DISTRIBUTED SYSTEMS FOR
`SYSTEM ARCHITECTS
`
`Exhibit 2026 Page 1
`
`Daedalus Blue Exhibit 2026
`Microsoft Corp. v. Daedalus Blue, LLC
`Case IPR2021-00831
`
`

`

`ADVANCES IN
`DISTRIBUTED COMPUTING AND
`MIDDLEWARE
`
`Consulting Editors
`
`Prof. John A. Stankovic
`University of Virginia
`Dept of Computer Science
`Charlottesville, VA 22903-2442
`stankovic @cs. virginia.edu
`
`Dr. Richard E. Schantz
`Principal Scientist
`B BN Technologies
`Cambridge, MA 02138
`schantz@bbn.com
`
`Exhibit 2026 Page 2
`
`

`

`DISTRIBUTED SYSTEMS FOR
`SYSTEM ARCHITECTS
`
`by
`
`Paulo Verissimo
`University ofLisboa, Portugal
`
`Luis Rodrigues
`University ofLisboa, Portugal
`
`SPRINGER SCIENCE+BUSINESS MEDIA, L LC
`
`Exhibit 2026 Page 3
`
`

`

`Library of Congress Cataloging-in-Publication Data
`
`Venssimo, Paulo, 1956-
`Distributed systems for system architects / Paulo Venssimo, Luis Rodrigues.
`p. cm.--(Advances in distributed computing and middleware; distl)
`Includes bibliographical references and index.
`
`ISBN 978-1-4615-1663-7 (eBook)
`ISBN 978-1-4613-5666-0
`DOI 10.1007/978-1-4615-1663-7
`1. Electronic data processin-Distributed processing. I. Rodrigues, Luis, 1963- n
`Title. III. Series.
`QA76.9.D5 V45 2000
`005'.36—dc21
`
`00-052178
`
`Copyright © 2001 Springer Science+Business Media New York
`Originally published by Kluwer Academic Publisher in 2001
`Softcover reprint of the hardcover 1st edition 2001
`All rights reserved. No part of this publication may be reproduced, stored in a
`retrieval system or transmitted in any form or by any means, mechanical, photo(cid:173)
`copying, recording, or otherwise, without the prior written permission of the publisher,
`
`Printed on acid-free paper.
`
`Exhibit 2026 Page 4
`
`

`

`A LUIsa, ao Tiago e ao Vasco,
`por esse tern po,
`em que 0 tempo era largo
`
`To my parents, Vasco and Lurdes,
`my sister, Elsa,
`my wife, Ana,
`and my children, Hugo and Sara
`
`Exhibit 2026 Page 5
`
`

`

`Contents
`
`Preface
`Foreword
`
`Part I Distribution
`
`1. DISTRIBUTED SYSTEMS FOUNDATIONS
`1.1 A Definition of Distributed Systems
`1.2 Services of Distributed Systems
`1.3 Distributed System Architectures
`1.4 Formal Notions
`1.5 Summary and Further Reading
`
`2. DISTRIBUTED SYSTEM PARADIGMS
`2.1 Naming and Addressing
`2.2 Message Passing
`2.3 Remote Operations
`2.4 Group Communication
`2.5 Time and Clocks
`2.6 Synchrony
`2.7 Ordering
`2.8 Coord ination
`2.9 Consistency
`2.10 Concurrency
`2.11 Atomicity
`2.12 Summary and Further Reading
`
`3. MODELS OF DISTRIBUTED COMPUTING
`3.1 Distributed Systems Frameworks
`3.2 Strategies for Distributed Systems
`3.3 Asynchronous Models
`3.4 Synchronous Models
`
`xiii
`
`XXI
`
`3
`3
`10
`11
`17
`20
`
`21
`21
`26
`28
`31
`35
`43
`49
`60
`70
`81
`85
`87
`
`89
`89
`97
`101
`103
`
`vii
`
`Exhibit 2026 Page 6
`
`

