kernel Design

Considerable activity recently has been devoted to the design and development of operating system kernels, as part of efforts to provide much more reliably secure systems than heretofore available. The resulting kernel architectures differ substantially from more traditional systems of similar function and, in particular, appear superior with respect to reliability, simplicity, and security.