Computer security: certification Frans Kaashoek 6.033 Spring 2007.
Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P....
-
Upload
baldwin-spencer -
Category
Documents
-
view
220 -
download
0
description
Transcript of Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P....
![Page 1: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/1.jpg)
Peer-to-peer computing research:
a fad?Frans Kaashoek
Joint work with: H. Balakrishnan, P. Druschel , J. Hellerstein , D. Karger, R.
Karp, J. Kubiatowicz, B. Liskov, D. Mazières, R. Morris, S. Shenker, and I.
StoicaBerkeley, ICSI, MIT, NYU, and Rice
![Page 2: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/2.jpg)
What is a P2P system?
• A distributed system architecture:• No centralized control• Nodes are symmetric in function
• Larger number of unreliable nodes• Enabled by technology improvements
Node
Node
Node Node
Node
Internet
![Page 3: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/3.jpg)
P2P: an exciting social development
• Internet users cooperating to share, for example, music files• Napster, Gnutella, Morpheus, KaZaA, etc.
• Lots of attention from the popular press“The ultimate form of democracy on the
Internet” “The ultimate threat to copy-right protection
on the Internet”
![Page 4: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/4.jpg)
How to build critical services?
• Many critical services use Internet• Hospitals, government agencies, etc.
• These services need to be robust• Node and communication failures• Load fluctuations (e.g., flash crowds)• Attacks (including DDoS)
![Page 5: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/5.jpg)
The promise of P2P computing
• Reliability: no central point of failure• Many replicas• Geographic distribution
• High capacity through parallelism:• Many disks• Many network connections• Many CPUs
• Automatic configuration• Useful in public and proprietary settings
![Page 6: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/6.jpg)
Traditional distributed computing:client/server
• Successful architecture, and will continue to be so• Tremendous engineering necessary to make server farms scalable and
robust
Server
Client
Client Client
Client
Internet
![Page 7: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/7.jpg)
Application-level overlays
• One per application• Nodes are decentralized• NOC is centralized
ISP3
ISP1 ISP2
Site 1
Site 4
Site 3Site 2
N
N N
N
N
N
P2P systems are overlay networks without central control
![Page 8: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/8.jpg)
Distributed hash table (DHT)
Distributed hash table
Distributed applicationget (key) data
node node node….
put(key, data)
Lookup servicelookup(key) node IP address
• Application may be distributed over many nodes• DHT distributes data storage over many nodes
(File sharing)
(DHash)
(Chord)
![Page 9: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/9.jpg)
A DHT has a good interface
• Put(key, value) and get(key) value• Simple interface!
• API supports a wide range of applications• DHT imposes no structure/meaning on keys
• Key/value pairs are persistent and global• Can store keys in other DHT values• And thus build complex data structures
![Page 10: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/10.jpg)
A DHT makes a good shared infrastructure
• Many applications can share one DHT service• Much as applications share the Internet
• Eases deployment of new applications• Pools resources from many participants
• Efficient due to statistical multiplexing• Fault-tolerant due to geographic distribution
![Page 11: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/11.jpg)
Many recent DHT-based projects
• File sharing [CFS, OceanStore, PAST, Ivy, …]• Web cache [Squirrel, ..]• Archival/Backup store [HiveNet,Mojo,Pastiche]• Censor-resistant stores [Eternity, FreeNet,..]• DB query and indexing [PIER, …]• Event notification [Scribe]• Naming systems [ChordDNS, Twine, ..]• Communication primitives [I3, …]
Common thread: data is location-independent
![Page 12: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/12.jpg)
CFS: Cooperative file sharing
• DHT is a robust block store• Client of DHT implements file system
• Read-only: CFS, PAST• Read-write: OceanStore, Ivy
Distributed hash tables
File systemget (key) block
node node node….
put (key, block)
![Page 13: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/13.jpg)
File representation:self-authenticating data
• Key = SHA-1(content block)• File and file systems form Merkle hash trees
995:key=901key=732Signature
File System key=995
……
“a.txt” ID=144
key=431key=795
…
…
(root block)(directory blocks)
(i-node block)(data)
901= SHA-1 144 = SHA-1431=SHA-1
![Page 14: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/14.jpg)
DHT distributes blocks by hashing IDs
InternetNode ANode C
Node B
Node D
995:key=901key=732Signature
Block732
Block901
247:key=407key=992key=705Signature
Block992
Block407
Block705
• DHT replicates blocks for fault tolerance• DHT caches popular blocks for load balance
![Page 15: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/15.jpg)
Historical web archiver• Goal: make and archive a daily
check point of the Web• Estimates:
• Web is about 57 Tbyte, compressed HTML+img
• New data per day: 580 Gbyte 128 Tbyte per year with 5 replicas
• Design:• 12,810 nodes: 100 Gbyte disk each
and 61 Kbit/s per node
![Page 16: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/16.jpg)
Implementation using DHT
• DHT usage:• Crawler distributes crawling and storage
load by hash(URL)• Client retrieve Web pages by hash(URL)
• DHT replicates data for fault tolerance
Distributed hash tables
Crawler
get (URL)
node node node….