`

`viii
`
`DISTRIBUTED SYSTEMS FOR SYSTEM ARCHITECTS
`
`3.5 Classes of Distributed Activities
`3.6 Client-Server with RPC
`3.7 Group-Oriented
`3.8 Distributed Shared Memory
`3.9 Message Buses
`3.10 Summary and Further Reading
`
`4. DISTRIBUTED SYSTEMS AND PLATFORMS
`4.1 Name and Directory Services
`4.2 Distributed File Systems
`4.3 Distributed Computing Environment (DCE)
`4.4 Object-Oriented Environments (CORBA)
`4.5 World-Wide Web
`4.6 Groupware Systems
`4.7 Summary and Further Reading
`
`5. CASE STUDY: VP'63
`5.1
`Introduction
`5.2
`Initial System and First Steps
`5.3 Distributed Computing Approaches
`5.4 Distribution of Data Repositories
`5.5 Distributed File System Access
`
`Part II Fault Tolerance
`
`6. FAULT-TOLERANT SYSTEMS FOUNDATIONS
`6.1 A Definition of Dependability
`6.2 Fault-Tolerant Computing
`6.3 Distributed Fault Tolerance
`6.4 Fault-Tolerant Networks
`6.5 Fault-Tolerant Architectures
`6.6 Summary and Further Reading
`
`7. PARADIGMS FOR DISTRIBUTED FAULT TOLERANCE
`7.1 Failure Detection
`7.2 Fault-tolerant Consensus
`7.3 Uniformity
`7.4 Membership
`7.5 Fault-Tolerant Communication
`7.6 Replication Man;ai~ement in Partition-free Networks
`7.7 Replication Management in Partitionable Networks
`7.8 Resilience
`7.9 Recovery
`7.10 Summary and Further Reading
`
`104
`108
`115
`123
`129
`131
`
`133
`133
`139
`146
`148
`151
`154
`155
`
`159
`159
`160
`161
`163
`166
`
`171
`171
`180
`186
`187
`189
`192
`
`193
`193
`201
`203
`204
`207
`216
`219
`222
`225
`233
`
`Exhibit 2026 Page 7
`
`

`

`Contents
`
`ix
`
`8. MODELS OF DISTRIBUTED FAULT-TOLERANT COMPUTING
`8.1 Classes of Failure Semantics
`8.2 Basic Fault tolerance Frameworks
`8.3 Fault Tolerance Strategies
`8.4 Fault-Tolerant Remote Operations
`8.5
`Fault-Tolerant Event Services
`8.6 Transactions
`8.7 Summary and Further Reading
`
`9. DEPENDABLE SYSTEMS AND PLATFORMS
`9.1 Distributed Fault-Tolerant Systems
`9.2 Transactional Systems
`9.3 Cluster architectures
`9.4 Making Legacy Systems Dependable
`9.5 Summary and Further Reading
`
`10. CASE STUDY: VP'63
`10.1 First Steps Towards Fault Tolerance
`10.2 Fault-Tolerant Client-Server D'a'tabase
`10.3 Fault-Tolerant Data Dissemination
`10.4 Fault Tolerance of Local Servers
`
`Part III Real-Time
`
`11. REAL-TIME SYSTEMS FOUNDATIONS
`11.1 A Definition of Real-Time
`11.2 Real-Time Networks
`11.3 Distributed Real-Time Architectures
`11.4 Summary and Further Reading
`
`12. PARADIGMS FOR REAL-TIME
`12.1 Temporal Specifications
`12.2 Timing Failure Detection
`12.3 Entities and Representatives
`12.4 Time-Value Duality
`12.5 Real-Time Communication
`12.6 Flow Control
`12.7 Scheduling
`12.8 Clock Synchronization
`12.9 Input/Output
`12.10Summary and Further Reading
`
`13. MODELS OF DISTRIBUTED REAL-TIME COMPUTING
`13.1 Classes of Timeliness Guarantees
`
`235
`235
`238
`241
`245
`249
`250
`258
`
`259
`259
`265
`266
`267
`269
`
`271
`271
`272
`273
`274
`
`277
`277
`283
`285
`287
`
`289
`289
`295
`296
`298
`300
`302
`302
`309
`317
`320
`
`321
`321
`
`Exhibit 2026 Page 8
`
`

