V^'^^'^ o' T^^ 03^^ HD28 .M414 no .3131- [DEC 20 1990 J TECHNICAL REPORT OBJECT SHARING IX A MULTI-USER HYPERTEXT SYSTEM M.S. Thesis Melvina H. Tarazi CCSTR ^ 101 CENTER FOR COORDINATION SCIENCE Massachusetts Institute of Technology Sloan School of Management Cambridge, Massachusetts ,^^3,3Cj OBJECT SHARING IX A MULTI-USER HYPERTEXT SYSTEM M.S. Thesis Melvina H. Tarazi CCS TR^ 101 ^^^f^3l5^ 'ft ^l^" ,30 \ OBJECT SHARING IN A MULTI-USER HYPERTEXT SYSTEM McK-ma H S P Tarazi Co'-r-uie: Sc:e-ct and Engineering Massa;.". jsens insurjte of Technoiog> (19&S; SL'BMITTED TO THE DEP.^RTMENT OF ELECTRICAL ENCOs'ZERING ANT) CONIPITER SCIENCE IN" ?.\r~^M. FLIFILl-MENT OF THE REQLTRENIENTS FOR THE DEGREE OF MASTER OF SCIENCE a; ihs NL^SSACHVSETTS INSTTTITE OF TECHNOLOGY Ccp>Tigh: Tr.t 2_'_-.r: nereby grar/.s cones of (ci MTI iT-s ihes:s 1985 - Me!'. -j-.a H Tarazi perrrussior. to reproduce document in whole or and to distnbute v. rar.. Simanirc of AuLhor E>eparmcnt of Eiectncal Engineenng and Computer Science J'onc 20. 1989 Cenified b% \M^jgy% mI— Professor Tnomas W. Malone Tnesis Supcr^•lsor Accepted b) Professor .Ajiniir C. Srmin Chairman, Comrruoee on Graduaxe Students OBJECT SHARING IN A ML LTI-LSER HYPERTEXT SYSTEM MeivLTiE Subrrjne-d tc the Depa-trr.er.: of Science or. J jr.: 2C. ]9^'^ ir. K Tarazi E!emcal EngLneerinc and Computer rar.ia] fj-I:TLimen: of the requiremen*^ for the decT&e of Masier of Science. Abstract Obieci-onenied da-^ba^es 2.-ic r.\-penex! sysier-.s are emergir.g appiiactior, developers for Lncreased. less sn--crkired modelir.g ir. response :o a power m demand by database systems. prcMdir.e the necessary tools and facmues for building Such sy5;err.5 succeed coopera::\e v.ork arr'.ications bu: are luTuted ui providing the appropnate object sharing envirormentl'-. propose to adcL'^ss the object sharj^g requirements for one such system - Obiec: Lens Object Ler.b ir.:erra-.e> fearjres z: r.;.T^r.ex: system.s. object-oriented systems and ruiebased agents. 'V^'e We evaluate various approaches tc object sharing (includL-.g message passing, centralized and various scnemes for concurrency conrrol timestampung with respect to the charaaenstics desired object server and dismr^ted objec: servers and update propagation (lockiLng. m Object Lens (e g.. speciaLzatior hierarchy, user-mterface. object linking, version control and combination of long Lnteract;\e transactions and short automatic ransacuons). > We propose a nev. scheme for j'jtiating object sharing through the exchange of electronic mail messages. Object protecticr. is achieved by a hybnd scheme oi access control lists and capability systems. Analysis of the transacuons in Object Lens reveals rwo sets of transactions; (1) interactive weak consistency requirements and relatively flexible automate transactions that require stna concurrency control transactions that require relatively concurrency control, ^.d. ;I; Vv"e propose a hybnd locking and version control concurrency control scheme that accomodates the two types of transacuons. requirements. Thesis Superv'isor: Profes. or Thomas W. Malone Title: Panck McGovem J Professor of Inform.aaon Systems Dedication To My Parents Acknowledgements I vi.o_id Il^s tc tharik guidance, and suppon my thesis super\isor. Professor Tnomas MaJone. for his ir.s:gr.:. His ide^. o?ser\'aao.i5, and suggesuons have deeply contributed to the success of mis uo.-i.. I V. culd als: iixe to 'S.zr^. His sugges:;?r.s. cnucues M> needed life. Kf % comments l-. Crowston v.ere parents. Reine and Kar„. deserve ne— Ma> ar.d Nl: 'j-js i-.esis be i. rir..i^ exremeiy helpful more than ar.c for ell -jr.^s .:.r. affecrion. . for reading several drar.s cf iiis vk'ork. I can express for being nere guidance and encouragemen; throughou; c:~.pensation to them for beLng away from Special thanks go to m.> bro'-her. Ram^i. for listening to throughou: m.> Fmall) . s:a> a: I uould Ml when I my home m> gnpes and complaints 7 like to acknowledge Ibrahim Saad, Nazhiri Zarghamec, Ala Alry^es. Emar. Hashem and Ahjnad Tabari for their constant friendship throughout my s'^ay ai M J.T. Table of Contents Abstract 2 Dedication 3 AcknowiedgemenLs 4 Table of Contents 5 List of Figures 7 List of Tables 8 1. 9 Introduction 1.1 Object Sharing in Object-Onented Databases and H\-pcncxt Systems 10 1.2 The Proposed Objea Sharing Scheme 1 Objec: Lens Thesis Afjproach 1.5 Thesis Oauine 11 1.3 1 2. .4 1 14 Architectures for Object Sharing 2.1 2.2 15 Message Based Object Sharing 2.1.1 Advantages of .Approach 2.1.2 Disad\an;ages o: Approach Cenc-alized Object Shanng 2.2.1 Adsantages of .Apjproach 2.2.2 Disadvantages of Approach 2.2.3 Improved Performance using Caching 2.2.4 Lmpicmentanon of Ccntrai Data Ser-er Database Sever 2.2.4.2 CentraJ Objea Sever 2.3 Distributed Object Shanng 2.2.4.1 Central Objea Server Objea Server and Manager 2.3.3.1 Distributed 3. Object Sharing Features ai each Workstailon Relanonal Database Systems in a Distributed Environment 3.1 Replication 3.2 Consistency and 3.3 Update Propagation Concurrency Control 3.3.1 18 18 19 20 20 23 23 25 Ad\antagcs of Approach 2.3.2 Disadvantages of Approach 2.3.3 Imolcmcntauon of a Distributed Data Server 2.3.3.3 E>istnbuted P 24 2.3.1 2.3.3.2 17 Synchronization Techniques Based on Two-Phase Locking 2PL Implcmentanon Pnmarv Copy 2PL Voting 2PL Centralized 2PL 26 26 28 29 32 33 35 35 36 37 40 3.3.1.1 Basic 40 3.3. 41 41 1 .2 3.3.1.3 3.3.1.4 Locking 3.3.1.6 Deadlock betecuon 3.3.2 S>Tichroruzauon Techniques Based on Timestamp Ordering 3.3.1.5 Granulann, of 42 42 42 44 1 -6- 3.3 2 Basi: TLTiestamp Ordenrc ; 3,3.2 2 MultiN ersior. Tunes'.arr.p Orderj^z 3.3.2.3 Conser^atlve 3.3.3 S\T.:rjor.:zuUor. Tunesiamr Oraenng Techniques Bas&d on Qptimisnc Cor.roi 3 3.3.; Ma'cr.r\ Cons-er.s'-!; Dismbuiec Cenificaucn 3 3.3 2 Tnree MeihcKJologies OLher ConcurrcncN Control Schemes 3.4 Secur.p> and Protecuor. 3.3.- Ccrnz;a-~-^on cf the 3.3.5 3.4.1 Capabi]ir\ Sys'^rr.s 3.4.2 .Access 4. Conro! List System Literature Surve% 4.3 Mui-j-use: H\7>ertext Systems An example Multi-user Object Lens 6.2 72 TemiLTolop 6.3 ObieriS in Distnbuted Obiect Lens Personal Obieas Public Objects 6.3.3 Local vs. Remote Objects 6 4 Creation of a Shared Object 6.5 Deletion of a Snared Object 6.6 Protection cf a Shared Oc^^?:: 6.'' Modification of a Shared Objea 6.'.1 Transactions in Object Lens 6.7.1.1 Interaaive transacuons Shared 6.3.1 vs. 6.3.2 PnNate \s L2 Automatic Transacpons ^ Concurrency Control 6.7. 6.7.2 6.7.2.1 Time-St^mp Ordering 74 75 75 76 77 77 81 81 85 87 88 90 92 92 6.7.2.2 Optirmsuc Concurrency 93 6.7.2.3 Two-Phase Locking 94 96 97 6.7.2.4 Version Control 6.7.2.5 7. 64 65 65 66 69 70 '"3 Decisions 6.1 Early Desipr. 55 64 Objec: Lens as a Hv-penex! S\-s:em 5.2 Objec: Lens as an ODjeci-Onented Database System 5.3 Obtec: Lens Specific Features 5 4 Using Object Len^ 5.5 Objer. Lens Axchitecrurs 5.1 6. 52 59 Object Lens Re\isiled 5.6 46 4b 46 48 4f 49 49 50 50 52 4.1 Distributed Reiat;ona; Database Systems 4.2 ODiec:-Oner.ted DataDS-se Systems 5. a^ ^5 Proposed S>Tichroni2ation Technique: Hybrid of Locking and Versiorung Conclusion 106 Work 7.1 Summan- 7.2 The Proposed Distributed Object Lens 1 1 7.3 Direcuon of Future Vvork 113 of 106 List of Figures Figure 2-1: Ccr.ralized Orjec: Server Figure 2-2: Dismbuied Object Scr\er Figure 2-3: Objec: Ser^cr and Manager ai each Wortcstaiion Figure 2-4: Distributed Relauonai Database Figure 3-1: Example of Conflias in transarjons Figure 3-2: Deadlock Siruation Figure 3-3: Wait -for Graph Figure 5-1: Person object in Object Lens Figure 5-2: Aichitecrure of Object Lens Figure 6-1: Object DefiniDons Figure 6-2: Two-user Dismbuted Object Lens Figure 6-3: System W;de L'ruque Object ID Figure 6-4: Interactjve Transacnons Figure 6-5: Rule execunon transacuons Figure 6-6: L-.terleaving of Rules Figure 6-7: Resoi'. L".g Modif>-.Modif\- Conflict using Hybnd Im.plementauon Figure 6-8: Resolving a Rcad-Modif\' the Hybnd Conflict using Lmplementaiion Figure 6-9: Rule Execution Deadlock Figure 7-1: Distnbuted Ooject Lens 19 29 33 3-i 39 41 45 67 69 75 76 ''9 88 91 92 99 100 101 111 List of Tables Table Tablt Table 4-1; Dis-j-.ruiec Database Featjres Fearures of ODier:-Oner.:ec 4-III: H\-?er.ex; Features 4-11: Dauiascs 5^ 60 63 Chapter 1 Introduction Conventional record-onented rclauonal daxabases are rescricted they manage. car. of mformanor. The\ proMce da;a modeiing and cransacuon management capabii:i:c> thai are wcli suited to business daia processing but supponed coopera:;Ne ccmputer-ajded in the i^-id \«-ork desirr.. appucations sofrAare intelligence knov. ledge bases. Sjch which are not adequate L-.creasingI> important for compuier- apphcanons include developmen:. documema:ion authonng, and anif.cial Tnese applicauons Lmstructured objects and comp:ex relauonships are T.teracnve among daia, people l-. narjre and deal wi± and scned'ules. Object-oriented databases and hvper.ext systems anempt to provide the platform to support models requL'ed the semantic and data 89] IS one such system. provide a system that It may Object Lcjis [Lai 88. Maione integrates fearurcs of hvTxrtext and be used to complex information such for these applicauons. as v^xite specific objea-onented system.s to appLicanons for retnevmg and browsing meeting scheduling, project management and document authonng. However, the current implemcmauon of Object Lens cooperative applications; Object Sharing. Our goal is to Object Lens fails is to suppon a key fearure of currently a single-user system. propose an object sharing scheme that accommodates the key characteristics of Object Lens (long interactive transactions combined with short rule-based transactions, complex objeas, naive users, and version maintenance). , -10- 1.1 Object Sharing Object • ar.c in Object-Oriented Databases and Hypertext Svstems ir.fomanor. sharjig Multiple jser.- snc-l:: s-. orjsc.-onented daubases and h>-pcncx; systems implies: dc airie ;c access documents and destrr.s created :?\ oihe: users. • CoUaboratL-.e u?e:s should be able to viev. modi5iCaiions shared docjmer.t^ c: desirns (update p:opagat;or. • D^'fere-.". useri- others To work update propagator, (such as implemented sc.-.err.e and and ar. s\stem> transactions Ti^nc \s s> a concurrency control scheme, an object protection scheme. car. timestampmg fcr dtsr-.butec databases supported b> these anv cf Lbe uorkir.: ccr.currer.'jy should not be able to mterfere v.il- each r.-.-ptr.tx: locidng tc (.concurrenc> conirol;. surpor. ob'ect shar_-.c these systems need tc have databases and made shon, and the not SL~.pl\ and Unforronately object-oncmed adopt the concurrenc\ conrrol schemes update propagation The major problem^s schemes proposed and are the different narure of the of Lhe objects (complex vs. simple) dif'^'"rnt nature stems anc traditional database systems. Hov.e\er these schemes can be used as the basis for m.ore adequate schemes for object-onented databases and hv-pertext systems" Many object-onented database? prototypes [Purdy variations of locking for concurrency control. protocol to disallcv. 87. Fishman Some systems m.Jttple users from accessing 8". Homick 87] adopt use a checkin-checkout an object concurrently. Existing distributed h\-pcnext systems use either locking or version control to resolve possible conflicts from, concurrent users. Most of these systems do not support replication (multiple copies of an obiect; or version maintenance. -1!- 1.2 The Proposed Object Sharing Scheme V,e a-'fjc proposed ihc thai for fnendliness cradiuona] concurrency concrol schemes obiect-onenisd databases are not adequate v^eli as may be ihcLj v.hert systerr^s for of major imponance, and (2) modificanon is as made to vananis use: (I the object nteractne!) o: automatically. User fnendliness implies intolerable. that redoing user performed modificaiions (ai to an object disallowing users to access objects for long pcnods oi iimc Cb'i is is again intolerable. We propose a concurrency control scheme thai is This scheme makes no restncnons on replication, scheme would be applicable. sell It also a hybrid of locking i.e.. accommodates and version control. objects m.ay be repLicaied and the the existence of different versions of an object. We feel scheme that this is emphasize user friendliness and an object form and and hypenext applications suitable for object-onented that automate combine interactive modiiicauons through editing of through modifications that the execution of ruie-bastd cxnsacaons. 1.3 Object Lens Objea Lens is an mtegraied (hypertext, object-oriented daiabase, rule-based) environment for developing coopcraiive knowledge (using work applications. It combines the fomial representation of strucrures such as frames, inheritance networks and production rules) in knowledge-based systems with the informal representation of infomiation (unstructure or graphics) in hypenext systems to present a scmiformal middleground. scmanuc structure to hypenext nodes that allows the ease of text Object Lens adds summanzanon of objea - -i;- anc ccr.:e.-.:> objerts I: brrv. a.-:"' rs.a:;or.>r.:r> ar.d cf ccmr'.ex documeniatior. irj'rr-r.a:!??.. of a coliecjor, of de\elop~.sr.: (r:>T>er.ex: .. schedding. projec: management and meet'-nc including by objects such as difiertr:. —.essaze types, pecp'.e. task, Tne basic primitives 1. n-.ampjlatior. ^e LS-rc :? de^e.?r sr>er:f;c applicanor.s lo: L'lformatior. shanr.c. rer-.f-L".: r-.a> 5L-.L search 2u:?rr.a:;: ar.c a\ ailabie lo die programjner knowledge on various CTpiici: mcedngs. produr^ and companies. to build his applicauons and object types Lirough Facilities i?: creatine object instances are: a tem.plate- basec jser interlace modi-f> objects by editLte the 2- Facilities tc window display corresponding tc the object create r_e-t:2sed agents 3. Facilities tr 'Jiat automaucaliy process Lnfomianon on behalf cf the user. 4. Facilities collect tc ^T Featti'''*^ C*^ ar' c*e"" We toge-ner objects into folders. The folders be m.a> maintained by an agent. autom.aticall;. r c* O'^'er* I_en^ feel that tne follcv. j-.g charactenst^cs of Object Lens liighly in£uencc our choice of an object sharjig scheme • Naive Users makes Orject Lens user-ir.tsrt'ace is a m.ajor geared toward non-programjming users. component of the system.. model u'iiuences what aspects of object sharing • Combination of Objects may interactively • \ersJon .>\utomatic ei'jier by a user be .Maintenance applicauons, Ob'ect Lens of objects. As exposed Tne uscr-intenace to the user. ancT Interactive Modifications of Objects m.odtfied edimg air Tms automancally by "rule-based agents" or a display a tool wLndow corresponding for shodd supp>on the unplemcntL-.g to the object. coopcradvc work Maintenance of different versions -13- D:s?:bu:ed Ob'?:: Lgr.s Dismbuted Object Lens should suppon object sharjig bcnveen various ncrwork. should suppon locanon rransparency, rephcauon traiispar;r.c\ 1: trar.sparcncv' Users any where and possibly access transparency in :he . concurrenc> ncrwork able to reference and dereference objecis located elsewhere in the nerwork. provide a mechanism for object protecuon. It sho'uld conflicts that anse because of concurrent access tc 1.4 Thesis main concern and the possible solutions "instances" in Object Lens. not be sho'uJd be It should guard against or resolve possible object by a number of users. Approach In this thesis, our object ar. on the users to exp'.onng the different issues these V.'e v.-ii r\-pc defjiitions, i.e. the concemed with 15 issues. assume PERSON all We are in object sharing concerned with sharjig object users have the objec: universally mvohed same means object hierarchies and the same object type coercion. [Lee 88] explores the various Lhuig. We will ways of doing type translation. We explore number of dismbuted objea sharing is is achieved. Most of to examine how these systems are prototypes and exjxnmental. Our on Lhe architecture configuration of the distributed systems (centralized or distributed), the concurrency control upxiaie propagation We systems (distributed relational daiabases, h\pcnext systems and distributed object-oriented systems) distributed emphasis large a schemes used, the protection schemes used and the schemes adopted. specify the requirements and fearures of Distributed Object Lens and then study the suitability of the various techniques for the Object Lens environment. \^e recommend Obiec: Lens ar.c 1.5 Thesis Outline Chapter in the 2 examines the frameuork of Chapter 3 ar.: Chap'^r most appropriate the var,o-js arch:tecnires for ir. cor.:t>.: of aesigr, for Distributed Obiec: Lens. objea sharing in a distributed environmien: schemes to a dismbuted acme\Lng object sharing in system-. I; a distributed surveys the vanous envuonmen:. The fearjres are conc-rrenc;. conrrol. update propagation and protection. -i preser.-.s a bterar^re s'jr%e> of various distributed systems from relarional databases to objec:-onentec datar^ises to h\penext systems. Tne emphasis on the SerNer-Chen: Model. the descnDe> vanou> features of aJgcr/Jrris and reieN Lradeoffs betueer. the difieren; techr.iqjes the S'jr-jr.ar.ze fL^.a^i) the conc'jrrenc;. conrro! m.tcharj.sm.s adopted, the propagation m the surve\ is methods useJ and the version control schemes explored. Chapter 5 describes the fear^res and characteristics of Object Lens. Chapter 6 describes the requirements for Distributed Obiect Lens. shanng and protection in possible transactions in Objea Lens and accordmgly examines the context of the Object concurrency control describing the tradeoffs. Object Lens is A It Lens envTronment. descnbes object It defines the the different techniques for hybrid scherrie best suitable for Distributed proposed. Chapter 7 summarizes the key tradeoffs between the various choices and schemes and then presents Lhe best appropriate approach for Distributed Object Lens. 15- Chapter 2 Architectures for Object Sharing Users of centralized systems such as maLiframes are accustomed and objects to share da*^ With oLher users of the system. w-ith with, the idea of being able the ad\ent of personal computers, workstaiions and nerworts, Lhe essential schemes and algorithms to suppon fcamres of object shanng needed The to 'c>e revised to v».ork Allow muluple in 2. from one user Multiple copies of an object ensure that in time. Lhe 3 all may is to all other may CProtection'). (i.e., The system need to the same") at any point copies (UpHJate Propagaiion). the illusion that the user is multi-programmed fashion while preserving executing on a dedicated system. To attain this system should prevent modifications made by one user from the with interfering reads or The concurrency Control). system because: different these objects achieved by propagating changes made to one copy of Perrrut users to access object in a goal, ) to exist in the system. copies of the object are consistent Consistency objea The access allowed i. another {Read, Wnte. Delete to are: various sues tc access objects created b\ any one user a: system (Shared Access lhe differ users such dismbuted environments system essential features to object sharing in a distributed 1. ir. sites mechanism another sue. ai (a) users in one a updates control may problem is by another (Concurrency exacerbated in a distributed simultaneously access objects stored distributed site performed system and cannot mstantaneously (b) a concurrency know about a: many control interaction at -16- Tne.T approache;; three aj-f ic cb;ec: sharing l". a dismbuted environmer.: Tr.? three approacnes are :Tie5sace-ba5ed, centraiizec shared object space and distributed snared object space assume V.'t A focus \^'e tr.i- oii: anention or the locauon and maintenance of shared obiects perscni! object> are located message-based approach suggests of specialized electronic information sharing is mail a: Lha: object sharing To messages. done thjough the local site for pjcrsonal use only. a could be done through the exchange large extent the use of electronic mail. in distributed The suggestion is systems that this could be extended to incorporate exchange and sharing of objects. Tne cenral_zed approach suggests Lniv;dual v-ori^staticns nttd nerworx. approach Tr.2S The is shared objects be located to direct at a central sue Users h:gbJ> dependent on the availability of the central at different sues snouid 'oe ir. the shared object access to the centra] sue. site. distributed approach suggests that shared objects be distributed at different sites nerw.o:k Vv'e Lhat m the able to access objects located at each sue. present the centralized and distributed approach to objea sharing in framework of a Model Serv'er-Cltent The client is locate The at ser\'er provides the required object m.anagement and objects. each woritstation to direct object requests. In the centralized may be provided approach, one object server exists in the distributed system. Object caches a: the client sue to improve object access. In the distributed approach several objea servers exist Tnesc may be dedicated machines as caches ai the client workstation may improve in the central approach, in which case object performance. Another option is to locate both the scr\'er and the client processes at the workstation. This eliminates the need for a cache. We examine in this chapter the various possible implementations of each of these schemes in the context of an object-oriented, knowledge -based, hypertext systems Lens. ^preaches adopted by O'ur sur\e\ fearures to keep in is a SNTithesis of mind about these systems arc: similar to Object different systems. The major • Complix and • Maiupulanor. ofobiecis perr'ormed ihrough rjie execuuon or use: inie:aci;or • Triggers :hai activaic processes • A scrru-s3'jc:ured objects. uhen stored objects are modified. of long ar.d shor. irar.sac'.ions rr.ixtiire Tne next chapter is reser.ed to cxammng vanojs aigonthLTis and schemes p'c>posed concurrency control, up>da:c propaganon and protection. dismbuted systems indjcanng v. control and update propagation for Chapter 4 presents a survey of hat object sharing approach they use, and '-he concurrency schemes adopted Message Based Object Sharing 2.1 This approach suggests that objects are shared ber*een different users by embedding them in electromc m.ail messages embedded either literally that are then into the mailed through the ner*'ork. Tne objects could be message or embedded requires that the receiving end extraa the object li link descnpuon and The form. the unique first objea method identifier suprphed by the underlying system, and buCd a local copy of the object with the appropnaic unique object message tc the objea by mailed, Seoion 2.1.1 id. The second method implies objea he uishes explicitly asking for who 15 to share. ii if It that Lhe is up sender insens only to the receiving decrr»ed useful. The question end is a reference in the to dereference the once the objea is responsible for maintaining consistency of the different objea copies. 