put(sha-1(URL), page)Client
![Page 17: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/17.jpg)
Archival/backup store• Goal: archive on other user’s machines• Observations
• Many user machines are not backed up• Archiving requires significant manual effort• Many machines have lots of spare disk space
• Using DHT:• Merkle tree to validate integrity of data• Administrative and financial costs are less for all
participants• Archives are robust (automatic off-site backups)• Blocks are stored once, if key = sha1(data)
![Page 18: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/18.jpg)
DHT implementation challenges
1. Scalable lookup2. Balance load (flash crowds)3. Handling failures4. Coping with systems in flux5. Network-awareness for performance6. Robustness with untrusted participants7. Programming abstraction8. Heterogeneity9. Anonymity10. Indexing
Goal: simple, provably-good algorithms
thistalk
![Page 19: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/19.jpg)
1. The lookup problem
Internet
N1N2 N3
N6N5N4
Publisher
Put (Key=sha-1(data),Value=data…) Client
Get(key=sha-1(data))?
• Get() is a lookup followed by check• Put() is a lookup followed by a store
![Page 20: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/20.jpg)
Centralized lookup (Napster)
Publisher@Client
Lookup(“title”)
N6
N9 N7
DB
N8
N3
N2N1SetLoc(“title”, N4)
Simple, but O(N) state and a single point of failure
Key=“title”Value=file data…
N4
![Page 21: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/21.jpg)
Flooded queries (Gnutella)
N4Publisher@Client
N6
N9
N7 N8
N3
N2N1
Robust, but worst case O(N) messages per lookup
Key=“title”Value=MP3 data…
Lookup(“title”)
![Page 22: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/22.jpg)
Algorithms based on routing• Map keys to nodes in
a load-balanced way• Hash keys and nodes
into a string of digit• Assign key to “closest”
node
Examples: CAN, Chord, Kademlia, Pastry, Tapestry, Viceroy, ….
K20K5
K80
CircularID space N32
N90
N105
N60• Forward a lookup for a key to a closer node• Join: insert node in ring
![Page 23: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/23.jpg)
Chord’s routing table: fingers
N80
½¼
1/8
1/161/321/641/128
![Page 24: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/24.jpg)
Lookups take O(log(N)) hops
N32
N10
N5
N20N110
N99
N80
N60
Lookup(K19)
K19
• Lookup: route to closest predecessor
![Page 25: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/25.jpg)
CAN: exploit d dimensions
• Each node is assigned a zone• Nodes are identified by zone boundaries• Join: chose random point, split its zone
(0,0) (1,0)
(0,1)
(0,0.5, 0.5, 1)
(0.5,0.5, 1, 1)
(0,0, 0.5, 0.5)
• •
••
(0.5,0.25, 0.75, 0.5)
(0.75,0, 1, 0.5)•
![Page 26: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/26.jpg)
Routing in 2-dimensions
• Routing is navigating a d-dimensional ID space• Route to closest neighbor in direction of destination• Routing table contains O(d) neighbors
• Number of hops is O(dN1/d)
(0,0) (1,0)
(0,1)
(0,0.5, 0.5, 1)
(0.5,0.5, 1, 1)
(0,0, 0.5, 0.5) (0.75,0, 1, 0.5)
•
•
•
••
(0.5,0.25, 0.75, 0.5)
![Page 27: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/27.jpg)
2. Balance load
N32
N10
N5
N20N110
N99
N80
N60
Lookup(K19)
K19
• Hash function balances keys over nodes• For popular keys, cache along the path
K19
![Page 28: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/28.jpg)
Why Caching Works Well
N20
• Only O(log N) nodes have fingers pointing to N20• This limits the single-block load on N20
![Page 29: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/29.jpg)
3. Handling failures: redundancy
N32
N10
N5
N20
N110
N99
N80
N60
• Each node knows IP addresses of next r nodes• Each key is replicated at next r nodes
N40
K19
K19
K19
![Page 30: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/30.jpg)
Lookups find replicas
N40
N10
N5
N20
N110
N99
N80
N60
N50
N68
1. 2.3.
4.
Lookup(K19)
• Tradeoff between latency and bandwidth [Kademlia]
K19
![Page 31: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/31.jpg)
4. Systems in flux
• Lookup takes log(N) hopsIf system is stableBut, system is never stable!