`

`x
`
`DISTRIBUTED SYSTEMS FOR SYSTEM ARCHITECTS
`
`13.2 Real-Time Frameworks
`13.3 Strategies for Real-Time Operation
`13.4 Synchronism Models Revisited
`13.5 A Generic Real-Time System Model
`13.6 The Event-Triggered Approach
`13.7 The Time-Triggered Approach
`13.8 Real-Time Communication Models
`13.9 Real-Time Control
`13.10Real-Time Databases
`13.11Quality-of-Service Models
`13.12Summary and Further Reading
`
`14. DISTRIBUTED REAL-TIME SYSTEMS AND PLATFORMS
`14.1 Operating Systems
`14.2 Real-Time LANs and Field Buses
`14.3 Time Services
`14.4 Embedded Systems
`14.5 Dynamic Systems
`14.6 Real-Time over the Internet
`14.7 Summary and Further Reading
`
`15. CASE STUDY: VP'63
`15.1 First Steps Towards Control and Automation
`15.2 Distributed Shop-Floor Control
`15.3 Integration of the Industrial System
`
`Part IV Secu rity
`
`16. FUNDAMENTAL SECURITY CONCEPTS
`16.1 A Definition of Security
`16.2 What Motivates the Intruder
`16.3 Secure Networks
`16.4 Secure Distributed Architectures
`16.5 Summary and Further Reading
`
`17. SECURITY PARADIGMS
`17.1 Trusted Computing Base
`17.2 Basic Cryptography
`17.3 Symmetric Cryptography
`17.4 Asymmetric Cryptography
`17.5 Secure Hashes and Message Digests
`17.6 Digital Signature
`17.7 Digital Cash
`17.8 Other Cryptographic Algorithms and Paradigms
`
`323
`325
`328
`330
`331
`334
`337
`341
`348
`350
`353
`
`355
`355
`357
`359
`361
`363
`365
`366
`
`369
`369
`370
`371
`
`377
`377
`387
`388
`390
`393
`
`395
`395
`396
`398
`401
`403
`404
`410
`415
`
`Exhibit 2026 Page 9
`
`

`

`17.9 Authentication
`17.10Access Control
`17.11Secure Communication
`17.12Summary and Further Reading
`
`18. MODELS OF DISTRIBUTED SECURE COMPUTING
`18.1 Classes of Attacks and Intrusions
`18.2 Security Frameworks
`18.3 Strategies for Secure Operation
`18.4 Using Cryptographic Protocols
`18.5 Authentication Models
`18.6 Key Distribution Approaches
`18.7 Protection Models
`18.8 Architectural Protection: Topology and Firewalls
`18.9 Formal Security Models
`18.10Secure Communication and Distributed Processing
`18.11Electronic Transaction Models
`18.12Summary and Further Reading
`
`19. SECURE SYSTEMS AND PLATFORMS
`19.1 Remote Operations and Messaging
`19.2 Intranets and Firewall Systems
`19.3 Extranets and Virtual Private Networks
`19.4 Authentication and Authorization Services
`19.5 Secure Electronic Commerce and Payment Systems
`19.6 Managing Security on the Internet
`19.7 Summary and Further Reading
`
`20. CASE STUDY: VP'63
`20.1 First Steps Towards Security
`20.2 Global Security: Extranet and VPN
`20.3 Local Security:
`Intranet and Facility Gateway
`
`Part V Management
`
`21. FUNDAMENTAL CONCEPTS OF MANAGEMENT
`21.1 A Definition of Management
`21.2 Systems Management Architectures
`21.3 Configuration of Distributed Systems
`21.4 Summary and Further Reading
`
`22. PARADIGMS FOR DISTRIBUTED SYSTEMS MANAGEMENT
`22.1 Managers and Managed Objects
`22.2 Domains
`
`Contents
`
`xi
`
`417
`421
`425
`426
`
`427
`427
`433
`436
`445
`451
`457
`462
`464
`472
`474
`481
`485
`
`487
`487
`495
`497
`500
`502
`509
`509
`
`511
`511
`513
`513
`
`519
`519
`524
`528
`529
`
`531
`531
`533
`
`Exhibit 2026 Page 10
`
`