4.3 gives a clearer account of this method. Advantages or Approach T7)e advantages of the message-based approach • Fits well with distributed culture are the following: IS- Fo: sys-^m? C-.i: L"jrrma:.or.. share Moreover. na:\ e m.esiages u?L-g may users fee' 2.1.2 sr.are objects more comfonible wuh extensr.e use of messages to seem.s tc be a evoiuuon. narura^ explicit (exposed shanng of objects Disadvantages of Approach disadvar.tages of the messagr-based approach are the following: • Lirr^ted tc L^jna-.i-.g object Limited 'c :r.::iar.ri Tnis approach to :c make V.VJ: c-ar. sparer,: snaTiT.t •L-har. The are ee2_-ec -.ruardv na:%e users a-nc L-a: omers 1: rr.^irl) ~ ec' shs'':r£ focuses or. Liitiating arises of maintaining l-.:: me i?— hutec approach to object sharing Sharing This approach dictates tha: 2II the network. utformauon (objects) deemed sharabie. person has access to the The objects") m.us: overall conng^jration This coriiguranon falls into Lhe is be located server. workstation. accesses. The aa With prol ably be due to processL^g remote is the a: (i.e.. accessible by at may the sites. central which is site from server local area their slower than local be useful to explain to the user mcreased speed of end site acts as a as clients requesting objects system, hides the details of the remote access Indicaung that an access and updatr.g these a central dedicated site in at Server-Client Model, where the central Users will remotely access objects client the reason for the delay. would accessible depicted in Figure 2-1. of shared objects and the other v.orkstaaons in the nerworic from the making an objea problem 2.2 Centralized Object I i.e., the a; CLfr'eren: sites, Tr^^ evol'-es more than object shanng. does nc: address the maintenance of the shared objea. Once there are several copies cf ihe oDjec; objects ^ shanng ai the networks the delay -19- Figure2-1: Cenoaiizcd Object Server 2^.1 Advantages of Approach Tne advantages of the cenc-alized approach • Simple concuirencv' control. • No overhead due • SLTiple Riile to are; update propaganor.. Rcsoluuon Simple concurrence convol All accesses to shartd objeCTs must go through the cenc'al server. centra! ser\er to control a and coordinate concurrent access to the It same mechanism vanes from locking (checkout, chcckin). timestampL-.g object. . Of detail. interest in this approach are the mechanisms for the T^e choice of optLTustic control or Chapter 3 and Chapter 4 discuss the various mechanisms version merging. amount of would be easy in a great thai pertain to a single copy of the objea. No update propanahon overhead All upxiaies are directed to the central server. objea exists and is Only always obtained from the central overhead encountered in the distributed or a single accessible site. cached approach copy of a shared Hence, any ujxiaied propagation is completely avoided. -20- Sinr.e Rule Rcs'lur-^r Simple quenes ca.-. csr~L approach silt be lorrr.ulatei aI'.cv-> b\ lookiTiC ror objerti 2.2.2 r„:e5 -j-.e '>r.a: l-. kt.ou ledge -based sysierr.s usir.g p^r.zjj-.-jr.z IF-THEN shared objects tc be resolved ic rjles. the a: Tne cenraJ maicr. and perfonr. the appropriate manipuianon. Disadvantages of Approach TTie disadvaniaces cf the cenralized approach are the following: • Contention a: Cenn-a! Site • AvailabiliiN c: • Rerr.cis access Cenral a: S;:e eNer. snared ocjtct acces. Cortenrion or Cc.r-c' S:u The may central site needs to process object requests lead tc a decradatior significar.: from all workstanons The perfom^^ance ir. in the network. This server should be dsyTicbj-onously accept object requests and pass ±ie object ids to the disk rerieval Once Ayai!ab:l:r\ Tne site. ar.y o'^ the objer. is available it would be returned able manager to for to the requester client. Cerr-g! S:re entire systerr. 's access ;c shared objects is dependent on uhe availabilirv of one central In case of cental s:te failure, users at various worl^^tanor^ will be unable to access shared objects. Remote access Even- time or Tms is not a very desirable feature. fvf\ shaded obec: access a shared object to the central server is accessed demanding a: any workstaaon the object. accessed has not be«n modified since the Delays this results in a request are unacceptable last access. when being sent the shared object 2.2.3 Improved Performance usmg Cachmg This problem of unnecessars successive remote accesses to by desicr.atir.g ar. As long objec.5. area lt memory- wnte would be done issue caching at '^"le m the cache 'iien w-nnen through to the ser%er. is A Rules and locally on the cached copy. what granulanry level of an object. One simple opaon caching performed. is Tne other opuon segments tcolleaion of objec:s,. A basic is to pierform contained such a cluster of objects, then objea references in the perform noaon in caching of larger units such as object-onentcd would be accessed together should be clustered because of a decrease is Hence, objects are the unit of transfer benAeen the central server and the cache. objects that users, us state remevsd Csrre at is cached copy and to the methods may be {jcrformed One ine individuaJ \>.orkstanons to cache remotely a: objea has not been modified by other as Lhe same object may be solved Future accesses to the object will be directed to the local cached copy. Lhe valid siaic. G'-aru'ia'-ir. o' 'j-.e stems together. approach could lead this s> to is that related If the segment improved performance number of remote accesses performed, because successive same segment. are to objects in the VaLdation of Cache Moreover, the system should guarantee thai a user will system should propagate the changes made are cached 1 . ai woricstanons. There are The server maintains If an update is a list always access the to an object to number of ways ail the copies of the list is are notified of the update. The objea or prompt do the user to The objea that ai each workstanon. checked and the appropriaie workstations client so. copy. for propagating the updates: of the objects thai arc cached received, the latest A may automatically fetch the updated cleaner implementation would be to set tr.erer- i: checked cj; cbjecis update p:oces> 2. 1:' ob;ec: ar. is l: L-^.e cbiec. upda'.ed. ir.e l=. the ser%er thai a; It IS 3. frorr. ir.t refetched from ihe Timesiamp? are ser\e: sends messages tc cache stale of the object. L: the objcc: maintaLned for objects timestamp If retnevL-g the objec: ar. is valid me caches that hold The cbent anempts it is a to reramed otherwise scr%'er. the times'.amr of the obiec; loca^ mgce: automatical]}, updated. cop> of the obiec: nva^ica--ir.g the access the cbier. wUi a the central server At each access. retnev&d from the server and compared to the is the object differer.:. as at Tms whole. is retrieved. Tnis is faster thar. requires the maintenance of a larger number of tme stamps than previous method. Method 2 required nme stamps for seements and used cbects for all orjecL- a* the ser\er zr.d ir. ir. the cache. This method requires timestamps the cache. Repiacernen: of cached unirs Tne size Reneved of the cache 1. mucr. smaller thar. the size LRU .Ar. object replacement straiegv Geast reccnt]\ used may of memor>- The cache objer.s car. no: be cached mdefinitely. managed to be is is required. s the object a: server. Lrnited memory- space needs The options are: be used to select infrequently accessed objects from the cache. The 2. FIFO 3. Random, may be used (first-in-first-out) server needs to 'oe may to be used to selea the oldest object in the cache. sciea the object to be replaced at randomly. informed of the cache's flushed enincs so thai it updates its list of ob'ccts and the coiTespondL''.c caches the compiexKies associated rropaearion These is bclou ir. me v. ith object replicatior.. will also be Concurrency control one such complexirv-. are discussed objects art cached our system v-U! have rr.an> of d:snbuted object ser\e: a v>.il-. If Upcate more complicated context of distributed objea servers. 2^.4 Implemenuucn of Central Data Server The next imponant question two main options: the actual is a central relational implemenuiion of the database server and There are central scr^'er. objea a central sen-'er. 2^.4.1 Central Database Sever A database server build on top implement a central data o'^ a convennor.al reiauonal daiaoase Shared object instances would be stored server. Converting complex objects into a relation relations. may is be used to terms of in not always a one step task. Difficulnes anse because of the network strucrure of tne object space (objects u:th links to other objects). network. A Put in relational database terminology, Moreover, converting more This again to difficult. is Another ±e object of rclauons to ensure a field not easy to map another important feature in the anses of a Lens Objea could be into a relarion. systems are stored as relanons ai the server can only be performed ckscnbed at m in 4 1 we are a combination of Mapping hypencxt-Uke power of is hypertext. an exception^). concerned wiih. methods can not be performed the client side Secoon mapping semi-sructured objeas difficulty database systems do not provide the trigger fcarure (R* is number normalize normal form makes objea (clustering related objects together for relations wiih pointers to flat files again diminishes the 'This sysiem difficult to and ensure mutual independencies between different aimbutes. The contents of into relauons. links. is given object will need to be represented by a atomicity of domains fast access) it where objects are formed. text and objects into Most reiauonal This again is Moreover, since objects at the server. Methods Tne advan:age> ci usir.r a da-.aba^t ser. s: provides the techr.olor> lor :2^^; i$ iha: :t i5 from easiJ\ obLainabie the markei. li data access ar.c concurrent) connrol (aiihouzh thus rrugh: no: be adequate Tne database uorkstaijons l" queries tha: resiJ; processing set be the nerv.o:k- I: is abie ine :o of the d_"_ Tne sues accept in the from vanous requests fomi of a set of relanonal appropnaie relauons thai correspond to the of the cuent end to translate object requests into the of reiational qjenes. a: Dotr. asvTichronousJy Tnese requests may be retrieval the ir. requested object, apprcpnate must ser%er client Notice tha: this requires a tremendous amount of end should also extraa the necessan' informauon from the reruTned njpies to build up the requested objea. Tne commun: cation betv.eer. the serv'er and rerumec ruple: Tnt management, concurrency systerr. and the client will be uiT re;>- in frmi of relational quenes on the rclanonal database control, authonzarion transacuon for and recover)'. 22.42 Central Object Sever A cenrai object server ma) be used to implement the central data server. returns objects Lhat are database serve: remms m the format of objects in obje tuples that need to^bc laier a -oriented decomposed systems. An object server (Recall that the at the client side to form the objea). Messages bcrvteen the client and the server would be in the form of objea requests similar to those tha: access local objects. Unique Objea IDs or objea queries (eg., description or selection rules) uill be used to access objects at the central objea server. Tne central object server will be built on top of a storage manager. The storage manager could either be an extended relational storage system or a persistent objea relationship between an object server and objects filescrver and files. is analogous store. to the relationship The between a The first approach requires extending a relational storage system to accommodate: d;ifferen: concurrency concol requirements Lha: result from, transacaons character^uc of objcct-onented hNperxext appucauons. • the • vcrsior. • the long maintenance and concrol. mappmg complex efficiendy and h\-p)cnex! semis tructured objects into a rclaiionai storage system-. tnggermg of processes upwn • The second approach Tne • the modi^cauon of stored objects. requires building or acquiring a persistent obiec: store accepts unique cDjec: ids or object objea store. quenes and rerums the corresponding objects. concurrency conixol can be customized for the Objea Lens environment. • • version m.aintenance and control. • version merging. • recovery and resiliency. • protection and authorization. • triggers. The advanuges of the the market place. The advantages of first approach Feamres of the is that a rsiaaonal storage fast access, protection second approach is thai the The disadvanuge the applicauons of interest. is system may be acquired in and recovery- are already provided. objea store the effon would be needed tailored to best suit to build such an object store. 23 Distributed Object Sharing This approach proposes that shared objects be distributed Objects may be dismbuted in a manner such at various sues thai: 1 one copy of the objea 2. mulnple copies of the object are present (objects arc rcplicaicd). 3. a copy of the objea is is present. rcplicaicd at each site (fully redundant). in the nerAork. -26- Repbcanon leads to because requires it L-T.provemen: ar. , uTcreased I memor>' space Licreased overhead to ensure that updates go to Moreover, consistent. are traditional deterioration in performance u*' all to It also may is is copies of an objea and that performed at expensi%e hold replicated objects and. (2) concurrency control schemes lead replication In the case of no rephcanon, ob'ects and throughput. avajJabilir.- ir, more than 4 to all copies an overall sues. be allowed to rmgraic from one sue to another. This means Lhai object manipulation m.ay be performed locally. 2J.1 Advantages of Approach The advantages of the distributed approach • Increased availabilirv' of shared cata. • Lmproved access p>erformance. • Lessened contenuon at are: storage sue AvaHab'.'.ir. In a distributed system access to shared data one at site, since the data vanous sites is distributed over a is no longer dependent on the availability of number of udl make data access msensiuve sites. Moreover, replication of data to the failure of a paruculax site. Improved access Replication will allow objea access to be directed to the closest the objea. V»'nat site thiis is depends on the implementaiion. (See Section Lessened coniennon qi single srorgge improvement machine. in contains a copy of 2.3.3). site In the distributed case, object requests go to one of a to an site that number of objea performance because objea access is no longer servers. This leads restricted to a single 2 J. 2 Disad\anta^es of Tne d:sadvar.:ace> rf Approach Lnt cLsr-.^uted • mere • upda:; propiCa:.?r. c^ernead • complex • complex recoverN aprroach are: corr.piex concurrenrx control. rule resolunor.. Complex Concun-enr\ Corp-:'! Ailovkuic object rephcanon complicaies concurrency control because concurrcn: accesscrs at different sites are harder to detect than concurrent acccsscrs ai one sue. to access the closes: ccr;- of ar, object and perforrr. his changes. to detect such confiiris and provide preser.:> a sccuon mechanism mechanisms appropriate is able The system should be able for resolving them. of su;h detection and resolution detailed s'ur>e> A presents a Each user Chapter 3 section 3 mechanisms and Chapter 6 for Distributed Object Lens. Updaic Prnpa£a:ior AlloNMng replication introduces the problem of maintaining consistency between the various copies of an object at the various sues. For traditional database systems be guaranteed tnat he b reading tne latest committed cop> of an objea. that thus requirement it is suffiaent to ma> pve be relaxed in an cnvironmem such a user access to the lattst local not be the latest copy in the distributed system. We Chapter will see later as Object Lens. In copy with an indication must a user some thai it cases might 3 section 2 presents a detailed account of the various update propagation strategies and Chapter 6 section 5 describes jjropagarion of updates may be performed in Distributed how Objea Lens. Complex Recovery Rccoverv- and reliabilin- are partitions may Inconsistencies result mav in much more complicated inconsistencies between in a distributed various be detected but are verv hard to resolve. copies system. ai Network various sites. -28- Complex Rule Resolution Since objeas are dismbutfrd over a number of sues, this requires thai a rule be applied m here the objects in question are stored the sues v. the rule. There are three possible ways to handle order to search for objeas that match this: The collection of objects being considered may be l.Subrules. divided mco subcoUecuons indicating their location sent to each of the objects. The back the :o rule. The A message is then rules fire at each of the storage sites and the results are directed sue. initiating This is analogous rule is at simple: level to query a relational databases. The required objects may migrate Migration. 2. site. virrually appropnate sue containing the rule and the considered m distributed execution at to the site of execuaon of the then fired and the appropriate results returned. The rmgrated objeas could be returned to their onginaJ site then or a: a future time when the\ are requested. 3. Replication. In the fully redundant case, already present need to access at his objea sers-er. an remote objeas. all objects accessed by a user are This means that any fiXed rule docs not This of course requires an increase amount of memory space needed and an increase m m the the overhead inairred because of update propagarion and complex concurrency control. 2JJ Implementation There are three of a Distributed Data Server main approaches environment. TTie sites may can store local as well as system may also be to distributing shared objects over sites in a distributed be dedicated objea servers or extended super workstations that commonly used shared objects. The object-oritcnted hypertext implemented on top of a distributed database system. the requirements and implications of each of these approaches in turn. We will address -29- 2-?. 3.1 Distributed Object Server n: Thii- approacr. irr.z'.isb m!Eh: no*, ex:sier.ce of several object se-. ers ui supper. repl::a:ion of daia .'. tz: Tnc me ner^oiK and migh; aciua] confifurauor. of the ncrvork is depicted or ir. rerejf LAN Figure 2-2: me In terms of A client server. Tnc chen:-ser.er model, there are a serMce We w E>istribuie<i is- implemented a: number of dcdicaied servers in the system. each uorksta'jon to direct object requests tc the relevant chen; as the object manager. iL refer to the different object ser%ers collaborate to provide a system-wide shared object space. a system, should provide location transparency. the Object Scr\'er location of the Objects may managers be replicated arc Tne object. located ai a: In other words, the user The duucs various objea servers for increased performance. manager can • Locanng • Rule or method execution. • Managing the requested objea. a cache. Object each workstation to direa and control object access to the Manager of the object not exposed to system, should also provide rcplicanon transparency. ^Tpropriatc objea server. Duties of Object is Such be summarized as follows; -?0- Locanon of ob'eci Tnc object maDag;: needs to locate v-hers performed ir. One scheme would unique rerums id, several 'j-ays. 