• What we desire are theorems of the type:
1. In the almost-ideal state, ….log(N)…2. System maintains almost-ideal state
as nodes join and fail
![Page 32: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/32.jpg)
Half-life [Liben-Nowell 2002]
• Doubling time: time for N joins • Halfing time: time for N/2 old nodes to fail• Half life: MIN(doubling-time, halfing-time)
N nodesN new nodes join
N/2 old nodes leave
![Page 33: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/33.jpg)
Applying half life
• For any node u in any P2P networks:If u wishes to stay connected with high
probability, then, on average, u must be notified
about (log N) new nodes per half life• And so on, …
![Page 34: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/34.jpg)
5. Optimize routing to reduce latency
• Nodes close on ring, but far away in Internet• Goal: put nodes in routing table that result in
few hops and low latency
CA-T1CCIArosUtah
CMU
To vu.nlLulea.se
MITMA-CableCisco
Cornell
NYU
OR-DSLN20
N41N80N40
![Page 35: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/35.jpg)
“close” metric impacts choice of nearby nodes
• Chord’s numerical close and table restrict choice• Prefix-based allows for choice• Kademlia’s offers choice in nodes and places
nodes in absolute order: close (a,b) = XOR(a, b)
N32N103
N105
N60
N06 USA
Europe
USA
Far east
USAK104
![Page 36: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/36.jpg)
Neighbor set
• From k nodes, insert nearest node with appropriate prefix in routing table
• Assumption: triangle inequality holds
N32N103
N105
N60
N06 USA
Europe
USA
Far east
USA
K104
![Page 37: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/37.jpg)
Finding k near neighbors
1. Ping random nodes2. Swap neighbor sets with neighbors
• Combine with random pings to explore
3. Provably-good algorithm to find nearby neighbors based on sampling [Karger and Ruhl 02]
![Page 38: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/38.jpg)
6. Malicious participants• Attacker denies service
• Flood DHT with data• Attacker returns incorrect data [detectable]
• Self-authenticating data• Attacker denies data exists [liveness]
• Bad node is responsible, but says no• Bad node supplies incorrect routing info• Bad nodes make a bad ring, and good node joins
itBasic approach: use redundancy
![Page 39: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/39.jpg)
Sybil attack [Douceur 02]
• Attacker creates multiple identities
• Attacker controls enough nodes to foil the redundancy
N32
N10
N5
N20
N110
N99
N80
N60
N40
Need a way to control creation of node IDs
![Page 40: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/40.jpg)
One solution: secure node IDs
• Every node has a public key• Certificate authority signs public
key of good nodes• Every node signs and verifies
messages• Quotas per publisher
![Page 41: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/41.jpg)
Another solution:exploit practical byzantine
protocols
• A core set of servers is pre-configured with keys and perform admission control [OceanStore]
• The servers achieve consensus with a practical byzantine recovery protocol [Castro and Liskov ’99 and ’00]
• The servers serialize updates [OceanStore] or assign secure node Ids [Configuration service]
N32N103
N105
N60
N06N
N
N
N
![Page 42: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/42.jpg)
A more decentralized solution:
weak secure node IDs
• ID = SHA-1 (IP-address node)• Assumption: attacker controls limited IP
addresses• Before using a node, challenge it to
verify its ID
![Page 43: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/43.jpg)
Using weak secure node IDS
• Detect malicious nodes• Define verifiable system properties
• Each node has a successor• Data is stored at its successor
• Allow querier to observe lookup progress• Each hop should bring the query closer
• Cross check routing tables with random queries• Recovery: assume limited number of bad
nodes• Quota per node ID
![Page 44: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/44.jpg)
Philosophical questions
• How decentralized should systems be?• Gnutella versus content distribution network• Have a bit of both? (e.g., OceanStore)
• Why does the distributed systems community have more problems with decentralized systems than the networking community?• “A distributed system is a system in which a
computer you don’t know about renders your own computer unusable”
• Internet (BGP, NetNews)
![Page 45: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/45.jpg)
What are we doing at MIT?
• Building a system based on Chord• Applications: CFS, Herodotus, Melody,
Backup store,Ivy, …• Collaborate with other institutions
• P2P workshop, PlanetLab• Berkeley, ICSI, NYU, and Rice as part of ITR
• Building a large-scale testbed• RON, PlanetLab
![Page 46: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/46.jpg)
Summary• Once we have DHTs, building large-scale, distributed
applications is easy• Single, shared infrastructure for many applications• Robust in the face of failures and attacks• Scalable to large number of servers• Self configuring across administrative domains• Easy to program
• Let’s build DHTs …. stay tuned ….
http://project-iris.net
![Page 47: Peer-to-peer computing research: a fad? Frans Kaashoek Joint work with: H. Balakrishnan, P. Druschel, J. Hellerstein, D. Karger, R.](https://reader030.fdocuments.net/reader030/viewer/2022012914/5a4d1b0d7f8b9ab05998c23f/html5/thumbnails/47.jpg)
7. Programming abstraction
• Blocks versus files• Database queries (join, etc.)• Mutable data (writers)• Atomicity of DHT operations