`

`xii
`
`DISTRIBUTED SYSTEMS FOR SYSTEM ARCHITECTS
`
`22.3 Management Information Base
`22.4 Management Functions
`22.5 Configuration Management
`22.6 Performance and QoS Management
`22.7 Name and Directory Management
`22.8 Monitoring
`22.9 Summary and Further Reading
`
`534
`535
`536
`538
`539
`539
`540
`
`23.MODELS OF NETWORK AND DISTRIBUTED SYSTEMS MANAGEMENT541
`541
`23.1 Management Frameworks
`23.2 Strategies for Distributed Systems Management
`543
`23.3 A Generic Management Model
`544
`23.4 Centralized Management Model
`547
`23.5 Integrated Management Model
`548
`23.6 Decentralized Management Model
`549
`23.7 OSI Management Model
`550
`23.8 ODP Management Model
`552
`23.9 Monitoring Model
`553
`23.10Domains Model
`554
`23.11Summary and Further Reading
`555
`
`24. MANAGEMENT SYSTEMS AND PLATFORMS
`24.1 CMISE/CMIP: ISO Management
`24.2 SNMP: Internet Management
`24.3 Standard MISs
`24.4 Management and Configuration Tools
`24.5 Management Platforms
`24.6 DME: Distributed Management Environment
`24.7 Managing Security on the Internet
`24.8 Summary and Further Reading
`
`25. CASE STUDY: VP'63
`25.1 Establishing Management Strategies and Policies
`25.2 Towards Integrated Management
`
`References
`
`Index
`
`557
`557
`559
`560
`562
`S69
`572
`573
`576
`
`581
`581
`582
`
`585
`
`611
`
`Exhibit 2026 Page 11
`
`

`

`Preface
`
`The primary audience for this book are advanced undergraduate students and
`graduate students. Computer architecture, as it happened in other fields such
`as electronics, evolved from the small to the large, that is, it left the realm
`of low-level hardware constructs, and gained new dimensions, as distributed
`systems became the keyword for system implementation. As such, the system
`architect, today, assembles pieces of hardware that are at least as large as a
`computer or a network router or a LAN hub, and assigns pieces of software
`that are self-contained, such as client or server programs, Java applets or pro(cid:173)
`tocol modules, to those hardware components. The freedom she/he now has,
`is tremendously challenging. The problems alas, have increased too. What
`was before mastered and tested carefully before a fully-fledged mainframe or
`a closely-coupled computer cluster came out on the market, is today left to
`the responsibility of computer engineers and scientists invested in the role of
`system architects, who fulfil this role on behalf of software vendors and in(cid:173)
`tegrators, add-value system developers, R&D institutes, and final users. As
`system complexity, size and diversity grow, so increases the probability of in(cid:173)
`consistency, unreliability, non responsiveness and insecurity, not to mention the
`management overhead.
`
`What System Architects Need to Know
`
`The insight such an architect must have includes but goes well beyond, the
`functional properties of distributed systems. Most of the problems in config(cid:173)
`uring, deploying and managing a distributed system come not from what the
`system does that we have not understood, but from what the system is not
`that we have overlooked, that is, from inappropriate non-functional properties:
`unreliability, lack of responsiveness, insecurity. In other words, fault tolerance,
`real-time, security, are fundamental but sometimes neglected attributes of dis(cid:173)
`tributed systems. The mastery of the relevant concepts and techniques is as
`important as that of the issues related with distribution itself. Finally, it is
`necessary to understand the management of systems with this complexity and
`versatility. Together, these issues form the body of knowledge that this book
`
`Exhibit 2026 Page 12
`
`

`

`xiv
`
`DISTRIBUTED SYSTEMS FOR SYSTEM ARCHITECTS
`
`intends to pass on to future distributed system architects. A book covering
`all these issues risks being either too long or too shallow. That would happen
`if the subjects were treated as if the book were a collection of smaller books
`dedicated to each topic. Most of the existing books on distributed systems are
`addressed to system programmers, or operating system designers. However,
`the knowledge a system architect must have is different.
`The system architect must first understand the fundamental concepts and the
`most important paradigms concerned with the problem of distribution. Then,
`once presented with the main models of distributed systems and with the prob(cid:173)
`lems posed by them, such as how to implement a given feature, or how to
`overcome a certain limitation, she/he will have the background to understand
`the architecture of the solutions, in a logical composition of building blocks,
`structure, techniques and algorithms. Specific systems or sub-systems whose
`architecture, protocols and modules will be discussed, provide the pretext for
`the student to integrate all the material she/he has been exposed to. Finally,
`the architect has the opportunity to create her/his own architecture, in a case
`study that develops along the book.
`The next thing that singles out this book's structure is the way that the fault
`tolerance, real-time, security and management parts are treated, once
`more addressing architects of distributed systems. Most of the existing books
`specializing on each of the above topics do so in a thorough but horizontal way.
`Here, the student will see a continuity in the style of addressing each of these
`matters, and an integration with distribution.
`In fact, each of the following
`parts is also organized as: concepts; paradigms; models; and systems. Besides,
`the contents refer to the basic matters given in the Distributed Systems part
`in a problem-oriented manner.
`This is further emphasized by the case study, an imaginary wine company
`with facilities spread through the country, whose information system, the Vin(cid:173)
`tagePort'63 System (VP'63), must adapt to the modern times. The case study
`is methodically addressed at the end of each part, so that we progressively make
`VP'63:
`(1) modular, distributed and interactive; (2) dependable; (3) timely;
`(4) secure, and (5) manageable.
`Finally, at the end of each part there is a repository of web URL's linking to
`most of the systems discussed. All URLs were functional at the time of print.
`This is a risky endeavour for a printed book, in such a fast changing world.
`However, we took the risk, we believe our effort will save a lot of precious time
`to many students and readers, and will provide them with a useful database of
`over 250 contacts that they can themselves improve and update as time goes
`by.
`
`Student information
`
`The book provides solutions to the following general problems:
`• Advanced undergraduate students need be exposed to all these subjects, but
`one cannot generally afford one course per theme at this level, so this book
`provides the teacher with an integrated and homogeneous textbook.
`
`Exhibit 2026 Page 13
`
`