'j\e Tne name alternative scheme v^ould be reflect iheL- locat-.or. name may This The request is be then directed to the could eiLhe: be centralized or repiicaied Tr^s allows object managers at each w here at each to its enr>- in Lhe client site, the Another possible opt:on location. the different the object serve: approach could be used tc morjtor replicated at system-wide object is workstar:ns ids that to extract located. allowed to migrate. Lhen Lhe second approach would not make sense. time an object mugraies need id. for objects tc have unique of uie appropnate object server If objects are name stored the nerwork. site in the ser--er is be to use a r.ame se^^e: that g:ven an object object's location and ir.temal appropnatc object ser-er An the requested object is name change in i-.e change server is m locanons updated. locauon has to name be propagated to server all for an object to leave a forwarding address indicating This 'oecomes slow if Ever> c: objects. If the The is sues. its new objects migrate a lot (since several forwarding addresses be followed before the object is locaiedj. Rule or method execution Rules and methods need the object manager Managing If caching cache. We a to to be executed ai the objects storage site. direa the rule execution It is the responsibility of to the ap propnate sites (as explained earlier). cache is going to be used then the objea manager's responsibiIit>' mentioned in section 2.2.3 the unplicauons of caching. is to manage the -31- Duties of Obiec: Server Thf duties of the object ser\er car. sainmanzed Accep: objec: rsques:s • Protection and Au'jionza'jor. of objects. • Version Conrol • Recover • Clusiennc • Tngce:> • Update Propagarion • Concurrenc} Conro! o: queries as foIio>AS and rerum objects, • Accer: cbier: The x reaue^^:^ or auer.es object se:^ e: processes the uruque objea id and renims the requested object. also be able to accept a quer% indicating specific attributes of an objects tha: match Ir.dexir.z sc.z other feauires need to be used objea and return to It should the set of improve access time. Protect! en and Author.t:a::?r of O'necis Tne object Given an. manage: is responsible for mamtaining concroDed access tc shared objects. object access request and the user's id the objea authonzed to access the object in the specified capabiiirv -based mechanism or access control manager verifies that the user is mode. Protection may be performed using lists. a Sec Section 3.4 and Section 6.3 for further details. Version Control The objea manage: is responsible for maintaining different versions of the objea and alerting the user to the existence of the different versions. Recovery The object sever is responsible for ensuring the persistence of the objeas. sound recover\ scheme u^ case of sue failures. It should have a Clustgnng If segments used as the are 'jrut of transfer berv-esr. ihe ser-c: and the client cache of cachx.g), then Lhe object ser.er segments stored is fir, case responsible for clustering related objects together mto the server. ai Tnggers The objea objea manager server should be able to send trigger messages to the have been updated or if links have if objects been added. Concurrencv Conrc'. and Update Prcraeatior It is difficult to classif>- important funcuonaliues 2JJ2 in the context is is highly dependent on the concuirencN- and propagation local in Chapter 6 regarding each of the of Object Lens. at each Workstation an extension of the distributed object server approach. distributed over the its It Object Server and .Manager This ^rproach have fall. uhat end (object server or objea manager) each of these Implementation notes are made schemes adopted. schemes at memor,- space of the workstations. Each worksution Objects are is extended objea manager and an object ser\er talrcady present). Object servers longer dedicated machines but implemented at responsible for protecting objects manager, which in rum at its site. Objea access directs a to the appropriate Communication occurs between objea managers and objea server as in the earlier objea manager and the server approach. Each objea server each workstarion. Objea managers responsible for local objeas that could be shared or personal. directed is objea manager as opposed to aie if first to the object is to no is are only the local not local. between object manager approach to access an objea. Otherwise, the dudes of the objea server are more or less the same as in the distnbuted object -Si- Figure 2-4: Disnibui&d Reianonal Database i ii 3. Caching No cachmg Objec: ser/er and object manage: clien: a: each workstation a Rephcaiion b No rephcauon Nligrauon i ii The other dimension on top of No migrauon c: thjs is how. the object scr\-er a relational storage systrrr. or is mpiemented. Tne :\<.c opaons on top of an objer.-oriemed storage system. are: The requirements of each v-ere outlined. The difference between a single object ser\'er with caching and the disuibuted approach d:at of concurrency control. Both require update propagation techniques. requires a simple concurrency control since conflicts may be deiecxed at is Tne former the ccnrral site. Conflicts are harder to dctea in the later case, since they need to be detected across server sites. .•^. Chapter Object Sharing Features In Char:e: ue rresenied 2. rv.o Ar. propagation Update propagation par. is Distributed Environment approaches rr.air. of boir, dismbuted. s.-.szzil in a 3 on]> object to approaches is necessan if shanr.g. concurrcricy cer-rdlized control ar.d and update more than one cop> of an object CXlS'^. In this chapter v.e ar.empt to st:r\e\ foliowing fearjres required We it. different aJgorithms and a distributed • Replication and Update Propagation • Concurrenc> Control also look a: system to schemes proposed provide object sharing to the capabilr^-ies. var.ous protection schemes that p. -vide differing access rights tc sharers of a shared object 3.1 Replication Data replication means that representatives at several sites • Reduced commurjcaiion a given logical daia can have several The advantages of such an arrangement traffic dis'jnct arc: and improved response tame by providmg local representanves. • Accesses to the same logical data by several users may be serviced in parallel, improving system, throughput. • Increased system availabUiry by allowing a given data object to be available for processing as long as at least one replica is available. stored -56- SupportLng hcAe'-er. corriplica'.ss ih: deiails of data rerieval and TiodLfica::cr. r:-p'.:zai and Update Propagation 3.2 ConsistencN .A-". of update to Consistency of ob'er.. 's.s logical da:a object rr/jst be propagated to ail stored rcprcsentanves e:'-fr. a.-:> representatives th.e Tv-o degrees of be ens'jred. n-.-js: consistency are possibie: • Perfect same consistency L-nplies thai '•alues initial upcatec Lnstantly l- i-.e ia.—.: • a: the representatives sacr. •*a> to because scm.e difnciil: to ensjre una\a:Iab".e and ^nsr all -" .'. ~ '~ • ~ ?.' r-—. Update after a is arc trj-ee basic me'^hods for problem, This cim.e ma\ is be i-.at all representatives v-iH evenmally be tr.e same value a: some tme even -s. pnm.ary copy. A phmary copy. It is the update to ail m a a singie-uscr disthbuted muln-uscr system may system., . Ail One representanve of vi,-ntes vtnte is done the data object to the data object complete as soon as it is uhere be ignored. There pcrformang update propagauon: Ccpv Update the prjT.ary copy. may are updates have stopped. Propagation Pnraar.- r^t^resentatr-ss time of updais concurrencv' control consideratior^s uhat anse 1. the . contariing the repre>er.:arves updated, so tha: the representatives converge to al ?. remain identical throughout sites Lcoser fom^.s of consistercy im.pA Lnter% diia cb;ec: have the :: L-.e designated as must be directed to Lhe has been applied to the then the primary copy's site's responsibility to proragaie oLher sues that have reprcscntahves of the data objea. Reads be directed to any representanve of the data object. Tnc disadvanuge of Lh:s me'jioc i:s is solution to ih:< neu 2 rrjr.a.- is deper.dency on the a\ai^2bLir\ of the primary sue no\Lnc pnmar> ihe Dismbjtec U?da:e ^u-nte-aU of data the A .. applied to ail A unavailable (disconnected., 10 3. i.e., the A is may be directed to any is applied complete onJ\ when difficulty would site is dov..-.. a rule). unte operation u-nte a uTite pninan i: to all has been anscs when some sues arc fail if not all sites are available approse w.s update. Ma'?r.r\ Co-.^er-ji object, WTue is [Demers SS] however , orl]~ Acii--^ the uTite are directed to ai! representatives a of an majority of sues need to approve the update before the com.~:r.ed. alcor/j---r. allo-»>.'s for a looser consistency control. differe-: replicas evenrjally converge. cns'ure tha: outdated copy of 3.3 Tne representatives. Once read operanon object. represen;a:ues of the data obje~. . some voLing ele::?^ (according to site is represen:a::\e site One ar. ob;.s::. Background processes Hence reads may be direaed to an Tnis migh: be acceptable for some applications. CoDCurrenc} Control In a multi-user system, different users Concurrency control preserves the system. access the same logical data object concurrently. illusion thai each user is executing alone in a dedicated Concurrency control prevents data modifications performed by one user from interfering with data problem may is remevals and ujxiatcs performed by another. The concurrency control exacerbated • Users may svstem. in a distributed access data stored system because: in many different computers in a distributed -38- • Users rr.a> daia objec! concurren-Jy access differen: representai:vcs of die same logical at differer.t One sue cannot sites. insian'^aneously knov. about LT.eractior.s at oiher sites. Conflicts that [Couiouns rr.ay anse fall into two caiegones: version conHias and senaJizable conilicts 88]. Version Conflias These resuit \».hen users independent modificanons access representanves different to different fields or slots in the object. To resolved using version control and mereir.g illustrate the consider a fue accessed by rv.o concurrent transacuons. The at the top of a f^e and the secor.: merged to of an mclude both changes —odjies te\: at the object and perform Such confnas may be notion of version confhcts. first bortom of a transacuon modifies text file. Tne versions can be Su;h concurrency control schemes wlC be discussed in section 3.3.5. Senalizable Confjcts Tnese cor.f.icts modificauons anse when users access an objea concurrently and perform dependent objea. Here concurrency achieved adopting a syTichroruzaaon technique that ensures that the outcome of p*-o interleaved transactions is to the control is ry equivalent to execution of the rwo transactions in serial order [Bernstein 81]. techniques prevent or detect conflicts serializable conflict, consider a data when To they occur. illustraxe the objea x and two transactions Tj and T . These nouon of a If T, issues a read and T. issues a wrue. the value read by Tj will differ depending on whether the read precedes or follows the wnte (rw conflict). Similarly if both transactions issue write operations, the value of x depends on which write happens last (vvw cor^ict). Consider the case w here transactions Tj performs x = x + 1 and transaction T; performs x = x - 1 . Both need car.sariior.s '.c the reads and wTites reac and m2\ l>e Be;c— wnie x mteriea'.ec IC (1 K f: T T R!t " R'l 10 " Ru T T (3 Figure 3-1 Execution H^- ) is W(xj R;x IC R.J ;C T . the Figure 3-1 ir. Acq.! ijixnoii 10 10 * IC 10 •»\(it9 W(x, V, X 1111 IC c Example of Conflicts : ,1 11 IC and T, are concurrent. in transactior.s and T. Execution (2) Execuuon illustraies a (3) illustrates a rw- rv. and a and a vi-w conflict if "lost update" or an are con:-rrent. conflicts transaction v^v, ar.d "inconsistent read all ^ :: I the senalized execution of T, corJ":ic: ifT. Tj and ^vi H 11 R T^ as shovk.T. l^ I, W(x IC ua\s Lhree ir. L. I. transactions are exeruied concurrent] % If bo'J: m corj~;r:s Note . that v.e anomalies such as a car. lead wiL see ia;e: that senalizabilirv' tc design and h\-penexi systems. It is. might not be required for however, of paramount imponance in database s>'stems. SvTichronizaiion techniques ma> be categorized as optimistic or pessimistic in narure. "Pessimistic" assumes thai concurrent transactions accessing the conflict and hence makes one this approach object will lead to transaction wait for another to complete before Synchronization lechruques based on two-phase locking disadvantage of same is the p)ossibility of ckadlock. fall A into this deadlock it is started. The category. arises when a set of transactions are waiting for each other to comrrut before they can proceed. "OptuTusnc" takes the view conflict. Transacuons are that concurrent allowed to transacuons accessing the same objea proceed until a conflict is detected. may not S>'nchronization -JO- techniques based on timestamp ordenr.g and optun:s:ic concurrency control The disadvantage caiegor. approach of this is the overhead incurred fall into this in redoing transactions once conflicts are detected. Tne rcmairong of sccnon this dedicated to examining the various synchronizanon is techniques thai have been proposed. Pan of the classification 3.3.1 Synchronization Techniques Based on Two-Phase Locking Tvi-o-phase lockL".g preventing conflicts transacnon must The ouTiersmp 1. f2PL) sv-nchronizes reads and writes by explicitly detecting and ov.ti a of locks read lock on is x. governed by Before venting into is a Once a write loch, or one is x, it must oun a write lock x. a on x. tv-o rules; Different transactions cannot simultaneously other Before reading data object 'DCPAeen concurrent operations conflict if both are locks on tne 2. based on l^emstein 81]. is same data wnre lock own conflicting locks; item, one ar.d the other is is a transacuon surrenders ownership of a lock, it two locks read lock and the a write lock. may never obtain additional locks. The describes the first rule first phase (lock acquisiuonj and the second rule describes the second phase vlock release). 3J.1.1 Basic 2PL Implementation One cop\ of obiec: Associated with each site is a Lock Manager (LM) responsible and releases for objects stored objea X requests the corresponding lock granted, the ojxradon on the waiting at that site. is A for processing lock requests transaction wishing to read or write a data from the LM. If the placed on a waiting queue, ^lien a lock queue of the object x are processed requested lock cannot be is released, the operarions in a first-in/first-out order. -41- Redundan- cones o^ oh tec: opcra::or. rr,2> read However. reads. must obiam wrue where the an operanon loclj, read lock for or. is updaung acquired and a is j:. then repressr.:a::ves of al! v.-^ copies redj-idaTi! ccp> and need on^> ob'-iin a ar:> \i correc'J) v-o:;:^ irr.piemer.tai.o- TTiis it or. Lhe cop\ cf must update A ;!:. confLc: the re'a<3' /oi:*. is ru conTuc: detected all 15 wa\ following \r. x r. copies of detected at all sites. ar. acruallv and so x, at the s::e This scheme is vulnerable to global deadlock during the viruf locks acquismon phase for the different representatives of obtaunung j:j v-.-;.y and x-. T ar. locks on the copies of x ha.^ is rolled back. ^2- A;. a-., x^ and follov^i-.g uiree .x_.. j:<,. a^ T might If T, be simultaneous]}, is be has obtained v,rue locks on neither transacnons can proceed anv locks or Lhe remaining representatives of obtair, detected, one transaction Tne x^^. obtained wrue locks on funher because neither can deadlock Tv.o transacnons T, and ob;ect. x. Once the picked (perhaps the one with fewer locks) and locking schemes pa)' more artenuon to red'undant copies and avoid such lock acquisition deadlock. Primary Copv :PL 3-3.1.2 Redundan: cones o-^ ob'er: In this im.plementatjon, one copy of the logical data objea x cop\ . Before accessing (.read or wnic) any copy of lock must be obtained on Lhe primary copy. communicarion than pnTnury ru' site in the basic 2PL because arc deteaed at the designated to be the pnmar\' the logical data object, the appropriate For read locks this technique requires more the operation needs to order to obtain the lock as well as the and k-h conflias is primary site where commumcaxe with the read will occur. the Both site. 33.13 Voting :PL Redundan: copies of obiecr This technique when it is only suitable for k-u' synchronization. A transaction lock point occurs has obtained a majonrv of write locks on each data object in its write set. The various lock managers acknouiedge immediately whether the lock transacnons cor.currer.tiy issue ar. is set or blocked. If rwo update. orl\ or.c v.-^ a:h;e^e majonr>' vote and wJI be able to proceed. 3J.1.4 CentraJized 2PL Redundan: copies o^ ob-ecr manage: In this techrjcue. one cencai'^zcd lock data at any site is present in the system. Before accessing Hence appropnate locks must be obtained from the central lock manager. both ru and h%* conflicts are detected by Lhe lock manage:. 3 J. 1.5 Granularity of Locking Locking ma> be rerfcrmed may a: iiifere.".: rrar.ulir.t.es Se~.er.ts, obje:*^ cr object fields be locked depending on the desired applicanon and concurrency. erar.ular.Tv imrro^es maintained and kept cor.cu-rrenc\' i:pto date 7?iis. among ho'^e'-er, recuir;^ Decreasng iarcer iock a -te lock table tc be the various sites. 3J.L6 Deadlock Detection The preceding implementations this waitmE IS unconrolled a of 2PL deadlock force transactions to wait for unavailable locks. siuiatior. mav anse If see Fieurt 3-2;. T J lock(x) t, tj .-equeB{v) locty) t. re^uea(x) Deadlock Figure 3-2: Deadlock Siruation The basic characteristic of a deadlock transaction is is the existence of a set of transactions such thai each waiting for a resource locked by another transaoion that is directly or -43- Thi5 s:rua:ior. indiTcc-J) wajiL-.c for th? firs; fo: prarr. A craph w.a::-fo: 15. a car. be convemeniiy represented C-ecied graph havuig cransacuons as node; transacDor. Tj ic ransartior. T- represents the fact Lha: T| b> T^. The existence v.a:t-for grap"., deaiock 0: a siruaiior. Ficj~ ?-3 shows me ua:t-for graph ar. edee from waiting for a resource iockec is corresponds a ua::- v.iu-, to the existence of a cycle in the fo: the deadJock cxamr'.e Figure in 3-2. Figure 3-3: Vvaii-for Graph Two genera] techniques are a\ c—able for deadJock resolution: • C>ead!:^ct; Prevenuon aboned and restar.ed basic approach to decide Tr.ii- . v. cautious scheme in which a transaaion hen Lh° s>stem detects to assign l^ a is pnonues (possibly two aboned and are wait for T, n T, has lower pnoriry then edge <Tj, Since a cycle priohry than • is itself, Another scheme technique a that T > m no cycle can T to transactions (alread> owns lock). If This prevents deadlocks because, lower priority then itself T . and since Tj can not have lower exist. restarts altogether. prcdeclaraiion of locks (each transaction obtains This is This all its a deadlock avoidance technique requires a transaction is the the locks before execution). Data items are numbered and each transaction requests locks one numeric order. The prioriry of and For example, Tj could restarted. prcordenng of resources. avoids for the wait-for graph, T, has path from a node to is T deadlock might occur. Tne nmesLamps) whether T^ (requesting lock) can wait the test faiii. one of Lhe for ever\- thai is at a time ntimbcr of the highest lock in it owns. Slicc no deadlocks • Deader: • onJy u a rar.sactior. car. car. occjt. De:e:'-:or. •Ji:s L". . scheme. cran.sacuoni wa:t for each other unconn-oLled manner and are only Deadlocks by are detected and picking a for trar.sa:::or.s with hughe: pr.onr\-. ii: transacuon aborted in cycle to abon. Lhe Moreover, transactions may be performed at sites a ar. deadlock acruaUy occurs. cor.sr-jr.ir.e wait-for graphs, searching for cycles distributed environment because transacdons sites. if ir. where data '5e may Tnis complicated is be executing in a different at divided into subransacaons tha: ne*d to stored. is 3.3^ Synchronization Techniques Based on Timestamp Ordering T'jnestamp ordering n^ansaction execution is is technique whereby a if X had restar.s wTote las: 'iie '-".e These techniques allow it. been w.T.r.en transaction. ser.alizarion order forced :o o'ocy this order each piece of data has the timestamp of thai last a a n^ansaction to 3 J.2.1 Basic to ensure the uniqueness of the it stamng time and a and the n^nsaction read or ^ritc a data object x only by an older transacuon; otherwise m read last it a diszr.buted rejects the operation system than in a c«nralized system because of the lack of a global clock. been proposes! selected a priori and Each ransacuon nas transacuon that Generating timestamps is dmestamp [Lampon is Many more complex tecrjuques have 7S]. Timestamp Ordering One cop\ of Obiea The basic 1 dmestamp mechanism Each transaction receives 2 For each data objca wntc operanoD a applies the following rules. timestamp TS when x. the largest are recorded - omesump indicated by it is initiated at of a re*d RTMa) tbe site of origin. opennoo and and >^TM(x). the largest and omesiirap of a Fo" readi. 