Distributed Computing Environment
The Distributed Computing Environment (DCE) is a software system developed in the early 1990s by a consortium that included Apollo Computer (later part of Hewlett-Packard), IBM, Digital Equipment Corporation, and others. The DCE supplies a framework and toolkit for developing client/server applications. The framework includes a remote procedure call (RPC) mechanism known as DCE/RPC, a naming (directory) service, a time service, an authentication service and a distributed file system (DFS) known as DCE/DFS. DCE was a big step in direction to standardisation of architectures, which were manufacturer dependent before. Similar to the OSI model, DCE was not granted success; the underlying concepts however, prevailed.
History
Open Software Foundation (OSF) came about to a large degree as part of the Unix wars of the 1980s. After Sun Microsystems and AT&T Corporation worked together to produce UNIX System V Release 4 (SVR4) and refused to commit to fair and open licensing of Unix source code, many of the other Unix vendors felt their own market opportunities were unduly disadvantaged. The Distributed Computing Environment is a component of the OSF offerings, along with Motif and Distributed Management Environment (DME).
As part of the formation of OSF, various members contributed many of their ongoing research projects as well as their commercial products. For example, HP/Apollo contributed its Network Computing Environment (NCS) and CMA Threads products. Siemens Nixdorf contributed its X.500 server and ASN/1 compiler tools. At the time, network computing was quite popular, and many of the companies involved were working on similar RPC-based systems. By integrating security, RPC and other distributed services on a single "official" distributed computing environment, OSF could offer a major advantage over SVR4, allowing any DCE-supporting system (namely OSF/1) to interoperate in a larger network.
The DCE system was, to a large degree, based on independent developments made by each of the partners. DCE/RPC was derived from the Network Computing System (NCS) created at Apollo Computer. The naming service was derived from work done at Digital. DCE/DFS was based on the Andrew File System (AFS) originally developed at Carnegie Mellon University. The authentication system was based on Kerberos, and the authorization system based on Access Control Lists (ACLs). By combining these features, DCE offers a fairly complete C-based system for network computing. Any machine on the network can authenticate its users, gain access to resources, and then call them remotely using a single integrated API.
The rise of the Internet, Java and web services stole much of DCE's mindshare through the mid-to-late 1990s, and competing systems such as CORBA muddied the waters as well.
One of the major uses of DCE today is Microsoft's DCOM and ODBC systems, which use DCE/RPC (in MSRPC) as their network transport layer.
OSF and its projects eventually became part of The Open Group, which released DCE 1.2.2 under a free software license (the LGPL) on 12 January 2005. DCE 1.1 was available much earlier under the OSF BSD license, and resulted in FreeDCE being available since 2000. FreeDCE contains an implementation of DCOM.
Architecture
The largest unit of management in DCE is a cell. The highest privileges within a cell are assigned to a role called cell administrator, normally assigned to the "user" cell_admin. Note that this need not be a real OS-level user. The cell_admin has all privileges over all DCE resources within the cell. Privileges can be awarded to or removed from the following categories : user_obj, group_obj, other_obj, any_other for any given DCE resource. The first three correspond to the owner, group member, and any other DCE principal respectively. The last group contains any non-DCE principal. Multiple cells can be configured to communicate and share resources with each other. All principals from external cells are treated as "foreign" users and privileges can be awarded or removed accordingly. In addition to this, specific users or groups can be assigned privileges on any DCE resource, something which is not possible with the traditional UNIX filesystem, which lacks ACLs.
Major components of DCE within every cell are:
- The Security Server that is responsible for authentication
- The Cell Directory Server (CDS) that is the repository of resources and ACLs and
- The Distributed Time Server that provides an accurate clock for proper functioning of the entire cell
Modern DCE implementations such as IBM's are fully capable of interoperating with Kerberos as the security server, LDAP for the CDS and the Network Time Protocol implementations for the time server.
While it is possible to implement a distributed file system using the DCE underpinnings by adding filenames to the CDS and defining the appropriate ACLs on them, this is not user-friendly. DCE/DFS is a DCE based application which provides a distributed filesystem on DCE. DCE/DFS can support replicas of a fileset (the DCE/DFS equivalent of a filesystem) on multiple DFS servers - there is one read-write copy and zero or more read only copies. Replication is supported between the read-write and the read-only copies. In addition, DCE/DFS also supports what are called "backup" filesets, which if defined for a fileset are capable of storing a version of the fileset as it was prior to the last replication.
DCE/DFS is believed to be the world's only distributed filesystem that correctly implements the full POSIX filesystem semantics, including byte range locking. DCE/DFS was sufficiently reliable and stable to be utilised by IBM to run the back-end filesystem for the 1996 Olympics web site, seamlessly and automatically distributed and edited worldwide in different timezones.
External links
|