`

`PREFACE
`
`xv
`
`• Graduate students (MSc) may either take advantage from having a single
`book for several thematic introductory courses, and/or from using the book
`as a bootstrap text for more in-depth, focused courses, complemented with
`research papers.
`
`Parts of this book will thoroughly cover the subjects needed for an advanced
`undergraduate course on distributed system architecture, to be preceded by an
`introductory course on computer networks and distributed operating systems.
`It may be used to teach introductory courses on any combination of "Introduc(cid:173)
`tion to-" fault tolerance, real-time, or security, both at advanced undergraduate
`or graduate level (e.g. Fault-tolerant Real-time Systems).
`It may be used to
`teach more focused graduate courses on distributed systems, fault-tolerance,
`real-time, security, or management, complemented with dedicated books or
`Secure and Reliable Web Systems, Configuration and
`research papers (e.g.
`Management of Distributed Systems).
`
`How to use the book
`
`Undergraduate Teaching
`
`Part I provides the support for teaching distributed system architectures, ad(cid:173)
`mitting the students had an introductory operating systems course, whose
`depth will dictate how much of Chapter 1 is given. Some topics from Chapter 2
`may be omitted (addressing all sections is however suggested). Selected parts of
`Chapters 3 and 4 consolidate the basic notions. The sections on Client-Server,
`WWW and Group-oriented in Chapter 3, and DCE in Chapter 4 are strongly
`suggested. Chapter 5 is an excellent pretext and inspiration for assignments. If
`enough credits are devoted to this area, the teacher may expand the example
`course just suggested, or split it, by further addressing Chapters 6, 16, 21 and
`11, in order to provide complementary introductory notions of fault-tolerance,
`security, management and real-time, by order of priority.
`
`Postgraduate teaching
`
`Part I in its entirety provides a thorough understanding of distributed system
`architecture, admitting the students had previous introductory notions in the
`area (for example the undergraduate course just suggested), so that they can
`go directly to the in-depth issues of Chapters 2 through 5. Each of Parts II
`to V, or combinations thereof, may be used to teach courses on the relevant
`themes. It is advisable to start with a review of selected parts of Chapter 2,
`and start the case study with Chapter 5, for completeness.
`
`Self-study
`
`The book may be of assistance for support of advanced research studies, both
`as a broad body of reference in the disciplines of distributed systems, and as a
`pointer to deeper study by means of the bibliography of each part.
`
`Exhibit 2026 Page 14
`
`

