Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Distributed Systems Final Exam SOLUTION, Exams of Operating Systems

A solution to a final exam for a Distributed Systems course. It includes short answer questions and a security protocol illustration. The exam has a total of 80 points and is 15 pages long. The security protocol includes vulnerabilities that were not recognized at the time the exam was created.

Typology: Exams

2021/2022

Uploaded on 05/11/2023

mikaell
mikaell 🇺🇸

4.6

(5)

249 documents

1 / 15

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
15-440 Distributed Systems
Final Exam SOLUTION
Name:
Andrew: ID
December 12, 2011
Please write your name and Andrew ID above before starting this exam.
This exam has 15 pages, including this title page. Please confirm that all pages are
present.
This exam has a total of 80 points.
Question Points Score
1 8
2 3
3 6
4 12
5 10
6 12
7 13
8 6
9 10
Total: 80
1
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff

Partial preview of the text

Download Distributed Systems Final Exam SOLUTION and more Exams Operating Systems in PDF only on Docsity!

15-440 Distributed Systems

Final Exam SOLUTION

Name:

Andrew: ID

December 12, 2011

  • Please write your name and Andrew ID above before starting this exam.
  • This exam has 15 pages, including this title page. Please confirm that all pages are present.
  • This exam has a total of 80 points.

Question Points Score

1 8

2 3

3 6

4 12

5 10

6 12

7 13

8 6

9 10

Total: 80

Short Answers

  1. (8 points) Circle True or False as appropriate. If you don’t know the answer, come back at the end and GUESS; a blank answer is the same as a wrong answer, so guessing can only help.
  1. (3 points) Cloud computing services like Amazon’s EC2 assign users virtual machines (VMs) instead of allocating physical machines directly. Doing so provides at least three major benefits to Amazon. Explain what these three benefits are, giving a brief motiva- tion for each one.

Solution:

  1. Security: virtualization gives the cloud provider more control over what the client OS can do.
  2. Cost: multiple clients can use the same physical machine instead of having to rent full machines.
  3. Scheduling flexibility: virtualization allows the cloud provider to make better scheduling decisions by making it easier to migrate client operating systems from one physical machine to another.

Crash Recovery

  1. (6 points) In the following, keep your answers brief and to the point.

Suppose we wish to implement a transaction processing system that maintains ACID properties even in the presence of crashes. In event of a crash, any information stored on disk can be retrieved, but any data stored in memory will be lost. Briefly describe one serious shortcoming of each of the following implementations: (a) The database is updated on disk with each transaction

Solution: This would yield unacceptable performance, given the slow speed of disk writes

(b) The database is kept in memory and on disk, with the copy on disk updated every 50 transactions.

Solution: This would violate durability when the system crashes before the disk copy has been updated.

(c) The database is kept in memory. A log file is maintained on disk recording every transaction.

Solution: The log file would never stop growing. It would be inefficient in terms of size and recovery time.

For each of the following statements, state whether it is true or false. Give a brief (one or two sentences should suffice) justification for your answer.

Solution: This protocol has a vulnerability that was not recognized at the time the exam was created. An imposter B′^ could intercept message 1 and send the message KB′S (A, B′, Ra, Rb′ ) to S. S would generate a session key KAB′ and send a message KAS (KAB′^ , Ra) to A. Since message 3 does not identify the involved parties, A would not realize that it had created a session with B′^ rather than B. In the below answer key, we give both the intended answer and the correct answer, in terms of this vulnerability. We accepted either version but required the answers be consistent and properly explained. Note: this vulnerability could be avoided by including the identities of A and B in messages 3 and 4.

(a) S can be certain that message 2 was freshly generated by B.

Solution: False. This could be a replay of an old message, since there is no guarantee that Ra is fresh.

(b) A can be certain that message 3 was freshly generated by S.

Solution: True. Only someone who knew KAS could have generated KAS (Ra)

(c) B can be certain that message 4 was freshly generated by S.

Solution: True. Only someone who knew KBS could have generated KBS (Rb)

(d) Upon completion of the protocol, A can be certain that it has established a session with B.

Solution: Intended: True. Since A knows that Ra is fresh, it can be certain that S must have received message 2 from B. Corrected: False. As noted above, the session could be with an imposter B′.

(e) Upon completion of the protocol, B can be certain that it has established a session with A.

Solution: False. A has not established its identity with either B or S.

(f) Upon completion of the protocol, no one other than A, B, or S can know the value of KAB.

Solution: Intended: True. The only risk is for an imposter A′^ of A, but it could not read KAB without knowing KAS.

Corrected: False. The session key could be known to imposter B′.

Peer to Peer

  1. (a) (2 points) In a centralized p2p network (such as the old Napster), how many indices must be searched if a client wants to locate a particular file?

Solution: 1

(b) (2 points) Name one major disadvantage of the centralized p2p system (from a distributed principles point of view)

Solution: - Single point of failure - Server processes everything - Server must keep track of a potentially very large number of clients - more?

(c) (2 points) Query flooding is an alternative design that solves some of the prob- lems of centralized p2p and eliminates the central server. However, it changes the mechanics of peer interactions significantly. Explain (1 sentence each) how a newly-joining node publishes the files they wish to make available, in... A centralized p2p network:

Solution: They send their list of files and metadata to the server.

A query flooding p2p network:

Solution: They don’t do anything - queries come to them.

(d) (2 points) One popular improvement upon query flooding is to move to a “supern- ode” flooding architecture. Using N as the number of nodes in the network and, S as the number of supernodes (S << N ), explain the benefit of moving to this supernode architecture.

Solution: Queries require now O(S) messages instead of O(N ). In addition, if the nodes used as supernodes are more stable or have higher capacity, can further improve the performance or stability of the network.

(e) (2 points) What is a common mechanism used to limit the propagation of queries in a flooding network?

Solution: TTL - time to live - scoping. Also known as hop count limits, etc.

(f) (2 points) List one typical criterion for selecting a node to be promoted to a supern- ode. Explain in one sentence why such a choice would improve network stability.

Solution: How long a node has been part of the network (time), because how long a node has been around is a good predictor of how long it will be around.

(f) (3 points) An optimization to Chord involves storing several nodes for each entry in the finger table instead of just one. Explain an important benefit this optimization confers in a globally distributed DHT.

Solution: (1) This allows routing based on proximity, which would reduce slow routes that criss-cross the globe. (2) It provides a fallback in case one of the nodes in the finger table is unreach- able.

Byzantine Fault Tolerance

  1. (6 points) In distributed systems where messages are asynchronous and failures can be Byzantine, we have to use at least n = 3f + 1 replicas in total to tolerate f faulty replicas. Show that this bound is tight, i.e., that n ≥ 3 f + 1 must hold in order for the system to work properly. To approach this problem, consider this scenario: a client sends the same command to each of n servers and then waits for the servers to execute the command and send back the result. Ideally, the client should receive n matching results, but remember that f servers may be malicious. Additionally, messages are asynchronous, so they can be delayed for an indefinite amount of time. Show that n ≥ 3 f + 1 must hold for the client to always be able to identify the correct result.

Solution: From the point of view of a client of the system, f out of the total of n nodes may be faulty and not responding, so the client must be able to function with just n − f responses. But the messages are asynchronous, so the f unreceived messages may in fact have been from slow non-faulty nodes, which means that f out of the n − f responses may be wrong. Even so, the messages that are correct must outnumber those that are not for the client to identify which is which: n − 2 f > f , and therefore n > 3 f.