Development and Implementation of a File System for Gannet Virtual ...
Development and Implementation of a File System for Gannet Virtual ...
Development and Implementation of a File System for Gannet Virtual ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Gannet</strong>FS file system treats these two types as the same file by considering them as<br />
stream <strong>of</strong> bytes. However, the difference between them is on how interfaces treat<br />
them.<br />
This field also contains in<strong>for</strong>mation regarding the file access permission. The file<br />
permission is required by POSIX 1003.1 specification. There are three different<br />
privileges <strong>for</strong> accessing file, namely user, group, <strong>and</strong> outside. For each privilege,<br />
there are three permission types, namely read, write <strong>and</strong> execute. This mechanism<br />
makes data accessing in file system more secure as there is an authorization process<br />
<strong>for</strong> accessing files. This mechanism has strong relationship with the next two fields,<br />
which are uid <strong>and</strong> gid fields that represent user id <strong>and</strong> group id <strong>of</strong> a file ownership,<br />
respectively.<br />
At the moment, <strong>Gannet</strong> system has two different types <strong>of</strong> file. The first type is a task<br />
description file which contains set <strong>of</strong> operation assignment <strong>for</strong> a service. This file<br />
only should be executed by an authorized service only. The second one is data file.<br />
This file contains data to be processed or result from service operation. There<strong>for</strong>e,<br />
this type <strong>of</strong> file is never to be executed. <strong>File</strong> access violation can happen when<br />
unauthorized service executes a task description file. A violation also happen when<br />
a service execute data file. Any violation on accessing those types <strong>of</strong> files may cause<br />
<strong>Gannet</strong> system to crash.<br />
In order to avoid any kind <strong>of</strong> violation on <strong>Gannet</strong> plat<strong>for</strong>m, permission <strong>and</strong> privilege<br />
mechanism should be used. A service cores represent a user, while set <strong>of</strong> services<br />
core represents a group in <strong>Gannet</strong>FS file system term. This representation <strong>of</strong> user<br />
<strong>and</strong> group allows <strong>Gannet</strong>VM to have different privilege level among its service cores.<br />
By setting up the privilege bit on inode field mode, <strong>Gannet</strong>FS applies authorization<br />
checking process. There<strong>for</strong>e, only an authorized service can access certain file. Then,<br />
the permission <strong>of</strong> task description file should be set <strong>for</strong> execution only <strong>and</strong><br />
permission <strong>of</strong> data file should be set <strong>for</strong> read <strong>and</strong> write only. Hence, violation <strong>of</strong><br />
accessing those files could be avoided.<br />
28