`

`xvi
`
`DISTRIBUTED SYSTEMS FOR SYSTEM ARCHITECTS
`
`Support
`
`The book readers, students and teachers will find some support in the book
`web page, www.navigators.dLfc.ul.ptjdssa. Web copies of the URL tables will
`be kept as up-to-date as possible. Electronic versions of all figures will be made
`available to teachers by specific request. A mailbox is available on the page for
`requests, suggestions and questions.
`
`Guided Tour of the Book
`
`Part I, Distribution, addresses the fundamental issues concerning distribution,
`and it is the largest part of the book. It contains a comprehensive set of notions
`that will develop in the reader a thorough understanding of distributed system
`architecture, from concepts and paradigms, to models and example systems.
`Chapter 1, Distributed Systems Foundations, discusses the foundations of dis(cid:173)
`tributed systems, and is intended as a review of the basic subjects regarding
`distribution, such as computer networks, distributed operating systems and
`services, complemented with a few formal notions, useful for a more elaborate
`treatment of some subjects. Distributed system architectures are given from
`a evolutionary perspective, from remote login to mobile computing, so that
`the reader, further to understanding what the several architectural models are,
`captures why they appeared or mutated, and what needs each one serves. Inas(cid:173)
`much as History is paramount to Architecture, so is the knowledge of comput(cid:173)
`ing systems evolution to the system architect. Chapter 2, Distributed System
`Paradigms, presents the most important paradigms in distributed systems, in
`a problem-oriented manner, purposely addressed to to-be architects. That is,
`rather than being exposed to the subjects in a paradigm-centric manner, en(cid:173)
`veloped in some formal description, the reader is faced with a problem or a
`need, then with a solution in the form of a paradigm, and when appropriate,
`with details about relevant mechanisms or algorithms. And finally, should it
`be the case, the limitations of that paradigm may also be pointed out, so that
`another paradigm, solving the problem, is motivated, and so forth. Namely, the
`chapter addresses: message passing, remote operations, group commul'l'rcation,
`naming and addressing, time and clocks, ordering, synchrony, coordination,
`concurrency, and consistency. Chapter 3, Models of Distributed Computing,
`discusses the main models used nowadays in distributed systems, that is: what
`are the main classes of distributed activities; why different models serve dif(cid:173)
`ferent needs, and how we design the software architecture and structure the
`run-time environment of distributed applications. The chapter explains clearly
`the main reasons for the known debate between the synchronous and asyn(cid:173)
`chronous frameworks for distributed computing. Then,
`it addresses known
`models such as: client-server with RPC, group-oriented, World-Wide Web,
`distributed shared memory, message-buses. Chapter 4, Distributed Systems
`and Platforms, consolidates the notions learnt along the previous chapters, in
`the form of examples of enabling technologies, toolboxes, platforms and sys(cid:173)
`tems. The last two chapters do not address· system-call details or system in-
`
`Exhibit 2026 Page 15
`
`

`

`PREFACE
`
`xvii
`
`ternals, since the scope of the book is designing and building systems, rather
`than programming them. Chapter 5 starts a case study: The VP'63 (Vin(cid:173)
`tageport'63) Large-Scale Information System. An imaginary Portuguese wine
`company, with facilities spread through the country, has a traditional infor(cid:173)
`mation system, the VintagePort'63 (VP'63), that must adapt to the modern
`times. Centralized, mainframe-based, little interactivity, proprietary, it must
`adapt to the distributed nature of the company and its distribution network,
`and to the business evolution. The case study is methodically addressed at the
`end of each part, so that we progressively solve the above-mentioned problems,
`making VP'63: modular, distributed and interactive; dependable; timely; and
`secure.
`
`Part II, Fault-Tolerance, addresses dependability of distributed systems, that
`is, how to ensure that they keep running correctly. It contains the fundamen(cid:173)
`tal notions concerning dependability, such as the trilogy fault-error-failure and
`provides a comprehensive treatment of distributed fault-tolerance. Chapter 6,
`Fundamental Concepts of Fault-Tolerance, starts with the generic notion of
`dependability and its associated concepts, and ends with the introduction of
`distributed fault-tolerance.
`In fact, distribution and fault-tolerance go hand
`in hand, since the former requires the latter to keep reliability at an accept(cid:173)
`able level, and the latter is made easier by some qualities of the former, such
`as independence of failure of individual machines. Chapter 7, Paradigms for
`Distributed Fault-Tolerance, discusses the main paradigms of this discipline.
`After introductory concepts and notions about fault-tolerant communication,
`it addresses issues such as: replication management, resiliency and voting, and
`recovery. Chapters 8 and 9, Models of Distributed Fault-Tolerant Comput(cid:173)
`ing and Dependable Systems and Platforms, show how to incorporate fault(cid:173)
`tolerance in distributed systems. Explaining the main strategies for the diverse
`fault models, its materialization in discussed for remote operation, diffusion
`and transactional computing models. Finally, examples of relevant systems
`are given. Chapter 10 continues the case study: Making the VP'63 System
`Dependable.
`
`Part III, Real-Time, takes the same explanatory approach of Part II, and
`discusses how to ensure that systems are timely. It contains the fundamental
`notions concerning real-time, and provides a comprehensive treatment of the
`problem of real-time in distributed systems. Chapters 11 and 12, Fundamental
`Concepts of Real-Time and Paradigms for Real-Time, address the fundamen(cid:173)
`tal notions and misconceptions about real-time, in a distributed context. The
`main paradigms are presented, in a comparative manner when applicable, such
`as synchronism versus asynchronism, or event- versus time-triggered opera(cid:173)
`tion. Chapter 12 further addresses issues such as: real-time networks, real-time
`processing, real-time communication, clock synchronization, and input-output.
`Chapters 13 and 14, Models of Distributed Real-Time Computing and Real(cid:173)
`Time Systems and Platforms show how to achieve timeliness of distributed sys(cid:173)
`tems, in its several forms, from the hard, soft or best-effort real-time classes,
`to the time-triggered and event-triggered models. Chapter 14 gives examples
`
`Exhibit 2026 Page 16
`
`