3 i Lransacuoc the e Dme5ia.T.p. otbcr^ise the read Fo- if w.t;i£s V*TM X TS restar.ed is x o: »-.tr a TS is issuing tra.isa::ior. txie RTM;xi executed and < V>TMiXi. tbe is operanoc vt-nie ofu higber times'^Tip. is resians^ uiil a i maxfRTMvXATS) set to rejeaed and the issuing is otberskTse tbe be pjenormed to the founh rule using the car. Tins s:a:es iha: instead cf rejectinc Hence, tn-uig ic read da-.a t^a: «tas wntier, b- »Tit£ is executed and TS IS sc: IC opuinizauon RTNl < is reier.e^ and l- De« higher transacaoL An x the rea:: operauor. transa:i:or. "later' •^ TS < \^TM if a Thomas Write Rule when TS < VvTNKx we can simply wTite ; (TVk'R;. ignore it. place obsolete valjss are ignored. ur.'.e Lha: cr} tc 3J.2.2 MuItKersion Timestamp Ordering This techj-.ic ue is based on keepL-.g around old versions of the data object x and results impro\emer.: c' n\ ?\-nchroniza:ior. over the basic T/0 [Reed 78]. data c*"jcc: ji a se: is cf R-:s ard set a of <'VS'-ts. valuo in an Associated with each (version) pairs. R-ts record the timestamps of read operations and the versions record tmestamps and values of executed wnte operauor.s. 1. TS Le; be 'iie R^ svTichronizaiion timestamp of Tbe read operauoL adding TS 2. to jt's set Let TS Let ioteTva]''\^'i be tbe intervalOi^'j. is a read is accomplished by applying the following operaooD on data objea processed b> reading the version of of R-ls. A read is the oper^non is x. .r ^itb tbe larges'. nnesuTTip < TS and never rejected. amesiimp of i wnte opcnoon on be ibe interval from rules: TS daia object to tbe smallest rejected, otherwise t x. W-ts(x) > TS. new if vereioo of x, any R-ts(x) lies io tbe <TS. oew value>. is created A read ignores read A is write all versions with timestamps greater than that of the read, hence the value identical to the value is it would have read had processed by creating a timestamp has occurred. In this new it been processed in timcstamp order. version of the objea unless a read with a greater case the write is rejected. -16- 3-3. 2J Thai ConservatJNe Timestamp Ordering IS tschruque lo: a elirnir.a:L".g •-".e elirr.ir.aur.c fiiT.damenta] idea performed until possib:l:r> of cor^'icung ojxrauor.s and henc; r.eec :c restar. rar.saCwCr.s '^eca-:5^ of such corJ"iic:s rBerr.steL". approach however provides The me concurrency than Lhe basic T/0. less underlymg conservative timestampmg be guaranteed that car. i: Tr^i S*"']. it is No simple: operation is ever can not possibly cause a con£ia (and therefore a restan) at any time in the future. Ln oLher words, a request for an opcrarion from transaccon T is delayed undJ n-ansacuons. would otherwise 'iiat siruaaon m.ay classes. system knows that no confliring requests are received from older Conflicts are eiiminaied Dv scnalLang Lhose operanons TT-.I5 's.c 'dc all opjcraaons each at conflict. improved considerably by mroducmg T.'ansactirn classes are defined b> read se: and a a the concept of ransaction A.-.-.e se: to be performed a: vanous case irj.s Ir. operations are delayed until no m.ors ope.-anons in the readset or writese: timestamp need not jus: site, vi:*_h ir.e a smialler sites. 3.33 Synchronization Techniques Based on Optimistic Control The basic idea of optimusuc methods conflicting operations, like in However, wntc operations test is passed vaiidanon at test fails the the foUowLng; Lns'.ead of suspending or or T/0, always execute a transaction to performed only arc transaction 2PL is commit time in a local are the workspace. Only wnte applied if rejectu-.g complcaon. the validation to the database. temporary writes are ignored and the transaction is If the restarted. 3JJ.1 Majority Consensus This algonthm [Thomas 79] assumes that a copy of each data objea Hence each transaction of this algonthm read. is is executed completely a that are stored at each site. origin. Another assumption wnnen by a transaction but not the site of no data objeas that Lhcre are Each transaction receives at is unique timestamp when its it starts execution, and each r^p^esen•.a•.:^e vk-nn^r. ir.'x Transactions e\e;u-^ i; transacuor. each data ob;e:; cames c:' produced :> tLT.esiamp of the rue phases. In ir. home the a: me s:te It the first phase an update Ir. and tne tLTiest^mr of the transaction the rule second phase, the update foUowed each b\' positive votes, a message are only applied i: the otherv.ise the update the transaction rransacaon sent tc is ignored rejected. is If the all sites lo A ?.\SS \ mentioned are nmestamp ote prevents A deadlocks site If a REJ votes in is list PASS pending request The request Updates of the data object, informed and hence the upxiaie of a potenua] deadlock situation. sites The voting gets back a majonr>' of site carlierj. the request's base va-iables conflict writ these of another Lnform oLher the cransarjor.'s v^nie- the updates to the database. less than the is (this is the 'TV>"R aH sues onginaung commit timestamp of Lhe request disregarded :s i.^ m sent to ever>- site to validate and vote on. list is for Lhe itself. shour. belou. site is list received, for l*: order to quesuon can continue Votinc Rule Conra.'e the omesiimps of ibe reqjes; reid-se; witc ihc correspoDviiii^ tunesiamps id the local daia.^asc cop>. 2. 3. Vote REJ Voif OK if any value m the rcad-sci Vote obsolete. and mark the request a5 penduig requesi does ooi confLict with 4. is PASS if each variable aii> m if eacb viriible peeling requests, the read-sei is 5. Oiherwose f is tbe read-set pnont> (earlier concurrent confbct, louver pnont>), defer voang and reconsideranon. is current and the cooiLas (has omestimp). current but the request read-sei vanables) v^itL a pending request of higtier that only uher. be considered until sufficient P.A.SS votes accumulate to prevent majoritv- consensus. 1. hai- contains the data objects in the transaction's read-set wrJ-. theL- timestan-.ps. Lhe nev. vaJucs of the daia objects set. transacnor. uiuch las; remember common the rrques! for liter to 3J.3.2 Distributed Certification One copy Tnis IS of die data a dismbutec u.-ne -based aigo-Lhrn which operates by exchangu:g cenificauor. informauon during the commit protocol [SLiha UrJikc the previous algonthm 85]. it allows distributed transactions ;a master transaction at the iruaatmg site and subtrar.sactions A different sitesV may Transactions workspace read timestamp and a wnte timcsLamp stamp associated with certified if it is used v. the to This timestamp message, and For each read, tne transaction must remem'5«: the wr.te time. the item and have reponed back timestamp. is hen was read. certified and subsequently Man\ cories of the data Tms req-ires sues was read is cemficaiion. Updaiers simply all transacnon subrrans actions are com^pieted is assigned a glooally unique read and untes as follows: .A commit" read request Lhe c-jxrcnt version and no \*Tite with a still request .A v.r.t£ committed and no -Aith Vv"nen sent to the subtrans actions sue in the "prepare to to locally cer:if% all its the version that Lhat it master, the tLmestam.r h2s been locally certif.ed 3.3.4 maintained for each data object. read and update data item^ freely, storing any updates mto a local comm:: until is at later reads representatives certifv' the set of certified is if no later reads is newer have been have been locally cemfied already. c-n the also of wntes they receive at participate commit wrJi the time. Comparison of the Three Methodologies The locking approach may detection. easily result The timestamp approach another expensive process. conflicts arc rare is in deadlock requiring deadlock resolution or deadlock free but The optimisuc approach is may require transaction restan, based on the assumption that and therefore most transactions are validated (few rollbacks). Performance analysis of the 2PL, Basic T/0 and distributed certification was conducted by -49- [Ca-T> L- SS'aj rse coniex: of di'^r-iojied database systems. Tne foLouinc conclusions vkhere reached' • ;PL and d:sribjted certification dominated Basic T/0 m tcmis of 2PL uas the fjcrformance. • NMier. the cos: of sending and receiving messages uas low.. sur>enor performer cje to Lie • V."nen message its cost avoidance v.as o:' transacDon restart. and high data was replicated, distributed 2PL due to us ability to exchange the necessary information usmg only the messages of the two-phase commit. cen.ificauon outperformed SNTichror.izanon 3.3.5 Other Concurrency Control Schemes Many systems CNeptune, Gv-pss! that are characterized b> long transactions use version merging tc resoJve \ersion conflicts that The meihods proposed transacDons together These schemes siruauons. fail to take ma\ anse because of concurrent long user-dnven require the user's intervention to nto account merge versions the need for senalizability ir. some SoniC fue system.s provide mechanisms for automatic merging of versions. Various strategies have been proposed to resolve merging confuas: • Conf.ic: • • resolunon rules Data Fiov. [Reps ^T, Some made, bu: a comment is also included indicaung the nature of descnpuon of the nature of the confliCT is placed in a separate documcntchoice i? the conflict, or Lhe • The user 3.4 Security is interactively asked to decide to keep. and Protection Implcmcntaaon of protecrion mechanisms [Salt2er75]: • Capability • which version Systems Access Control List Systems thai permit sharing fall into two categories -50- Systems 3.4.1 Capability A capabilia operaiiofLS on is an identifier for a shared objea thai also grants nghts to perform ccoain Capabuuies the object. are of a unique identifier for the object and capabilirv' ma\ be presented rspicaUy represented b\ a a specificarion system to the b:t sequence consisting A of access rights to the objea. an object. in return for Capabiliiies m.ust be secure and unforgabie. The capabiiiry flcxibiLty. system has as chief vurues r.s Efncienc) comes from "Jie its inherent efficiency, simplicity and ease of tesung the \al:d:r> of a proposed access, the acccsser can present a capability, the request is The valid. simplicity comes from i: the natural correspondence beru'e«n the mechanical properties of capabiliues and the semantic properties of addressing. The potential problems with the capability system are revocation of access, 'jncontrolled propaganon of access and some one u cannot be inability to disabled. that they expire after a given It is. penod review access. Once however, possible Ln time. to put Capabiliues without the knowledge of the creator of the object. a capability has been given to time limits on capabilities so may be distributed to other users If the user id is incorporated in Lhe capability then only the users with the appropriate user id can use the capability, asstmiing thai one user can not impersonate another user. 3.4,2 Access Control List System An list or access control domains that list is a have access maintained for each objea to the in the system indicating the users objea and the operations pcrmined for each user or domain. Access control list systems overcome the problems of a capability system but has -fl- LTiplemer.-.anor.s probierr.' o: cor.sumL-.L chance u-. proces- ;er;rJ-.. car. ;is .\jc:tr\er be our. Search through ar access coniro; hs: alocatior. of space 2 forrr^idabie I'o: access conro! LTiplementation probiem. rr.a\ lists, oe a tune uhirh car. Chapter 4 Literature Survey Our litcramre survsy covers a wide range of dismbuied sysiems. into three dismbuied categones: h\pcnext systems. Our concern :s reiaiional to Tne systems are divided ojject-onenied databases daiahases, explore the approaches to and object sharing adopted by oLher systems, the concorrency conn-o! schemes used and the update propagation schemes followed. 4.1 Distributed Relational Database Systems Distnbuted-INGRES Distributed-INGRES [Stonebraker "9] v. as developjcd a: •j'.e Uruversirv- of Caiifomia at Berkeley, as a disnbuted version of the relanonal database system INGRES. phase-lockjng for concurrency cono-ol. and resolved wld^ a centralized deadlock detector. multiple copies of data Note however, thai the m Deadlocks is Discributed-ENGRES. The basic approach commercial product ENGRES/'STAR It at the IBM resolution consists of aborting one of the transactions suppon data replication, however, an alternative primary copy 2PL. 1987 did not suppon m San Jose Research Lab in Deadlocks arc detected and uses 2-phasc-locking for concuirency control. resolved using a distributed deadlock detection mechanism. its as of is such an enhancement in the future. to a prototype system [Haas 82] developed California. detected uses 2- " describes the concurrency conaol and consistency of Data Replication. RTI has commined publicly R* are It When a deadlock the wait-for cycle. to replication was introduced is detected, R* does not in the nodon Snapshots cf snapshots cor.s:ste-.-_'> re — e'-e: pressr.: so— e a: £ ra-s: vjfv. iir-.e of the database (possib!> which ar.d peno<i::al;\ is remote uhich 'rerreshe:!' v-as but not updated orJine. POREL POREL [Neuholc 82] Scungar. Concurrenc> conn-ol of transacuor.s. POREL approach ic car, no: be granted at one site until are Update transactions need propagate updates. updated b>- t:^ other sues ~ansacuon which differsr.: a condiuons are favorable or v-hen At aU other a read transaction there all is Umvers:r% uniil the is end a toul ordering of the pnmars copy to lock exclusively the sites, o: higher pnonry locks ar? vanauon of Tne> also create an "intention there. contains the updates tc be sent the at done b\ 2 -phase -locking, and locks are kept is supports data rep.icanon and uses a copy and pen'orm updates Copies database systerr. developed In order tc avoid deadlocks, locks are ordered: sues, and lock request.- granted distributed a is list' a: the pnmar\- pnmarv' site that copies are marked invalid. started either when woridoad must make a "consistent" read. SDD-1 The SDD-1 was in protor>-pe [BemsteLt 80], de\elopcd the tlrs: prototype of a distributed database SDD-1 is at the Computer Corporation of America. management system. Concurrency achieved using the conservative timcstamp method. deadlock fre< and the usefulness of'conflict graph analysis not been demonstrated. propaganon (write alJ). SDD-1 control This mechanism in a rcaJ-life is not environment has supports data replication and uses distributed update This means that alJ copies of the data arc updated before the transaction conmits. ORACLE/STAR ORACLE/STAR [Gref 87] is a marketed by Oracle Corporation. commercial distributed database system developed and It docs not suppon data replication. It uses 2-phase .'nJ locking at allowed. '0 ±c I.e.. record level to rcsolv- uTiie-u-nte conf;;c:s. Read-Wnie conf.:c:s wntsrs do no: block readers. Oracle/Siar uses deadlock deteccor. 'Sit relevan: fearures of the discrlbuitd relarionaJ daiabases above. Repu:ancD Chstnbut£d Conairrencv' D5.»^1S Dismbuted-INGRIS oppose: ^esc;^e ceaiocKS- isadlock rr?\ Table 4-1 summenzes as ar; : es Phase -LocJcag L'pdaie Dudlock PropagiDoc Detecnoc Prjnar>' Cenrabze' Corv DtadJock Deiec'kOr GR£S'ST.\R Nc 2 ?bisc-Lo<±iiig Tage Not Cenrahze; Required Level.) Detector .=^Z>D-1 res Cooser. anve T Dismbuted Deadlock UpcU:e Propaganoo Prjv-nted V-aj-.-for AnaJvsu ORACLE' -55- 4.2 Object-Oriented Database Systems There ruo genera! approaches are c«nnralized o: disnbuied. foliow L".e tc impiementmg Present pro:cr.7>es falJ shared object space (hierarchv): a one of these genera! caiegones into no; ar e>J".2usuve s-zr\f\ of prescn: protor\-pes. IS the vaner>- of protors-pe s>s:ems bcL'ig however i: Tne gives a flavor for implemented. GEMSTON'H GemStone Ser\io Logic's [Purd\ 87. Maier 87] adopted the centralized approach to obiect shanng. Tne Gerr.Si-r.: objec: ser. network. ser^ers. It ciirren*J> Memoc GemStone server or GemStone Stone b;- to vanous workstations database to be distributed a thiiough a local area among several GemStone be performed either by executing messages remotely on the car. copying an object's state the to workstation local cache for Objects are represented b> depuues that decide whether to forward messages marupiiiation. to does no: allow execution connects e: or cacht provides ne object state and execute the secondary management, storage message locally. concurrency control, auihonzailon, transaction m.anagement. recovery and supp>on for associative access of objeas Gem sits atop Stone and adds the capabilities of compiling methods into b\iecodes and exccuang thai code, user authentication and session control. Pan of the Gem layer is the virtual image: the collection of classes, methods and objects supported by the objea -oriented system. Stone suppons multiple concim-ent users by providing each user session with a workspace thai contains a shadow copy of the object table, called the shared table. table adds new nodes optimistic control objea As that are copies of scheme is used to table derived from the most recently committed objects are changed in a session, the shadow object its shared objea table with the proper changes. check access conflicts. 'VMien Gcmstone An receives a -56- commi: message, i: notifies any modified cached state all depuues of to GemSior.e. conflicts with cransacuons Lha: have objea there are none, the shade the enz^es thai have not shared table. Each commit. intent to iis dcp'-r> tncr. Stone checks for read-^nte and commir.cd since me ume table of the session been modified, and is \>.-nte-viTite Lhe ransaction began. treated as if it overlaid on Lhe most recent version of the is merged with are those of other transactions thai committed after Lhe commirting transacuon began. transacnon told fails to commit. invalidate to its Lhe changes cached in its shadow Tne sute. I: were "n-ansparent" on way, the changes made by the committing session In this Gushes If the table are discarded ar.d each deputy developers exploring currentjv are is Lhe implementation of locking and versioning on top of the shadow scheme. IRIS Hevs-lett-Packard Laboraior.es* implements the models that L-is [Fishman S"] also chose Data Model, which suppon bjgh-ievel generalizatioa'spwcialuaiion, However, L-.s the Ins Storage and Manager capabiliues supported by the storage relations, transaction falls ur aggregation, a well as convenaorul manager include management, concurrency It Lhe general category of object-onenied such abstracuon, structural is Lie csr.ral-zed approach. classification, as absn^cuons. behavioral as rclaiionai storage subsystem.. The dynamic creanor. and deleuon of the control, logging and recovery, archiving, indexing and buffer management. The developers transactions arc actively exploring extensions to the storage common in design applications. A version control the basis for concurrency control in design applications. out versions for extended manipulation. others. A higher level locking Al-based applications. mechanism manager to support long mechanism proposed proposed is Users would be allowed This prevents further access to is is to this to check objea by sujjpon concurrency control for This provides a hierarchical lock structure with intention locks, as well as conventional read and wr.te locks. Disirib'jtej Obier: Ser^ c: Texn-onLX La^oraiones's [Pone: 88] adopi&c the dismbuie-d approach. b> impicmcnung lou-le\e! disno'^ted object ser\e: cuer.i workstations intended to fcrrr. from the user uhjch and objects migrate me the ir. the gjobaj object space to the sites where they iov.es; ia>e: of an object-onented system discnbated across 15 This server are used. tha: wiii a completeh is insulate pnrmtive mode! of objects provided by the server. The server provides a shared object space of persistent objects. The ufjper layer of the objeci-onented system wiE augment this model to provide such concepts as ty-ping, message passing and mhentance. Tlie genera] architecrure of the s\siemi consists of a network of workstations. stored to a workstations where the> are used at name server. Objects migrate from one Shared objects site to control for shared objects is anamed must be obtained before 11 can be accessed, manager (loczl cr object blocked conn"ol Tne\ 15 m are located are by communicating another for manipulation. Concurrency via a variant of two-phase locking. i.e., the object it. A shared object must migrate from a disk remote) into the session's object server memory. until the session relinquishes Objeas Access to this The system provides low shared level version terms of historical objects that are immutable and maintain time of creation. are explicitly created to capture the state of the objea a: any moment in ume. Distributed Smalltalk [Decouchant 86] descnbcs the design of "k distributed objec manager which allows several Smalltalk-80 systems arc present. to share objects Remote access is over a local area network. Single copies of objects done through the use of symbobc links "proxy objects" that contain information about the locauon of the object Objects then migrate for local manipulation and associated proxies are updated indicating the objea's new design docs not address concurrency control to pjcrmit simultaneous access site. to objects. The -58- ObServer Observer [Hormck 87] is store thai is currently used backend of an objcCT-onented database system as the manager for an transfer of the enclosing segment, were used to replicanon reduce Bro\vn Uruvcrsin.