访问控制技术能够有效避免对数据的非法访问,增强对用户行为的管理.依托分布式并行文件系统GlusterFS,结合RBAC思想,设计了一个文件级分布式安全访问控制系统——Distributed Secure Access Control System (DSAS).重点研究了存储系统中RBAC机制的实现方法,提出了基于角色证书的用户身份验证及角色授权机制.测试结果表明,DSAS系统在满足数据安全性需求的同时,同样能够较好地满足存储系统性能需求.
File semantic has proven effective in optimizing large scale distributed file system.As a consequence of the elaborate and rich I/O interfaces between upper layer applications and file systems,file system can provide useful and insightful information about semantic.Hence,file semantic mining has become an increasingly important practice in both engineering and research community.Unfortunately,it is a challenge to exploit file semantic knowledge because a variety of factors coulda ffect this information exploration process.Even worse,the challenges are exacerbated due to the intricate interdependency between these factors,and make it difficult to fully exploit the potentially important correlation among various semantic knowledges.This article proposes a file access correlation miming and evaluation reference(FARMER) model,where file is treated as a multivariate vector space,and each item within the vector corresponds a separate factor of the given file.The selection of factor depends on the application,examples of factors are file path,creator and executing program.If one particular factor occurs in both files,its value is non-zero.It is clear that the extent of inter-file relationships can be measured based on the likeness of their factor values in the semantic vectors.Benefit from this model,FARMER represents files as structured vectors of identifiers,and basic vector operations can be leveraged to quantify file correlation between two file vectors.FARMER model leverages linear regression model to estimate the strength of the relationship between file correlation and a set of influencing factors so that the "bad knowledge" can be filtered out.To demonstrate the ability of new FARMER model,FARMER is incorporated into a real large-scale object-based storage system as a case study to dynamically infer file correlations.In addition FARMER-enabled optimize service for metadata prefetching algorithm and object data layout algorithm is implemented.Experimental results show that is FARMER-enabled prefetching al