`

`xviii
`
`DISTRIBUTED SYSTEMS FOR SYSTEM ARCHITECTS
`
`of distributed real-time systems in several settings. Chapter 15 continues the
`case study: Making the VP'63 System Timely.
`Part IV, Security, addresses security of distributed systems, that is, how
`to ensure that they resist intruders. Security is paramount to the recognition
`of open distributed systems as the key technology in today's global commu(cid:173)
`nication and processing scenario. This part contains the fundamental notions
`concerning security, and provides a comprehensive treatment of the problem
`of security in distributed systems. Chapter 16, Fundamental Concepts of Se(cid:173)
`curity, discusses the fundamental principles, such as the notions of risk, threat
`and vulnerability, and the properties of confidentiality, authenticity, integrity
`and availability. Chapter 17, Fundamental Security Paradigms, treats the most
`important paradigms, such as: cryptography, digital signature and payment,
`secure networks and communication, protection and access control, firewalls,
`auditing. Chapters 18 and 19, Models of Distributed Secure Computing, and
`Secure Systems and Platforms, consolidate the notions of the previous chap(cid:173)
`ters, in the form of models and systems for building and achieving: information
`security, authentication, electronic transactions, secure channels, remote oper(cid:173)
`ations and messaging,
`intranets and firewall systems, extranets and virtual
`private networks. Chapter 20 continues the case study, this time: Making the
`VP'63 Secure.
`Last but not least, Part V on Management, because distributed systems
`are too complex to be managed ad-hoc.
`In essence, there is a contradiction
`in the nature of the problem. Distributed systems are geographically spread.
`They have a large number of visible- and thus manageable- components,
`from computers, routers, modems, and network media, to programs, operat(cid:173)
`ing systems, protocols, etc. However, whilst some of the components can be
`self or locally managed, thus in a distributed fashion, system management is
`human-centric, and by nature centralized. The book does not intend to give
`a magic recipe for this problem, which is still an active area of research, but
`will give the reader the ability to understand it and become aware of the ex(cid:173)
`isting solutions for it. Chapters 21 and 22, Fundamental Concepts of Manage(cid:173)
`ment, and Paradigms for Distributed Systems Management, give insight on the
`fundamental concepts, architectures and paradigms concerning network and
`distributed systems configuration and management. Chapter 22 presents the
`main management functions: fault, configuration, accounting, performance, se(cid:173)
`curity, quality-of-service, name and directories, and monitoring. Chapters 23
`and 24, Models of Network and Distributed Systems Management and Man(cid:173)
`agement Systems and Platforms, discuss the main models, such as centralized,
`decentralized, integrated, and domain-oriented management, and point to ex(cid:173)
`amples of tools, systems and architectures. Chapter 25 finalizes the case study:
`Managing the VP'63 System.
`
`Acknowledgments
`
`A number of people, some not knowingly, contributed to this book. It was from
`lecturing advanced undergraduate and graduate courses and working together
`
`Exhibit 2026 Page 17
`
`