- and as Lhe ai Objea access by ObServer. storaee a client results in the Segments not already present at the client workstauon. if communicanon facility, i.e. ar. objec: may have clients (ENCORE) at objea-onented interactive programming environment (GARDEN). Objects arc clustered into segments all objea a persistent traffic may m object transfer.' more than one segment. Moreover, rue be placed in copies of the same segment. ObServer suppons an object The system guarantees automianc copies of an object in the vanous segments. It ujxlatc to also guarantees thai a client always accesses the latest commirted copy of an object through the use of timestamps. Timesiamps are given to transferred is segments and used objects updated, the changes are sent on to Lhe the copies of the object to indicate the in the segment by ObServer. ObServer. Timestamps are sent new commit to be If an object anached to time. If another client tries to access an outdated copy of the objea (difference in timestamp of object and scgmcnil, the oirrent copy requested from the server. is provide concurrency conffol. The locked in a range of locking and notification modes. The clients to access (read, write) an object in a restrictive or non- ObServer uses a comprehensive locking scheme scheme allows objects various modes permit restrictive made to be to manner. The non-restrictive mode allows cUents to an objea. Communicaiion mode allow s to share unconunitted changes a lock holder to be noufied of the status of an objea, including requests from other clients for that objea or a committed update from another client. ^Dne of the basic ideas for ire clustered together unproving performance m physical memory. in objea-oriented programming is thai related objects •59- POSTGRES [Sionebrake: 86. Rov.e S6j take the approach of stohng a shaiec object ruera:cr.\ gensrai:or. reianor.a: database mar.agemsn: system to the RDMS means of supporting complex L-.cIude POSTGRES POSTGRES's objects, of allowing of supporting aleners. tr.gger- and general rule processing. advantage of elimmaung Lhe need The use of an implement an object manage: to new l-^. a nexi- extensions daiar\-pes RDMS and has Lhe that supports shared access, maintains data integnt> and resiliencN, controls access to objects and maintains data consistenc\ . As objects are referenced by the application, a run-time system retrieves from the database. Objects retrieved from the them databsise are stored in an object cache in the application process so thr subsequent references to the object will not requLT another database rctncval. that Object updates are propagated to the database and to other processes have cached the object. .AJeners nozf\ the system that an objea has been ujxiated. Table 4-11 ^ummar^es the relevant feamres of objea-orienied databases above. 4.3 Multi-user Hypertext Systems Note cards Notecards [Tngg 86] is a hv-pencxt-based idea structuring system. electronic notccard containing text/ graphics and images. connected to other notecards The basic objea is an Individual notecards can be by arbiuarily typed links, forming nerworks of related cards. Distributed Notecards allows users simultaneous shared access from their workstations to notcfiles residing on any machine contention resolution at the in nerwoik. the level of individual cards. Distributed The system allows any number of users to simultaneously read and display of a given card. modifications to the card notified is when modifications restricted to arc made. one user ai a Notecards provides However, permission time. to make All readers of the card are Readers are provided xhrcc levels of modification -60- Obiec!-On--.:e<l Cen:rL-zsZ V-rsioninj Conrj.-rtr.cy -s GEN'.STCNT CoULIL'i Cicra^zcd I?J5 Ym Lockizt D:s Obj Histoncal S«r.'er Obi;r^ ! Dis~.b'j'^- Disr-.bj'.sc SmailTiLx (Ont Cor\ Uojcao*-:: No Comcrencnsive Y;s LocIgee Y;s iM;gra::on 03 Server' C^craiizs: ENCC?^ • Table notices. card. card. ''2 The reader v^her. The 's:t systerr. is 4-11: a firsKome, Fear-res of ObjcCT-Orienred Daiabases novSitd (l) when someone has declared j^T.'.t: arrjal!v ur.ies '--.e ar. rr.od_r.ed card ar.d '3 provides no special mechariisn: for dealir.g individual card level; exclusive on r :,--- wntc pemnssion first-ser\ed basis. Notecards has is mtenuor. tc modif>- ihz '.^her. a 'AT.ier deletes a w:'_- rr.odif>- collisions a: 'Jie SL-nply allocaied for an urJirr-ied per.od no suppon for versions. Nerr.r-ie Neprune [Delisle 86] effons. A context is dcfi-ies '-he noaon of ccniexis coliecdon of nodes and different contexts togc'iier to create a histones of objects ar.d Y.cr.zt new links. context. to support muln-pcrsor. cocperarive A mechanism is provided to merge Contex*^ arc used to enclose version suroor: concurrent access. .A context is use-d as a rnvate -6;- workspace fcr master' con:e\: Conflicts would be obscured detect me updaies. the \o:zl updates wiL evenruaUy be rr.2.-^ir.c arise iS & modificatior. i: a is uas made to store, organise, supponed environmen: another mas:e: contex: Lha: Tne system able ic programming suppon environment build on top of an obiect- is up to the user to resolve them. the Version is and selecnvely retrieve versions of objects. V»'orKspace Manager. the b> v,ith. is onenied operating system. Tne foundation of the system used to the were merged with the master loca] updates l*" conilicts bu: Gs-psy [Cohen 8S] rr.a> merged 'iie o'^jects. MuJuple users The Workspace manager provides is arc protected a Objects are clustered into workspaces that for v.orking on pr.\ate versions define user's access r.ghts to Manager, which Objects are not replicated but various version and version branches for an object exist. Versions created inside a workspace are private to the workspace and To pubhch' are no: \ isibie until create a nev. private vers]on. a user lock a branch o^ workspace who a version group. Houever additional must they are released from the workspace. first be anached OrdmarUy only one workspace, and then must user can be attached to a given workspace access controls take advantage of this flexibility have to to a f>cnTut concurrent access; users depend upon synchroruzauon mechanisms outside those provided by G\-psy (e.g., informal messages indicaung Qose and weak models of the workspace concurrendy. access rights specify to Weak of coopjcrauon are provided. whether authorized Qose users who is using what). cooperation allows the creator may access the workspace coojscrarion allows user to access private versions with specified This allows coworkers to get a sneak preview of a needed object before it is released. Merging of versions is not presen'Jy implemented in Gvpsy. The design proposes to -6;- suppor t>-p)e-spec:fic rr.erge handle conflicts. Poss:b.e quen-'ing 'asking user L-.e v. ca.-a.-netc.iz;d operations thai 'jse various srratccics tc ;•_-. s-aieg:es L^clude cont'ict resol'uucn r^es or Lnteractive:\ Notes Even though Notes is not interesting system to look used by people on a ai. h\-pcrtcxt Notes [Greif 88] numenc and to share textual, a local area ner^». ork of system, is suppon of its a group commurucaaon system graphical uiformauon. personal com.puters. Notes is The exist. a: sites comjnunicate the nev-er version is to latest document The in all replicas. cop.es of ahe daiabase: to if not obtained from the remote database. Optimistic concurrency conn-ol used is to detect and signal occurrences of multiple updates version mstance of a document (in the same database to a single is size. arbiira.'y different sites allowing rephcas of each \erjH ihat Lhey have Lhe that based on document manager that Notes replicanon ensures eventual consistency of the documents database an it system, operates provides perm.anent storage lor free-form and serru-strucrmrd objects of These databases m;a> be replicated makes replication ) and fjiaUy converge the versions to a SLngle version of an updated document (by asking the user whether he wants to overwrae an existing version). document most ai often. another d ax abase Access control The system resolves site lists, by choosing may the version Lhai has been edited and saved be used to control concurrent updates ways: (1) to ensure thai changes can only be made thai conflicts with different versions of a to a single mastfir copy, in a number of and (2) ensure changes can only be made by authors of the document. Table 4-III summ.arizes the relevant features of the distributed hypenext systems above. -6?- Concurr:r,c\ \ trsior Conrc: Locking NoiecanL- No No: apjphcibie N; RepbcaucT ConiLcisi Nepcuiic DismDJted Nc Rephcauor \ srsion Performed Yes Conn-o! b\ Use: Ehfference deiecaoc proMckd G>7?> Lockinc Cencraliiei Yes Performed bv User No; appbcabie Versioris Note? Distributed Opumisn: Versions RerLcaoDC ConcurrcncN crcaied CoDcrol iDiemiUy bur oo; mainuined Table 4-111: H\-pcnexi Fea* j-es -6^ Chapter 5 Object Lens Revisited In :his chapter v-f rr.airJy present a descripdon of Objer. L«ns. For those readers viho art familLar with objea-onenied database and h>7>c.-:ex: systems w-e these systems Lens 'iha: W- Objer. Lens shares. major that will play a roie 'si wlI indicaie lear^es o: then present fear^-es specific to Object \x-AL our choice of the appropnate object sharing scheme for Disn^buted Object L^ns. 5.1 Object Lens as Object Lens fits [Conk^iTi 8"]. basis". fo-LL' Tne • "Vi'indo'^s Hypertext System a of the s-j. fearjj-es of an ideali.zed hyper.ext sys'ism enumera'^d Ln feardres present in Object Lens arc: or :h£ screen co'resporj :o nodes Tne nodes m Object Lens are in the database on a one-to-one objects and objects have display trie windows. • "U'ii^'oMj can contain any number of other nodes in the database". fields and values link icons. m Objea these fields. Gicking on '-he link icons v>hich represent pointers to display The values can be Imk icon causes objea and open an object display window • • 'The database frt€ text a number of combined with the system, to find the referenced for 'The user can easily create ney> nodes and are easy to create windows contain it on the screen. links". Object types and instances through a tempi axe -based user interface. may be braised". The user in objeCT space by following links and opening Objea Lens may navigaie the windows successively to view the -65- A conten: user ess. ajer\ 5\stem for objects lis v.ith par.icula: arr-.bjte \a.i:; S2 Object Lens Objcc: as an Object-Oriented Database System proNides Lcr.s m:erface ar. to an objea-onente<i daiabasc by enjoying the characterisnrs of object-oriented systems [Bobrou 86]. These charaaensncs are; • each object includes a coliecuon of fields and field values, as well as embedded objects. • each object has a of actions tha: can be pwrfomied on se: it by sending messages berveen objects. • objects are arranged m a hierarch> of increasingly specialized type with each t\T^ mher.tL-.c r.slds. ac::?r.^ and other propenies from us parents. Moreover. Objec: Lcr.s provides a simple v.a> to agents tha; scar, the objects folder 5-3 The rj'es m m perform datasase quenes; users can create one folder and inscn links to selected objects into another the agents specif\ the cnteria for selecting objects. Object Lens Specific Features In addiuon to the objea-onented features and hypertext feamrcs of Object Lens, the following specific characterisucs influence our choice of an Object Shanng Scheme Distributed Object Lens. 1. Naive Users. makes Objea Lens is user-interface a major geared toward non-prograrrcrung users. component of the system. model influences what aspeas of object sharing 2. Agents. are The exposed This user-interface to the user. Object Lens supports the creation of rule-based "agents" that for -66- process mformanon automatically on behalf of the user TTiese agents car. be triggered by everii- s-ch as the modificauon of a particular object. 3 Each object Semistructured Objects however values, may the user different fields as they desire. from 4. free text to a link to m fill :s a much as coUecuor. of fields and field or as Utile informauon Fields are not typed and the values can range another objca to a combinanon of both. Customizable Folders. Objects may be collected in customizable folders. These folders can be m.aintained manuiliy or by an agen: executed on the objects executed on tables 5. Version the folder in the in Ln relational Maintenance. applications. Object in the Lens are quenes are as databases. tool a .As same manner Quenes should for umplementing cooperaave suppor. the Maintenance of work different versions of objects. 5.4 Using Object Lens Object Lens, like us predecessor Lnformation Lens [Grant 8"], makes extensive use of mformanon exchange (Ir^eral using text) specialized semistrucrared electronic mail messages. Creating semistructuied objects requires "defining a collection of fields and field contents. The fields are defined by creanng a new objea will inherit fields renamed or their display supjprcsscd. Once filling the object type in the fields PERSON'), hence is in from new its object type in the rvpe hierarchy. parent in the hierarchy. Additional fields may The Note that, the inherited fields can be be added. defined (for example PERSON*), objea instances can be created by a displayed object creating, for example, window corresponding to object type (e.g., JOH.N and TIM. The contents of an objea's filed -6-. mc> be a \-J\t. to anoLher obisct o'-'fr: L- ihr er.:".?;L".r objec:. d:spia> corresporidiT!; i? 'i-.e order of minutes to hojri. shov.r. across the trr of incluGLng: L'.e Tnis 11-^: r;a> be expanded to appear object Tms interacnve ediur.c of objects mav Actions ma> be invoked on the objea from the displayed object windov. actions that appl\ tc the editing to execute ar. Object msiances ma> be modified b\ ediur.r . embedded me vk take ir.dou or. Lhe command bar There are several kinds of actions. window such actions that apply to the object such as save o: add link. subseconds a;; as close, move and These acuons take on shape, and the order of Figure 5-1 depicts a displayed object form of a Person object Ob'ect Lens. •,»<"m-l»iw» 1 9nr Jo»« •>«# in .6S- Agen:s when car. be created tc automaiically process irj'orr.auon on behalf o: ihe user cnggerec. aprhes a set o:' objccis to access irJorrr.auon lt such modificauon of embedded arrival l". some objecrs. of nevi. .\r. and the action. Tne acuon specifies '-".e Rules rr^> foUovt agent ma> be mggered by of the implemented". Tne descnpuon for the rale to f-'e '"by indicating the values of in question,). folder. passage ma:!, a cer.ain field in an object (not yet par-s, the descr.ption matched of luiks. addition the as r-ies tc objects .\r. .A. accn:. lirjcs l- events hour o: pcrhars rule contains r*o specifies the par.enn that should be some action that snould ''x fields of the object unstances taken if the rule :"lrei. such as copy. move, delete or add ke> v-ord. A use: may contaLmng Tne navigate the object space by all folders m stamng at the basic folders, such as the folder the s>5tem.. rype of op>e:auons that are of interest to us are' • A use: opcr^.z an object form, editu-.g the conten'^ of the various rlelds and then saving the changes. The • A • Automatic execution of rules by agents on objects use: later hours. addng o: deleting a lunk from, a folder to an object. r*o take on in the folder. the order of seconds, the former on the order of minutes or even -69- 5.5 Object Len^ Archilecturt Odjsc: Lens cor.iair.?. Lie mod-ir> 'berenson 89] depicte-d ' 1 r ftc :' 6| ; .f "'=^-1 l'-. Fipsic 5- --C- time-dr.ver. events updated obK::s Objects are ar.d receives messages tram Objec: Mar.ager about nc'* '-he I'j^ks. ar.d rr.ar.-dl.;. rr-zgered ager.'.S- curre.-.iiy sa-- loaded for Lhe objects to sd p^.Tr.a.-er/w> , orJy ir. fLes on a fiie The fjes may remain on be defined The object on define Lie Object Lens object space. ±ie Tne nJes need scr-e:. ir.t workstaaon be lo v-orkstanon and her.cs will net sur^tve syste— crashes (ihe> are not persistent,. Object Lens presen'Jy a single-user system. is Object are those on h^s v.orkstation. may the object. This • • MaiLng be achieved orjects literal Loading m r'lrst approach changes made tc the is m Propagation update previous version to A limited to shanng tne miormation content c'l ways. expor^r of Lhc object a: a common file somewhat ransparen-y). a sense a one time exchange of objea information. Any future object b> the sender are not refieaed in the other objea. is is reloading the state of an object every time done tlnrough a is siov, and is it is modified. cenral fUe server. Tr-s approach also allows for the be m.amtained tlnrough a link from, the current new version. This mainiy addresses updaie propagation, only one of the many feanires required for a comprehensive 5.6 knows about an Object Lens message In the second approach the user unplemeniauon m rwo specif.ed fie created by the a ser.er (this m.ay be done Tne 5ha.~_".g .s TTie set of objects thai a user objca sharing scheme. Ad example topical application in Object artributcs of the message such Lens is processing incoming mail into folders according to as the subject or the sender. processed by an agent and put into a shared folder thai is The incoming messages accessible by a are number of users. Consider the fcUo-^ incomirc messages BUG-MESSAGES exarr.ple ir.g Ar. use: u .A.-:> i-„-. ac-e>s workstation, An.y updates made ic because of incorrunc messages appear for objects such as a V^'e fee! without It. Aat '_he r. PEIRSON v.ould be need for user tc the folder could brow.se throcch and read Lhe in the that the user more appropnate inter-^ent::^n BUG-MESSAGE svstem,. folder is opened a: a user's BUG-MESSAGE-COLLECTOR opened form. Note thai earlier v^e suggested should be prompted to refresh the object form.. in the case snce folders the next chapter v.e discuss the requirements Lens ai: Liser.s therr. in:o the shared folder folder by the agen: tr.e fiiiers and ina: are re--.2_L-.ir.c ic bLjc fj^es Nov. consider the case uher? the messages BUG-MESSAGE-COLLECTOR acen: are m of folders, for links to be added most cases background processes and features of object sharing for the Object Chapter 6 Multi-user Object L«ns Lens Object Distributed allow v.ill users workstations to objects residing on any may be replicated vanous at sites to Distributed Multi-User Lens • A d:s~buted lU v. simulLaneousIy to machne improve performance and x Objects ma> may Lens users. Hence, objects may have links access the iocaied same Ir, a multi-user availability. at different sites in the to other objects located object. Trus may lead a elsewhere links. one or more user s\'Stem.. The system should provide modiScauons. their some cases be tTansparen-> accessible by remote Object The system must suppon such • Concurrer.i u se rs from attached to the local area network. Objects network and in the nerw.ork. access have the foUou ing basic feamres: obiec: space: u-. share to loss of mechanism may concurrently infornuuon and for guarding against such anomalies. • Protection of shared Objects: Access to objects vars- depending on the authonzaiion of the user. read the objea while another We will first explain we define Distributed the some is We Objea Lens with emphasis on • Shared object creation. • Shared object deleuon. • Shared object protection. user may to another be allowed lo only allowed to read and modify the objea. early design decisions terminology we use. One from one user made for Distributed Object Lens. Next then present a design for object- sharing in the following features: • Shared obiec: mod;f:ca:ior. The goal cf the firs: proio:>-pe of Tne choice of for objec; sharu".: thus assume ar. Dismbuied Objea Lens users bcLng on the same v. orkstanon. We to ac; as a prjr^tive object ser^e:. acquire one tha: manager fits to is architecture that requires the least effon to Tne configuranon rely Tr^ the spec J"; cations is n of sccondarN imponance implement and that of the server most that and the client on the local disk manager of the underlying system avoids the need to implement an object se:%e: o: menuoned ir chapter 2. chapter 2 will We Many provide the features of object sharing. assigned to the objec: server proposed schemes to test the is the architecrure a: this stage resembles the curren: configiiranor. objeCT accommodaies concurrent Design Decisions 6.1 Earl} We iha: need to buiid the chen: of the duties that were nou be performc<3 by our designed object manager. We allow replication to provide fas: ioca! access to objects be located at a number of workstations. Since replication no need suppor. nugraiior. of objects Tnere the local workstanon, no; remote object server. The objects reloaded). at a: a is also the workstaiion are not persistent when is desired. supponed Objects ma\- thus there this architecnire. no need to for caching, since objects are located at (m case of a crash the objects need to be Future prototypes will need to incorporate persistent object stores. be easy to add in is This would 6.2 Terminology Conceptual Ob'cc: is ar. object that diitcdy represents a real life ennr.' John SmiLT. with pnone number 5-i"-0T^l and address 100 Memor.il onc relationship between a conceptual object ard the Obec: Tvas, refers to object entries I'-.srj.'-.ce Ob'ec object instance :s conceptual object. Hence, physically Tms exist representatives Object imponant is at is LID may if different we are to allow against the an object is 's.t same ir. the abject different copies of the object instance to The workstations. association be used to associate each object ms'Jince with between the different is its various represcntanves. This refers to a version of the object instance mentioned above. This pcrmiis revisions to be m.ade Tms will essential to ensure update propagation to aH representatives that exist. Ob'ec: Instance Vcsion versions, if Tnese refers to distributing Lhe object a: different sues nerwork. Tne different object instance representatives should be treaied as Instance, a or.e-:o- creaie-d Tms Ins ranee Rer'eserrjr.ve a :s counterpans. lie objcct-onented lang-aage. ir. occurrence of more than one object instance for new Tr.ere However, object-oriented languages do not guard have Unique Ob;ect IDs. duplicated, a real life i>: such as the person to the object. wiLh possiblv a histon.- list of all not implemented in current objea-onenied languages, but implem.ented by generaung objea LTDs to associate the different versions outdated may be with the same objea instance. Objea Space: A user's objea space consists of series of links directly or indirectly arranged together m a nerwork all objects thai he can access through a from the inimd node. strucmre. The nodes and the links are Figure 6-1: Object DcfiruDons 6.3 Objects in Distributed Object 6-3.1 An Shared \s. Personal Objects objec: in distr.Duied Objec: Lens ma> be pubhc L^ns is cither a personal objea or a shared. Shared objects or pr.\ ate. Persona] Object Associated with each use: is m the Object solely responsible for modifications Tnese those modifications Lens nerw'ork made is a set of personal objects. to the objects and is The user solely guaranteed to see are equivalen: to the user's objects in the current single-user Objeci-Lens system. However, a user another user for the in the create a system. new object instance of a conceptual object and give Neither the creator of the object nor the system The new maintenance of the object instance. receiver. may may No be local resmctior. ai the is made on where owner's workstation, or a object instance is is it responsible the property of the personal object instance physically resides. ai a remote site, to It such as a database. Shared Object Conceprjally a shared object is one to which a: least two users have some form of access. Sharers of the object are guaranteed to eventually se« the modifications made to the objea. -6- Each Object Lens user \>.ill have to his fuli access r.g-.'.s vi-v. his personal objecis plus a set of shared personal objects, but oojecs He u-Z! me var>-Lnc rang; of access r.gh:s ic a shared objects. Consider a ruo-user Dismbutcd Ooject Lens syswm object space consists of the objects TASKX. T.ASKMANAGER, T ar.c in Fig-jre 6-2. User's A PROCESS, LENSFOLDER. TOM, JOHN', KE\TsV K£\'IN-. TIM. JOHN. TASKX. and TASKMAN.AGER. remainine obiects are snared shovvn and aca T. User's B objea space consists of the objects PROCESS. LENSFOLDER, objects are acct as ':?v both A acct K. B's personal objects are acct K As persona: and TIM- Tne and B. Figure 6-2: Two-user Dittibuted Object Lens 6J.2 Private The vs. distinction Public Objects between private and public objects is thai of authorizarion Authorization descnbes access nghts by users to various objects. combination of the foUov^Lng ( Read, Modify } Access and secuhry. rights fall into a Public Obiects As)\ user l-. D;5n-.:''jtec Lr.t Public objects arc a Orjt:: Ler.s ner^cri. Pubhc subse: cf shared objects Object Lens users v.:± full ha^, all access nghts to ?ub'i: Opiecis. are sharec b\ obiec'.<^ all distributed access nghts. Private Objects A may pnvate object only be accessed by an authorized user. Access of read. modif> or delete. set adherjsg to authcrjiauon requirements. .At example of and B haNe member will no: only ha^ ' 63.3 Local It. pnvate object access to group members B a it is the beca'jse the\ have access Moreover, user A be lirrured to objea in figure 6-2. pan of LENS group. are the Hence, the to the Both users A non-LENS LENSFOLDER might have 'delete" rights TOM is pnvate group to (i.e., Lens object while user \s. Remote Objects A may be physically located use: rr.ay access objects that are local to ser\'er. h:is It at any workstation in the workstarion or that arc remote may is not as impK)rtant in a fully redundant implementation of Distributed each object is replicated a: every site in at be necessary to expose this distincuon to the user to explain the delay tune experienced in accessing the object. Lens A read' nghts to the object. another workstanon or pwssibly a database distincuon ari> be divided into sets of private objects, each LENSFOLDER to the folder. Distributed Object Lens objects nerwork. may Shared objects may the nerwork). This Objea Shared Object 6.4 Creation of a In this section wc \>.lLI descr.'De use: mterface for C'dnr.'".? access [c a Shared Ob^e: The created objea actual L«ns using (i.e.. is edi:o: ir.e the object type;. Once m • same marjier the ~^ :c 1. may be done The -". the private object one :ac o: creator sends a Ler.s The receiver then 2. The \_\rk_. allowing mm tc created, the owner may decide that other users Informing or granting access to the to the object. message hnk a folder) in bus object spavi the is to a>s- v. inser.s as objects are currently created in Ob;sc: Si03 of a serru-structured tennplaic corresp>onding w-.e \r. should also have some form of access object crcaung shared objects. T:^.z :o ano'Jner user, to that receive- with a link to the object. object into another ^.^-^ L.-'.sr.. objea a (e.g., o: a: a future time resolve v;ev. tr.e contents of the obiec:. creator insens a link to ihe objea m an object Lha: already shared. is system can possibly notify other users of the addiuon of special case, and possibly the most comjnon, would be diis the The object. A mseraon of the new link into a "shared folder". The former of We the vtill illustrate User B rwo methods the from the TASKX TASKMANAGER TASKX. object User TASKMANAGER reference to the appropriate for initialing sharing of a parent (root) objea. rwo methods using ihe example creates a task object TASKM.ANAGER is objea A User Figure 6-2. m.anages ai! tasks therefore needs to have access to objea. User B therefore mails objea (Method to A in I). User A a by using his jjcrsonal TASKX through message to user A a link with a can then adds a link from the T.ASKX. The reference may be later resolved. .79- Tne LESSFOLDER fc'.ce: tha- car. be reacr.ed b\ is shared b> from tracLnc iLiks users (A ar.d all a lini. share the b\ ir ine ob'ec: unstance neu objec: instance inenng a Ilix to it :? Lisened Tne JOHN This Lmphes ,, the folder arc shared b> joins the croup, a nev. person objec; instance and B l". (JOHN; the is all iha: users If a objects neu use: created corresponding to the user, LESSFOLDER folder. All user? person object was made accessible from an already shared object al". LESSFOLDER uiT nov. to other users {Method 2). Resohine Links Resolving • a link Creating a local object instance representative of the object. becomes • could imply one of rue things depending on the desired implementation. a loca. object and future accesses will be made Remotel\ rerieN'ing the object from, object and furore accesses to uiU it iti sue. Tne shared object to the local copy. Tne object remains also result in remotely retnevmg a remote it. L'^PLE\fEMATIO\' Each object may have different sues. A a num'^er of object instance representatives that are located at unique object identifier should encompass information about the locanon of the particular object instance representauve and ihe objea confiruranor. for the system uide object id c: t: is showed m it corresponds Figure 6-3. to. A possible .80- The [Time representanves. on the objec; carjiot rei> CreaietTi fields allows for differer.: v;rsions to ex:s:. generated by the underiyung system id to the underiying system. aJlcus an object id to be specified, then mennonec above unique object ids is indirection where object wide u.'uque object .Anoiher ait£m.an\e generated by the system arc :ds fit our requirements. we choose to is mapped to spccifS build one to the level \\e If Lhe of proposed system ids. Resolving an object reference translates Lnto a read request direaed to the object manager. If the object is not local, the ,'rr^chine created or' field the appropriate object manager across Lhe network is at site used to direct Lhe read request to [machine created on]. SnorTCC'^.:>-£ C' P'O'OCO'. In essence a user is granted access to a some shcr.con-jnes that object. Trus ".hanng protocol has • Unintentionai Ljnks. regards as personal. is his workspace, User .A shared object by providing the user with a link to : might unintentionall> provide links to objeas he For example, however, in A grants doing B permission so, A to include grants B objea "x" permission to "\" uruntentionilly include .A's personal object because of the link berween "x" and "v'. • Propagation of an object. Access User . For exam.ple, turn might give C if A A has no control of grants B a link to thai object, who pwrmission else might get access to B in to access object "a'\ hence allowing C access to objea "a" without A"s consent. • Revocation of .Access gave out a luik. . User A cannot revoke access to an objea to which he 6.5 Deletion of a Lr. Shared Object obiect-onenied systems obiecis are removed from memors- using a process called garbage coLJectior. Tne his links to thai object efrec: of deleur.c an object from, a users object space OrJ> v.her. there are obiec: ge: garbage coI:ec;td Multiple users lr. ma\ have Imks Hence, the reference count that to a Tms remote references to an object will the d;s~Dutec envL'onment, marters an object Many are no: of these links are from remote sues. The object is garbage collected when might be unnecessary for the iruual protonpe. An Trus is hard alternative simpler tc the impicmen: and scheme would be However, the object manager has use the current underlying garbage collector maintain local representatives (m the fonn of links) of remote objeas pointing These links bo'J~. are zero. implies rev.r.:Lig the underlying garbage colleaor. shared objects simpie as maintains the n'jmbe: of local references to an objea should be extended to include remote references local and no more links pomnng removing is are dropped when the clien^LS to to also lu the local indicate that they have dropped these links. 6.6 Protection of a Thus far Shared Object we have explained how a user may specified the type of access the link provides. controlled access to an object enforced get a link to an objea but we have not Distributed Object Lens should provide for The question is how such infomiation is declared and ? In Chapter 3, section 4 we saw two models of protection, one independent of objea naming (Access Control List) and one dependent on objea naming (Capability System). examine how each of those models would be environment. tailored to the E^istribuied We will Objea Lens CapabiJ:r\ Svsien The object LID descriDed earhe: object (perhaps containing one V.'hen a nev, object is created v>.ould also consist of a spec •J": cation of access bit fo: b>' each class of operations applicable a user, the object object with a full set of access rights. ,:.e., with a specificauon of the nght3 required. ne-A OLTD set of access r.ghts co'^ild be m^^ed t tc the to ihe object OUID the i. of the The modificauon of access nghts may be made pan of the object manager duues. The objea diminished manager constructs nghts the OLTD) ls The new presented to the objea manager OLTD remmed would otherwise users wrJi few nghts could apply for tc i_fferer.: ^ser? ±a: may now- have a more >. have rcsmctive access This to the objea. This scheme as it Users would do stands assumes that users do not forge links or impersonaie another user. this to uicrease their not authorized to get access to. access rights or to get access to objects that they arc For our purposes of designing a research system assume no malicious intent on the par. of the users. could cleanly be added to a An authenticanon mechanism such as Kerberos producnon system to guard against possible forgery and impersonation. Access Concrol A list IS List associated with each objea specifying the authorized users and the operations permitted for execution by the users. Such information is separate fr om the QUID maintained by the objea manager. Hence, when a user requests access to an objea specified mode, the returning the objea. objea manager From verifies thai the user the user's point of view, when is to specify a set of rules that govern access to the is some allowed such access before creating the objea he needs to specify the users thai have access to thai objea and their access rights. would be in and object These Another option may be easier to formulate and have the effea of defining protection domains for the object. This however, may be inefficient because it requires resolving the rule every time the objea is requested. Comr2.-:sor, o: CarabL'-.r. -Based and Access Conr-o! L;s: Svs:ems A model does no: guard C2pabil:r>-bis.ed pro:er::or. Lne earlier semen m objer. Tms ma> a lot unether a o:' overhead a lirce ir. 'J".a' the hierarchical strucrure of the object space. child object inhents the propcnies (access nghis'* of the parent some be appropriate in overv-nie default, but expliciij> Given cases. shoncomir.gs mentioned model incurs Ar. access conrroi bai.ed proiecuor. migh: be unnec€ssar> Lhe c'jesnor. arises agair.s: ihe cases but not all by describing a new. it It is set possible to allow this as a of author^atior rules for the child object. Hvbr.d Mode! It more appropriate IS permissive sense Tnc access control allowed access not to use access control lists in the restnctive sense as to the lists will A object, system.. It obtaLned a ls access conn-ol links • may 'tx overcome to 'the list Hidden objea. links to personal objects that denies access to all users protected m rwc cn'ierent and hence can sec pcTTTUttcd to it its icon form. may is view ing the contents of TOM person objea. are hidden be proteaed using an not pcrmirted to get To The user however, Tom the is a more information about Hence, when the unauthorized user looks tc is not follow on the example in oblivious to the existence of the objea. folder he will not sec a link Hidden the existence of a certain be permitted to sec that of the Lens group, but is have somehow except the creator of the objea. view the contents of the objea. The unauthorized user may who modes: in Figure 6-2, an unauthorized user most adequate the is the deficiencies of a capability -based The unauthorized user may have knowledge of object, • implementation important to guard the object against undesired users Il-tI; to the contain informauon regarding users that are hybrid Restrictive access control lists are used to opposec TOM person objea. at the i.e.. member Tom by the links LENSFOLDER -8-;- The laner mode is much harder to Lmplement. It requL-es that the object ser\'er performs the following additional step? before retumLng the objea. • FoUov^s ar.d • verifies if resoives ans access is Shared .Aeer.ts Agents in rencve restricted trom. ar. objects. to the agent that operaies on tne seemg some object have the same access nghts to LENSFOLDER agent ar.d hence can tr.gger the triggered agent should differ it. embedded have, Object Lens are implemented as objeos, and hence can be shared like any other and user B have access analogous to these may the links. object instance. Consider IS pcnruned requested object kept intact. • if so Lhe links are • cLherv-ise '.irJcs '--.e ir. the it to another. to the objects as the user that It will .A. on the folder. Hov>.ever, user A LENSFOLDER, from one user an executing program. Both user folder. namely TTM. The outcome of Hence, a triggered agent should mggered ;t. A mggered agent have the same usend as the user who is triggered Vvlien the rules are fired and the acuons arc executed, the objects thai are read or scanned arc these that .Another option is to creator of the agent. triggered it. can be read by the user. suppon agents with parameter^ed userids The default is Hence, even if may be set by the for an agent to assurnc the userid of the user that Otherwise, the uscrid of the agent (e.g., himscifj. that the agent is may be set by the creator tnggered by another user, objects that are accessible by the specified uscrid. This is to it be some userid scans the set of helpful in giving a user access to the services of an agent to run a particular query without giving him access to the ennre underlying folder. The user will only have access to the objects in the folder thai satisfy the query. -85- Use: Ir.ierface accessing an obiec a use: Me-J-s the corresponding I.-, users access cxa.-nplt. ar. the r.z'TM. td:: delete conrr.ar.d appropriate conmand shou shoui orJ> i: Specif>'ing restrictive access 6.7 Modification of a Objects in Objec: Lens change con^jnands are sh?v.T. orJy lT 'j-.s the user has the lists is car. comn^and Fc: ba,' nghts to delete the object. the object created. is be modified either interactively by the user or automatically b> in the objec: space: save, ar. can also be applied manually ;. add-Imk, move, close. Users Vv"ner. a rule is executed on the object. commands may item to a folder. Tnggered agents apply a set applied, a collection of objects look for objects thai match the description of the is the Shared Object and save the chance > or add the rule or. Lhe or. use: has the nght to modif>' the obiec; and a command when an extra DependL-.g d:spia> Objec: Lens ccrrentJ> supports the foUowLng user-dnver, triggered agents. result in a s windc* rule. If a match occurs, These actions may var\ m the that edit an object of rules (rules is scanned aaion to part of complexity (sec secuon 6.7.1.2 for further detail;. L-. a distributee rr.-jl::-user environmer.: imponance. consistenc\ Distributed Object Lens should provide The remainder of this and concurrency are of paramount suppon for each of these features. chapter will be devoted to exploring various ways of proNiding concurrency control for simultaneous users and achic\'ing consistency between different objcCT instance representatives (if present). Consistencv The basic premise is given time period to that all all changes made to the objea should be made visible within a authorized sharers of the objea. The question is whether the update propagation should be exposed to the user or done transparently by the system. This is only -86- an issue ;f Tne inzr^ are different cbjec: instance representative of the object. tm-o options are. S'^'ste": - Guaranteed Once an. object '.s mod'.fied, the system, ruarantees that all sharers of die ob'ect evenr-ally see &ie change Goose consistency conirol). H?u trjs implementfid depends on the shared objea implementation is we choose and ihe concurrency control desired. E.T:;osed to user 2. chancrs . The modifier of tc all sharers of ±e '?;sct. the object sends a I: is '-".en up message indicaimg the to the sharers to modif>' their objea instance represcntaiive. ConcurrenrN- The system should allow any number of time. It is m viizl such each o±ers operations. • A a siruaiion tc Two users to access the ensure 'jiat same shared objea the ai same concurrent acuon do not inicrfere wiuh kinds o: ;onfucts ma>' ansc: Version Conflict that res'ults v. hen different users are accessing their object instance representatives concurrently, but are modifying different slots or fields in the object. Version conflicts can resolved 'oc by merging the two representatives together. • A Serial 12 abUiry allowed a occurs access the same slot modify or when two users on each A to ConfliCT m arc when two the object or more concurrent and one or more of users are the accesses is pxrforming modifications thai are dependent other. concurrency control scheme should be adopted thai the concurrency control can be possibilities anse: vrill resolve such conflicts. done by the system invisibly or visible Again to the user. Two -g-. S'-srerr 1. Hence. Tne Guara-nieei ar.> transactions system iha: res'Jt should conT.ici a ir. g^jaraniee resolvng should be conflicts abcned and restated sysiem. 6.7.1 Vv'e Tne use: User AJerred 2. It is \^'p Transactions ulL use alerted of a conf.ic: a5 soor, as is to the user to in A model either a COMMIT transaction operation or a successful tcrrrur.aticr. 'the unit of used - to signil 1. 'jie is the rw.o types of modificaiions possible defined as a unit of work consisting of a sequence BEGIN_TRANS ACTION ROLLBACK work has been operation. operation and ending COMMIT successfully completed). is used to signal ROLLBACK ':>e read;. types of modifications are formal!) descnbed in terms of transaction as such: User-dnven modiiicanons are performed by the user editing the objea form. We wiH term these interacuve transactions and may the objea form, making be days. redo. last from minutes to days, i.e., the the changes and Moreover, these transactions Interactive transactions . These transactions are long-lived time that elapses between opening finally closing the object are very form may expensive to roll-back and wiU overlap more frequently because of the duration of the transactions. 