`

`PREFACE
`
`XIX
`
`with system architects in international distributed systems projects for the
`past few yc:®rs, that we came to figure out what a distributed system architect
`should know, clearly enough (so we hope) to cast it in a book. Students and
`colleagues at the Technical University of Lisboa (1ST) and more recently at the
`University of Lisboa (FCUL), and projects with the Navigators group, such
`as the ESPRIT DELTA-4, DINAS or BROADCAST were marvellous thinking
`tanks.
`Nevertheless, there are some people who, for their direct influence on the
`book, deserve a very warm acknowledgment.
`In alphabetic order, and hop(cid:173)
`ing not
`to forget anyone: Lorenzo Alvisi, Alan Burns, Antonio Casimiro,
`Miguel Correia, Yves Deswarte, Elmootazbellah Elnozahy, Matti Hiltunen, Jo(cid:173)
`erg Kaiser, Sacha Krakowiak, Jean-Claude Laprie, Jeff Magee, Pedro Martins,
`Roger Needham, Nuno Ferreira Neves, Nuno Miguel Neves, Guevara Noubir,
`David Powell, Brian Randell, Peter Ryan, Rick Schlichting, Robert Stroud,
`Morris Sloman, Neeraj Suri, Irfan Zakiuddin. This passable piece of text would
`be unintelligible without their help. The comments and feedback from the re(cid:173)
`viewers were also an enormous help and incentive. Our students at FCUL
`detected many typos and several less clear parts.
`To some fellow architects goes the final word of appreciation for several years
`of many chats, discussions and common projects: Ken Birman, Flaviu Cristian,
`Hermann Kopetz, David Powell, and Rick Schlichting.
`
`PAULO VERisSIMO, Luis RODRIGUES
`
`LISBOA, AUGUST 2000
`
`Exhibit 2026 Page 18
`
`

`

`Foreword
`
`Developers tasked with architecting a functional and dependable system out
`of a collection of machines connected by a communications network-Le., a
`distributed system-face enormous challenges. Largely because of a loosely
`coupled hardware architecture with no physically shared memory, many things
`that are straightforward in centralized systems are difficult in distributed sys(cid:173)
`tems. For example, synchronizing processes with separate threads of control
`typically uses shared variables on a single machine, but must be done with
`message passing in a distributed system. The extra time delay associated with
`sending messages over a network increases the asynchrony of the processes and
`necessitates the use of special protocols to coordinate their respective actions.
`Perhaps the most serious open issue in building such systems relates to
`ensuring what are sometimes called non-functional attributes: reliability, avail(cid:173)
`ability, timeliness, security. For example, providing just the first two attributes
`requires systems architects to deal not just with normal operation, but also
`failures that may have arbitrary effects on only parts of the system for an un(cid:173)
`predictable duration. Timeliness and security are similarly challenging. To
`provide the predictable timing behavior needed to build a real-time distributed
`system requires controlling literally every part of the system, from the hardware
`through the system software to the application. To guarantee a secure com(cid:173)
`puting environment that ensures confidentiality, integrity and privacy requires,
`among other things, sophisticated mathematical cryptographic techniques and
`the ability to do subtle analysis. Even worse, for systems that need all of
`these attributes-as is increasingly the case-the challenges are combinatorial,
`not additive. The designer can take techniques to guarantee availability and
`combine them with techniques to guarantee security and easily end up with a
`system that provides neither.
`In this book, Paulo Verissimo and Luis Rodrigues provide a comprehensive
`and timely treatment of all these challenges.
`In a clear and consistent way,
`they address the fundamental characteristics of such systems and tackle the
`issues involved in providing service that is fault tolerant, can meet real-time
`guarantees, and is secure. They also address management issues, which are a
`
`Exhibit 2026 Page 19
`
`

`

`xxii
`
`DISTRIBUTED SYSTEMS FOR SYSTEM ARCHITECTS
`
`In each case, they focus
`non-trivial and often neglected part of the problem.
`on the fundamental paradigms associated with that area, describe the building
`blocks-both conceptual and practical-needed to address the issues, and give
`concrete examples of existing systems that incorporate state-of-the-art solu(cid:173)
`tions. The presentation in each section of an evolving case study involving a
`hypothetical Portuguese wine producer makes the book even more valuable by
`providing a consistent context for discussing issues and for demonstrating the
`subtleties that arise when systems have to ensure multiple attributes.
`In writing this book, the authors bring to bear a wealth of expertise and
`experience, not just in research aspects of the pro