2. m is unsuccessful termination (the unit of work carjiot be successfully completed a data object can net The rwo knovkT. to the actions to resolve the conflict. descnbe to of operations. becLnrung with a special w ith is Object L€ns the transaction Distributed Obiec; Ler.> undo i: Agent-dnven modifications arc performed as a consequence of a Rules are either applied by triggered agents or by users. automatic transactions . We Tliesc transactions are shon-lived, fired rule. will tem:i these i.e., last no longer ihar. feu a Automatic seconds. m processing n-ansactions V^ e iniuaHy V. lLI hou exarrLir.e database ihe transactions comparable are to daia systerr.S- various s\Tichronizanon techniques proposed for dismbuted database systems, C.\D ssstems and H>-penext systems may be unpiemented to achieve concurrency control for mteractivc transactions. Accordingly v-e wd] examuie hov. these techniques may be used to achieve concurrency conffol for automanc transactions. 6.7.1.1 Interactive transactions An mteracuve transaction could either consist of a simple read operauon (opening the object form) or a read op^erauon followed by edicmg the object form and then closing the object form hence savmg transition for O, to 0,^j Lie is changes We will on Op solely based assume thai Lhat m case of mod:5icaticns, the no other objects need is. Figure 6-4 shous the ruo possible sets of Literactive transacuons. objea IS considered as a separate (not a nested) transaction embedded object feci that the is no different from opening any other objea two transactions other users. Vve see below are related how he and may may accomplish R^(O) RgfO) Opening an embedded Our claLm in the to be read. is that opening an system. The user require to ensure may no interference from this. Read Wg(0) Modify Figure 6-4: Imeracnvc Transactions If rwo users arc concurrently accessing an objea the following three scenarios are possible: — no conflia • Two users are concurrently reading the object • Two users are concurrently modifying the objea -- arises. conflia potentially anscs. -89- Concun-cr.'J\ • one use: is readme and the oihe: me narurc n modif>'Lnc the obie:: -- confiic; ro:er.::j^;> ar.ses Since the pcten:;aJ for confiir: depcncs mode uansacaor.. the or. of the sim'jitaneo.:- LT.erac'.:\e of access needs to be cxpiiciuy spiecified by the user. Tne foDowmg users are p>erforTrur.g uidependen; modificauons to the object. illustrate that kinds of wv\ Lhree the conflicts that marA case> This means tha; rv.o the cor.f.icts Lha: ar.se are vcrsior. confiicis. not senaiizabic conflic'Li. examples Ir. may arise in are three interactne transacaons. Consider a TASK objec; that has as one of free text that allov. field IS users ma\ simaltaneousl> though s users involved in the task to edit the to PERSON modifv the [phone wnte about ihcu progress. this Two corresponding objcCT form to note their evaluauon. Even free text that reflects their evaluations. a The contents of fields [progress repon]. accessing the same field, they arc installing independent pieces of both, users are Consider its object VN'e refer to this as a JOHN Two n'^m'i^e:] field users may and the other to version conflict. simultaneously access the object, one modify the [salary] field. We also refer to this as a versicr confuct. Consider the TASK simultaneously. evaluation. performed We object again. However one Assume user's that comments rwo users arc refer to this as a serializable conflia. accessing the object arc dependent on the other user's Access to the objea needs to be in serializable order. User Interface One opdon may is to let the user specify access access an objea either to Read when or to Modify. the object form is Another option opened. is to Hence, a user have edit as one of -90- commands on ihe bar and clicking or the far ed;t form comjnand is ari Opemnc Lhe object fom-; is an indication of a read indicat:on of a wnte. Automatic Transactions 6.7.1.2 So the object we have seen changes in the object space iniaaied and explicitly completed by an interacuve user thjough Lhe use oi object fomis. Users of Objea Lens can also create rule-based agents to automatically process information A content of objects when ru.e cor.ststi o: a descnptior. and action specifies the consequence of the the rule sho'uid firr Description sp)ecuies and an acuon. The matching of rjle. a rule and the execution of us action m.a\ be modeled by the transaction: R(O^) .... the .AfO, ) where .AfOj form (move objea I rules: or a can either be to folder, copy object senes of reads R(0; actions of the form summarizes how {set rules are the predicate (description is > ) <vaj-:ab:e> to pan sunpie wnte W(Oj) to folder, delete R-'O^j) ' modeled a as transactions, conflias if Tms means rules are allowed to interleave. preserve the serial order of the cxeoinorv^ We that rule -- objea from folder) {Caieeory W(Oj) (Category 2 the case of j*. Figure 6-5 rules). There would be a number of reads of the rule consists of an the value of the predicate. RiO; case of actions of embedded objea. dependent on the value of the object read. The consequence pan of a upon : in the followed by a write (calculation)} Tp^ if TTic write in Tj^ rule exccuuon may lead is conditional to senaluabie Rules need to be executed atomically to consider rules and not rule sets to be the unit of work. Category Catrgory Rules 1 1 specifically viewed rules perform their reads on any kind of objea but jserform their writes on folders by adding or deleting links from folders. The write operation as an append operations, hence two different writes without altering the resultant folder. This means that ww be resolved by merging the two modifications together. may happxn in conflias of category 1 may be any order rules may -9i- A'O R.O whsr. AO Add link Dtlt.e link Move obiec; to folder SET o.anaDle> TO (calcuboon where <\anabie> object field of object F(0; icaicuiaooQ 0) r F(0 Figure 6-5: Rule execution transactions R\^ conflicts cf ca!egc-^ cxecuaon of a 1 rules need wnte operation of mterleavmg the execution of the of the oLher ma> rw. a rule is If obiec: • If object much more Recall that the dependent on the value of the read. lead tc conflicts and inconsistencies. m pseudo form: TOM m Folder A then add link from Folder B to object = TOM not in Folder B then remove link from Folder A to object interleave. The Initially the objea none of the first rule performs TOM is in folders. Rj and Wj A and Folder B: object Figure 6-6 shows how which and the second rule perform R^ and Wj. Folder A. are different, they arc both consistent with the rules. the rules art perfomied atomicaUy is Even though may Hence the order in not important as long as they are pcriowntd aiomicaUy. Executions (2) and (3) dcpic; the uxong outcome conflicts of this type TOM the rules could In executions (Ij and (4j, the rules are performed aiormcaUy in scnal order. outcomes vt-rite = either in both folder^ or the Hence V\; illustrate this in the following These two rules basically ensure consistency between Folder is care. c r^ies such that the read of one occurs before the example. Consider the followmg two r^Ies • handled with to be if interleaving is allowed. be resolved by serializing the execution of the two rules. Rw .0}. onec: Obiec:> fcrrr. tLTiesiamr cf Lhe lates: As indi:a:ed \r. w.T.te Cnap'.e: T/0 Basi: ?. alloued are timesLamps). then one of interactive transactions me fRfO (RTM'O of ihe iaies: read ar.c tne \^T7>.1 O;.). tc ap^phcabie \n an environment where orie p:o:tsc urr^ transactions W(Oj; -- ori!> is Recall that timestamping represen:ar:ve of the obtec: exis:s uhere transactions umesiamp also ha\e the v, :i: is at conf.ic: is deteaed comparing (b\ aborted, rolled back and redone. In the case of this implies that conflicts are detected ax time fwhen user saves modifications,- The unte modincations can no: be accepted a an opi.irnisuc approach is is rcjeaed. corrLTu: (save) time. A This commi: user only finds out that his is highly undesirable in an interacuve envu"onment. Timestamping ma\ be used execuuon. This however requires to senaiize rules Timestamping does not accommodate re«xecuted v.hene%e: conflicts anst trearmen: of uvi conflicts in categorv 1 that rules be for the special rules. To summar^e: 1. 2. Timestamping is inadequate and inconvenient for Lnieractive transactions. Tunestamping may be used for senakzing category 2 incurred in mainianing timestamps and reexecuting rules. Another limi'^uons to basic Objea Lens would mostly T/0 likely is its assumpnon of one copy of an suppon multiple copies of an Overhead rules. object. Distributed object. 6.7.2^ Optimistic Concurrency Recall thai the basic idea transaction, then validate Certificauon, a other site that wntc it of optimistic concurrency control and commit to an object is it if rejeaed is to always execute a the validation test is satisfied. if any In Distributed later read to the objcCT is validated ai any contains a representative of the object In case of interactive transactions, this means that writes are rejected at commit time if a wme simuJtaneous read environmen:. Disr-.i^u-.ed csr.:::canor. I: rr.ay also be used Tnis scheme IT. ;c resolve occurs This resoi'-e rr.a;. ccnfjc-s bu; '-.. agair. :s is ncor.verjen: and v^-^ '-^ u-.terarvAe ar. ir. conflict of caisgor>- 2 rjies. ur.abie :c reat h-m corilicts of categors- 1 append-only cansaaions. rales as siot cr rr.a> LT.proved ':>e if Lie grar.uianrv' of upxiate is rtduced from objer. to a ar. jie object. TO D:f:e'er.ce ber'A-eer. 3ai:: Given our simple ar.d Dis~.b-:'.ed mterac::ve ransactions Op:urust:c Co.~.rcl are v-r. i-sr^n condiuons is tr.e database system.s mar.\ v. ccr^ ' Cerjjicanon ("Reads or Modifies). Time stamping and Tne optimistic connnl descr.bed above -.nder diesc vanauon to Basic T/0. This observauon here transactions consist of multiple reads and is \».Titcs no: true in of differing obje~s. From, the user control only makes make pom: a of vie>* bOwi approaches look the same. vtorkmg copy of the objea, one in Ho\J.ever, since cptimusnc prmcipie can get access the necessar- changes to resolve any conflicts. to Lhai copy and This idea suggests versions as a svTichronizatirn technique. 6.7.2 J Two-Phase Locking Two-Phase Locking was described earlier in chapter 3 inthe context of distributed daabase Several 'wechmques (prjnary copy 2PL, centraiizad 2PL) were proposed for an systems. environment w.herc several representatives of an object rw and vw* conflicts by blocking read and blocking exist. wnte operations Two-phase locking resolves if a write is occurring, or by a write if a read is occurring. In the context of interactive cransacnons this other user may be able to modif>' it or read ii. means thai if a user is modifying an object no Recall thai interactive transactions may last a -95- long Dcncd of tune frorr. couple of hours (e.g.. a seeing or moc::>uig ar. Tms means i obiec: lor such lor.: that other users penoCi of cases v-here the modli^ca3on^ to an object are independent. Locking works weL cases of dependent modifications. imposes unnecessa." srncmess n.'picaU) block reacers li a m if it ScnalLzabUir>- unnecessary. is is mod:f> operation is is 1 rules vivi unacceptable for senaiizabie k-m \r. it. corilicts be: Two-phase locking that readers be conflicts. ot biocicec however necessar\ not consistent with the modifications currendy being not required for category is being peii'ormcd. This again would prefer V>'c is too strict in allowed to read made an. to the object. Hence locking would be Locking. ho\>.eve:, would be appropnaie to resolve n\ conflicts of category and serialize the execuuon of categorv- 2 rules It the case of indep^enden: uvi conflicts the context of interacnve operations. object even Tr^> tLTie. uoL^d 1 rules. To summarize: 1. 2. Locking is Locking is toe restrictive for most interactive transactions. unnecessary for many executions of category 1 rules. Writes do not need to block other wntes because of the append nature of the writes. 3. Locking is necessary to serialize execution of caiegorv 2 rules. Discussion and Issues Simila'-iT\ In all of Difrerem Locian^ Implemenianons cases the Lens user has to wait manner. The user is if another user notified once the lock is is accessing the object in a conflicting released. The disadvantage of locking is disallowing access to an object for lengthy periods of time. Differences The difference anses availabilit\' in the results in ii greater i.- the improved access tune (because of case where "many copies message overhead. local access) of the object" exist. and increased Replication, however, Deadlock Free Vv'iu". our mods! L-.:srac:i\e transacnor.s there c:' interacTive rrar.saaior.s arc simple objec'w. This is (i.e.. no nsk of deadlock. li Thj> 'c)ecause is do no: involve readLng or modifv'ing more one thar. noi n-ue for automatic nransacuons. GrgrtuJi'-tr. 0^ Lockir.o Tht level res'alt in viiil more conom-ency than locking m Lens m-ay be hierarchical depamnent objects that that Locking granularir.- of Lhe locks affect &it degre« of possible concurrency. object. it we chose i.e.. to. model ihe If so. this wiU result vieumg of embedded This eliminates Lhe need for hierarchical locks. embedded objects. Embedded appropnate soiuuon would be If a user tnes to access a link The request 6.7.2.4 is may student objea a level. Objects contain a in granted if to m less concurrency. We Locking an object all a the indicated earlier when they will not lock accessed. are maintain the granularity of the locking object, he to objects as simple non-nested transactions. objects are locked from an Object Link This raises the question whether locking an object means locking has links to structure, objea ai the the slot at may do no conflicting locks already so in two exist all us A more object level. ai the modes CRead & Modify). on the objea. Version Control This approach (used in representahves together. CAD No systems) resolves conflicts by merging various versions of waits oi" restarts are necessary. Version control is an extension of optimistic concurrency control where the working copies are made accessible as new versions and validation and verificanon are performed by the uaer through merging. system known A B and to date is arc created. The two versions need question capable of providing automatic merging. Let us consider two users concurrently accessing objea "x" in modify mode. "xA" and "x£" is No to be At this point merged into how, when and who merges versions of "x", each version excludes the other users changes. one the Two new thai would be the current version of "x". rwo versions together. The possibilities are: The -9"- • The tw.0 versior:;- more • '•s.ds. Tnt luo need be merged v. her. a user anempis versio.-i are rr.erzed Trus occur? v. ihe \3s\ use: to b;. contro; is ' and sees iha: it comm::. provides no mechajiisrr. to resolve senaiizable Noucc approach the disuncuon between thai in this object instance reprcsenianve and object instance version made i ' her changes made b> one user are dependent on changes made b\ another user uorking concurrently. is tc read ct.^ c^rrer.' \ersior. rreser.'. The disadvancace of version corJiias. lo zx-p'.'.zw \i a lor.r \ersior. historv- of an object is becomes vague. The distmciion going to be mamtained. 6.7.2.5 Proposed Synchronization Technique: Hybrid of Locking and Versioning So ue have far opamisnc concurrency control elirrunatec tL-nestampLne and as suitable synchronizanor. techjuques for mteraaive transactions in Distributed Object Lens. Locking is suitable to avoid senaiizable conflicts but is too harsh and Versior. cor.CTo! has the opposite problem. conflicts. does not guard agains: senaiizable It is We conflicts technique best suitable for Distributed Object Lens inconvemem for version suitable for version conflicts but propose that the synchronization is one combines both version that control and locking. Our hybrid synchronizauon technique uses version exploits explicit locking to resolve serializable control to resolve version conflicts and conflicts in the case modifications in interactive transactions, category 2 rule execution and category 1 the system rules. The locking scheme described whenever a read or write is earlier of dependent rv,' used implicit locking enforced by jjerformed by a user or a rule transaction. locking allows the user to lock an object, so that crucial modifications to be objea with no interference from other the same object would be informed of conflicts of users. its Another user trying Explicit made to concurrently to the modify sutus and would have to wait for the lock to be -9S- Readers however will not be blocked and will be allowed released. comrmrted version uiih an indication that it is to read the latest being modified. Interactive Transactions A user is also provided v-iih amr-de laiSsez-faire new is user may adopted here and concurrent users are aiiowed is own workspace and versions arc broadcast to notified of the use: create a all sites incoming version (e.g. new his latest version. modificanon^. ic version of the objea. At commit have a rcpresentauve of Lhe object. that A by shading the objea form). The concurrent made then decide that irrespective of other changes make A option of modifv'ing the objecrt without locking u. i.version controlj modifN' an object lt their time the ±s The incoming version is Only comrruned modificanons he to Lhe object still wants to ignored and user's version becomes the are seen. uncomrr^ned concurrent modificanons The user may objea. Our adaptadon of version control relies The user is made aware of also view earlier versions of the on the user version conflicts; the to resolve system just detects jxtiennaJ version corilicts and notifies the user of their existence. Modif\ -Mod:f\ Conf.ic: At time user I A opens the form of object representatives of "x" arc notified. t-t-1. He is notified that "x" is being updawd B is the other user's t+2. modif> work (assuming both notified of the arrival of the sent to new All sites carrying At this point commits are authorized users). all sites version. A as the both A User «fe his in modify mcxie AU but decides to go on. the responsibility of the user that The new version V,^2 ^ mode. also modifying object "x". aware of the existence of another modifier. It is m User B opjcns the form of objea "x" represcntanves of "x" are notified that others' existence. "x" sites carrying A is then made B know about each changes B commits his last to changes most ctirrem version of objea might choose ai to ignore this version or merge at "x". time A is compare -99- chances N',.- l' commr.!- her chances objec: ihe a late-^: 1; . i> and merge h:s z'r.zr.z^> t: a: \~: crea;j-.c broadcasted tc z ir.tr appropnatei) rv,c new version Tnis ^',.-j is . Ir. now eiine: case user A the lates; \ersior. of sues una: conain representanves of "x" and installed as ai! version 1'2 Mcsify V V i*2 Figure 6-". Resoivnc Modif>-Modif> ConfiiCT using t*3 Hybnd Implcmentauon Read-Mod:'^ Conflicr Referring to fig~jre 6-", an>' Reads ben>.eer tune read. tha: objer. x" ' Vj^-. A So we have far is B A being modified. a: A may will result in version "V^ being \\ being read but with an indication in user reading object x" bcrwecn times t*2 and t-3 reads ' time t-4 reads version if t a modifv' Vj_^-. is done during a read. Consider the Figure 6-8. in reads object User A not addressed what happens ' x' ai time begins to modif> object "x". and t*2 will also result : use- reading objec: 'x' overlap dcpiaed User reads that occur before time x". ' t. Version V( apjpears User A is in the object form. notified of the fan At time thai another user is i-l user modifying choose to terminate his read untU the new version becomes available or continue the read. view, of object "x". Once the modify is committed at t+2, user A is prompted to to refresh his 100- •^et: 1*2 i-l ^^ V V t R»'rt«h Figure 6-8: Resolving a Read-Modif> CoaLiCt Hybr.d LT.piemenracon usir.g the Automatic Transactions R-^e rar.sa:r:or.s need ".o acqj-s the reaci a.-c uT.tes. Ir. mtcracuve cansacuons we had ihe appropr.ate -c:id ar.t modiy_^ locks bercr; pertcrr^ir.g users are always allowed :o read ne most Consider Locjong ensures categon. Z rules. firs: No senalizable crds: neec for 'ead locks because r.o rec«n: corruTurted version of a object. rv-c r^Is rar.sac::or.5 ma> iha: the ho'.d r^e? are perfcrrned a:orrjcal".> ir. ccr/.icung locks on Lhe same objec:. Confliaing locks are modii>-modi^' and read-modifv-. Category 1 conf:iring. rjles are created slighLy differently. Two category 1 rules OrJy read-modify locks would be allowed append-orJy 'Ante. The resulting versions ntay simply 'oc to are considered sLmul'LaneousIy pjcrform uheir merged. Deadlock In the case of interactive ransactions were sL-nple (i.e., an ass'umpuon • If m objea = we disregarded deadlock because the transacaons only co'uld wnte the suigle object thai was read). the case of automatic transactions. We this rule. The make such Consider the rule task then set taskmanager. count to taskmanager. count and two agents corxurrently applying can not first + 1 agent Tl. reads object reads and writes the taskrr^tager objea Oj. The second agent tl, reads objea O and then O2 and Lhen -101- reac anc u-r/.e 'jie Figure 6-9 iUustrates^ obiec! O. i3s'r:rr.2s\2cer 2 pcssibJe deadlock tha: m2> anse Tl WfOp TI R'O RfO,) t: R.0-' R''C..w,o,i - TZ ReadJocki'O' ReadJock Grar.-.e:: Granjec Tl -Readjock(0,i T: Gramed Grarued Tl - Wnielock(0,) Denied T2 - - 0--i ReidJcx±(0,j WntciockfO,^ Derued Deadlock Figure 6-9; Rule Execution Deadlock We in co'jJd choose an ordered prevcn: deadlocks tc mame:. is such cases by insisting that rules obtain al locks Lock orderjig avoids deadlocks and enforces a senal order execuaon. Another possibiiin.- is deadlocks using timeouts. tc detect halted for a specific period, Lhis rules execuuon need to be rolled is If execution of rules have been an indication of a deadlock. If a deadlock by another rule or a user). Tt\z system should permit the user bcrween interactive read and a rule write to ii has been locked in case of an overlap view the changes made by the rules as soon as they arc committed. Similarly for an overlap of an interactive modify with a rule modifier should be able To summarize, • to access the changes performed by the rule write the user will be Read-Modify Conflict - exposed A reader is he %^ishes always allowed to read. TTie most current A is modifs' as soon as knovvTi to the svstcm. is if \*Tite, the to the following in case of concurrent access. version of the objca it detected, back and reexecuted. In executing rules the latest committed version should be read unless (either is returned. reader is made aware of a concurrent to. -ic:- • Modify -.Modii>' Conflic: cnce he commits merge to rr.ocry :>€Zjs.- accounted for • Locking This ir. his m second modifier a the respons:bU:r. cf each modif.e: v^hsr. :s I; made aware of is modificanons wi^h any version received SLice Tr.-.i r-arar.'.ees 'Jie latest version '-".i: al •c.e\ir.". changes comm;r.td so to :ar are prevent modify -modiiy- conflicts. cases where the modifier feels his changes are an object w-X no: block readers h-^s ob-tc. r:' tr.e Locking may oe expjc:t-\ done - done IS Tne modine: kr.o'AT. :c 's\t s'<steT. IS It - who are always pcrmmcd vital. to Locking read earlier versions. • Locking Ca'^gor> caiegor. Locking - I '. is done impltcti^ rules arc distmg-uished rsLts are treated as b;- ro— . the system when rules are executed. category 2 rjles m that km conflicts m appends and hence need not be blocked User Interface Notificaaon of Lhe existence of another modifier Tnz wser reading A or editmg the form, hence aw is may be done by grev-rig the objea form. are of other modifier. user m^ay be prom.pted to refresh r-s form b> blinking the refresh command on the object form- Adding links to an opened folder (i.e.. an append transacnonj may be done automaucaUy by n the system. Implementation A disiributed Objca Lens enviror-ment wuh mulaple An objea manager each site at each site representatives of objects concrols access to objects ai thai site. maintains Lhe following informanon for each object: • Locked • Be^ng Modified, by or Unlocked. whom and at what site. is assumed. The objea mana.ger ai -IC?- • Being Read. b> and v.norr. \^ha: sue. a: • Times:a.T.r of the late?; ^ersio^. 'uher. in modif\ mode, ioc^ed. a:^e^- is d=la\ed untJ lock is the object :? venfie?. :he object is is to date as tc who Once modifier. nev^ versions commit the The manager sites will beer. rece:\ec installs broadcast to is remove 'user" at If the obiect is it is manager then broadcasts rum will in all managers verifies that the user is list is is is control at implememauon by adding Lnformc^ The object at commit time. Receiving The new version is being locally made. if the objea presented to the requester. automatic objea "x" If the "x". is If is being modified and an object manager being read then the user most 10 objea forms opened for umesiamp generited of modifiers for objea "x". The informauon maintained by each objea manager since a user will have no and interacnvely merge the rwo together. manager checks modif>'ing an objca that up of a neu notif>' local users objca manager to other are kept sues that contain representatives of objca "x". 'sue" from the Tne being modified. new version has been received, explicitly received \e-sion shaded form of the object Concurrency by another user his changes, the the latest version of object a note of the else They If Object Mar.ager "x'\ so thai other object as a nev. versio.-! uith a global t^i.. Similarly for a read, the object someone If a object Object Manager. If not, Lhe reiease<l. ' to the version will include changes present in the received version. will be installed as modified commit The user may then time. The version modifNtne Lhr object. is the user decides to have commined modif>-mg object is is made is presented with an indicauon that hence aware of the oLher modifiers sites Lha: 'user" a: 'sne' at is a requcs: accessed (read or modif> \xir.: being modifjec. the object user uas created accessed V^lier. ar. object l'" it transactions the following fearures: is is can workstation be so a aware that made aware of thai. for concurrency purposes ai his if a: integraicd is not large any one time. into our hybrid c lu- • L'sxz LTiplici: iockir.g tc force ihe scnaiLzaiior. • Deadio:>; avcidar.ce of rjie. preorderme locks. ?;. • Usir.c -ne latest corr„-Ti:r.ed version of ihe oojec: for reads Grar.uianr\ of Locking res'kilts is m Lcct_L.". bes performed ;ih the concurrenc) concrol decreased granuian?.- Locking overhead jO locks. 1 to the field level lock table maontenanc*. in Moreover, since a large dczrez of performed bv version conrol, the unproved concurrency due not consideraoie enough tc to justify the cos*^ Co^^ Lockine IS The choice performed using the prunar. copy approach. impiementanon. pnmaiy is a large ten fields requL-es a is Reducing the granulanry the object level at improved concurrcncv but incurs Locking 10 objects u P^JT.ar^ rjie execution. l'^. copy. The cop> c: the object a: the creator's site Locking requests are direaed to of the object. For locked objects, from there the pnrr-ary to all other this is efficient geared by ease of would be designated Lock site. detected there and relayed back tc the requesting objea manager. the pnmarv- site and then propagated is Updates as the conflicts arc are directed tc sues that contain representatives since the update is sent wiih the lock release request- In case of version control, updates arc propagated distnbutedly to the relevant more appropri ate not To summarize, to have sites. It is a centra] controller in the laissez-faire case. our proposed hybrid locking and version control scheme accommodates both interactive and automatic transactions. his modifications are important or versions of an objea even if Objects by an executing another user is nuy rule. be locked by the user if he feels Users are always able to read old concurrently modifying the object or if the -105- obiec: use: i? locked Rules SL-e no; able tc read ar. objec: l^ i: is locked by anoihe: rjle or b\ ihe -106- Chapter 7 Conclusion 7.1 Summary Wc have of Work in ihe earlier chapters examined :he vanous approaches to building Distributed Object Lens. The four mair issaes ue s^ere concerned with were: • Disr:bu;ed Object Lens .-Vrcr-tecr-rs • Creation of Share:! 0?jec'^ • Protecuon of Shared Objects • Concurrency Conrro! and Upxlaie Propagaiion For each of these issues will then present our we ir. Disnbuted Object Lens l". DisL-.buied Object Lens in Distributed Object Lens will present the alternatives recommendations and summarize the tradeoffs. V»'e ihe best option for Distributed Object Lens. Distributed Object Lens Architecture The three options we examined were: L Message-Based System The 2. CcntraLized System 3. Distributed System rr^s sage -based system described an objea Lens's extensive use of messages. However, u a system-assisted update result in an initiation fails to scheme thai fits well with Objea be comprehensive enough to support propagauon and concurrency control scheme. The system might unaccountable number of object copies being present. 1C-- The centralized opnor. scheme SLTipier rS.t resoiunor. concurrency conrrol scheme another Tne le c Our scheme assumes lockinc or scheme p>erformance that centra] site paradigm. still we decided the or. car. i. crainonai proposed hybnd scheme of locking anc the obiec; exits Ln some state or Ln fact. Lhe equivalent with respect to our proposed concurrencv is disnbuted option with pnmarv' copy update. the tc if amestampmg). The concurrency scheme mos: more than one cop\ of that "centralized with caching" option control valid only Tnis leaves us with the centralized with caching opuon. one time. a: . first clarr: is Objen Lens was suuabie for Disr:bj:ed versions. because of us SLTiple: concurrency conro! scheme and arn-2r::'>e is Despite the unproved be attained r> caching, the bottJeneck imposed on the system b\ Tne exists. centralized cached approach implies a central rule resolution Ail roles are resolved m Note, however that e%en t-ne the at the central site, and the objects that match centralized case, pnvate objects are located are reromed. at the local worksatation. hence any rules that consider shared as well as private objects need to be applied at the lozzl wcrkstanon for the personal objects and distributed approach the due to ai the central site for shared objects. Much of the comp!ex!t% scheme and com.piex in Lhe rule resolution somewhat concurrency scheme is distnbuted approach. The scheme. the same rule resolution a large overhead As mentioned for the complex concurrency earlier performance of the centralized with caching paradigm on the other hand objects are distributed over the system. problem but introduce is is and the complex because Fully redundant replication will eliminate this to propagate updates and a large increase in the amount of memorv- space needed. We have eliminated concurrency control as a key consideration in deciding between the "central with caching" arc rule resolution and the "distributed approach". The key considerations and contenuon. Rule resolution may that remain be simplified in the distributed -lOS- approach memon. if we cor.s:der ihe space to store To summanze. i".e a: fuJJ>' redundant case. each v.orks:ai:on 2I'. The fully redundant case requires more objects used whether personal or shared. k?> issues m. c.sz\d-^s berv-eer. tr.e isrr.buted and cenralized approach are: Csr.~2us.td Disinbited Arrroach cac: 'A :-"! BorJeneck No Simple Rule Resolution Complex Rale Resoluuon Simplified in FuUy Redundant Case contention a: central sue Tradeoff between <complex rule resolution> and <lncreased memor> Space and Lncrtased Locking and L'?ca;e Prorasatior. Overheads Creation of Shared Objects We proposed two ways of making an object shared. The ongmaior can: insen a reference to 1. 2. insert a link to We concluded esscnual to it it in a in a shared object. Lha: Distributed initiate Mail Message. Object Lens -ttdtd. sharing of a parent objea. objeas. Protection of Shared Objects The two options we examined were; 1. Capability -Based System 2. Access Control List Svstem to supper. boLh methods. T^e second was Tne first was narural for sharing of child -lOt- The proposed scheme Hsbnc • A is. Capab^;r\ -based anc Access Cona-o! Lisi c: capability -based protecxior. mecharusrr. Object Lens is a uzt.t: -or.sr.-.tz s>s:err. ids) to objects before they objea unique object id Capability -based An with SN'stetr. access control has pitfalls its list s\sierr. the sense that users can access them. relevant the ir. the namraJ choice for Distributed is It indicating fields uould mean a We to use access control lists in a restrictive propose based s}.-stem. ir. TTie overhead incurred here size of the list read, write would be too long the unique would be Tlie rescr,cti\e list objea would be manner 2. Basic Timestamping 3. Distributed Certificauon 4. Version Control access. in maintaining lists for to if suppon if the capabilir.-- they have the correct they are not restnaed by the list. permissive case mainly because of the usemame Concurrency Control and Update Propagation Simple Two-Phase Locking and easier to maintain. specifv auLhorj^d users' attributes. 1. id less thar. the creator by indicating auLTonzed users b\ The four options examined were: and delete to maintain. T>J3 hybrid s>stem allows users access tc objects access rights as indicated have links (unique thus reasonable to augment the tremendous overhead A Lis: to Lens. (uncontroUcd access, rcvocarion of access). each object. permissive is need Objea The list is specified by the or by formulating a set of rules that -110- The proposed scheme • Users Hybr.w o:' lock^-.: ar.d '.ersior. ;or.ro! LT Distributed Object Lcr.s L-/^rarj'. Two-Phise Locking object. is; Tr^s mear^ resolves corilicts by tr.a: the Basic Timestamping scores The user :s notif.ed that hjs vi,orse s;r.:e work mignt Such to tr.e at long pcnocs most one user a: a o: time. time to wait (perhaps for a long tme). use: is res'ul: in a i:rir.endl_-.ess modify an Locking is not aware of other concurren: users. coriiict and thus rejcr.ed would no: be v. hen he is tolerated by an Object user. Distributed Certification scores badly the aiiowmg second user his ready to commit the changes. Lens ei> ed;: objects for Timestampmg approach. It is a: as well. com-m:: The user tme faces the same urir.endimess as that a user's mocjifications are rejected because of a coniiict. Version control's to make then mam artractiveness is its laissez-farr att:njde. modificaiior^s and hence creaie versions can be then merged to create the new new Concurrent users are free accessible versions of Lhe objea. These scheme however fails to -jrrent object. This resolve senaiizable corilicts imodificauons that are dependent on a concurrent users' work). We hence proposed a hybrid scheme version control. Explicit locking is thai com.bines locking (explicit), notificaaon provided for serializab'.e contlicts. responsibility to assess his changes as vital and hence lock the is It objea making it and the user's inaccessible -into cLneri 1:' oner: tr,e aireac\ locked, iher. oLner users No:j"ica::or. to the object are yr.il environrr.en: is Trj> m^cificauor. tc de:£rrr.:r.t ar.v u ams rr.:zh: it.z: ha\e Lhia: changes made lead to informal communicatior. berwecn ihe users At comrru; time, the user beer. r^:f.\td. since the user 7.2 The Proposed Distributed Object Lens We choose tc trusiLng users of o*-hcr concurren: users in Lhe laissez-faire possibilirv- of cor_f.icis. any pending \ersions w. ai:. began his is prompted to merge work. descr.^e uie disrributed approach to implementing Distributed Object Lens because of Lhe genera:;:> cf the solution. caching' approach. Tne system »• I -» I '. e " c ' Zitz: re-;e' 1 is depicted A in speciaj case of this is Figure 7-1. werkfttnor r the 'centralized wiLh . -ii:- Lidicatirig the o-Jne: iocatior.s of rep:essn:a:;ves of shared objects stored Io:a]I>. needed to er.sure 'j-.a; prora£a;ed b^ the 5::e -pdaies are propagated to those sites uhere the jrdate occurs u^ • Trar.slatior. table the ids L'-.temai r.eu m case or :s versions) aie Distr.b'jted jrda'.e rro'oatatior. case of version cono-oi anc pnmar>- copy iocking and upxdaie Tne Object Mar.age: Updates Tn:s is used ir. iocKng. have the foliowir.g duaes: of the system wide ids generated by the objea manager and Lndicating the physical location of the objea in memory generated by the local object ser.er. • A list of all objects currently being • A lis: of all locked objects. • A list of an> received versions of objects bei-.g viewed. • .A • Tne capabilirv- to reduce access the local modes of an w orkstauon. Tnese need to 'This ciuJog could be ^Agaic such object given the system, wide id. Maintain restrictive access control of change at catalog of local snared objects and their ouher sites- objea • viewed be replicated mainumed a hst could be ai each centrally for lists site all maiDiained centrally for shared objects where objcc: to a copy at the local site. o: the object exists". maaagen mminuze on space used aod updaii propa^anoo is case -115- 7.3 Direction of Future \\ork Vv'e f:e'. Lha: quest for ir. o-oi ar. obje:; sharing light or. the relevant fearures that influence the scheme for Object Lcr.s v-e have shed some design of a concurrency concoi scneme ir. an object-onenied h>-penext system that incorporates both user-driven long transactions and Our scheme shor. lived automati: rransactionv differs allows for rephca5 and versions of an object to exist. We most recent version of an object. the potenuaJ conf.ict and lease versions together system using a It is that it also pwrmits a user to always viev. it enough is to warn the user of a to explore the possibilities of automauc merging by the of rules. sp)ecific set character.s::c It earlier in that user to resolve the conflia by merging relevant the to wonhwhile is Initiating sharing using mail This it propose from those proposed messages is another feature not common in hypenext systems of our systerr. because of us integration with an clecn-omc system. Protecting object.'^ commuTury. sharing is \^'e is feel ar. issue that thus has not been seriously addressed in the h\-penext that is important in a distributed environment where object possible. Out examination of object sharing collaboranve applications requirements for some which in Objea Lens have transactions less reveals a class of infomiarion shanng and stringent concurrency and objects they support and We consistency identified transactions as long interactive transactions thai involve editing object forms. users in such applications need not see consistent copies of the aware of the existence of other versions. Moreover, a user's objea role has those Multiple as long as they are expanded to include also suppon shon automatic transactions thai rcquu-e to see consistent copies of the objea. Concurrency explicit merging of different versions. These applications need to . conn"ol cor.trr! IS much more rcr one s~j-.geri: c! set a less to case this ~ar.5ac;ions concurrency conroi scnemes Tne bcnents of m or I: another, accomjnodate not sufncient to provide concurrency but rather ix)th ry-pcs Oiir svstem must oro\'.de of transacnons. stringent consistency and conc,irrency requirements Lndicate that work applicaiicns should future cooperat'.' e is aliovi. uorkgroups to choose berue«n snc: concTirrency conrol provided by lockir.g and more flexible concurrency control provided by version merging. This work has m prcsenor.g recommending schemes for object out m.an> of the implementation details. left the design space for D;str.b-ted Object Lens and m It was successful creation, object protecuon. concurrency concrol and ujxiaie propagation. Tne mie these schemes is Lens prototype Depending on the choice of a pla'Jorm for Object Lens a foUowmg • l-. tr.e nee-ds to be Objea actual implem.entation c: the EXsrnbuted Object performed l". the foUowmg area test more detailed analysis of d-urj~.g the of Lhe implementation phase: Deletion. • Distributed vs. Prur.ary outlLied a disnbuted copy update opuon whuch li the case of version control. We have co'uld suTiply be specialized to Lhe prjr.ary copy option. • Rule resolution. • Recovery-. • Version management. ^ The pjower of coopcrarive work applicauons shanng. We hope thai Lhe first prototype of imponance of scmifonnal systems information. is only realized with the availability of object Disributed Object Lens would to acbueve sharing of scmistnictured illustrate the knowledge and -115- References [Bcrcnson 89] Rjchard Berenson. Opiec: Lens Archutecrure. Jar.ja.-}. I9i-r. Internal [BsmsieLT. 80] Lens Group Memorandum. P. A BemsteL-, and N Goodman. Concurrencv Cono-o! n a System for Ehstributed Databases (SDD-1). ACM Transaction on Daiaoase Systems March, 1980. , [Bcmsicin 81] Philip Bemstem and Nathan Goodman. Concurren:> Ccnrol l-. Distributed Database Systems. ACM : Compunne Sur\e\s June, 1981. , [Bobrou 86] Darjel Bo'rrou and Mark Stefi; Object Onented ProcrammLng: Themes and V'aiiauons. AJ Magazine (Carey 8Sa] . V*'in*t£r, 19S6. Mjcheal Cajs> and Muon Li\Tiy. Distributed Concurrency Control Performance: A Suidy of Algonthms, Distribution, and Replication. Proceedings of the 1-itr. VLDB Conference 1988. . [Carey 8Sb] , Mjcheal Care> and Miron Liveny Distnouted Concurrency Control Performance: A study of Algonthms, Distribution, and Replicauon. Proceedings of the 14th \ er\ Large DataBase Conference September. ^ , 1988. [Ccn 84] Stefano Cen and Giuseppe Computer Science Series. Pelagani. Distribmed Database: Principles and S\sterr.s. McGrau-HiU Book Company. [Cohen 88] 1984. Cohen. Dilip A. Soni. Raimund Gluecker. William M. Hasling. Robert V»'. Schwanke and Micheal E. Wagner. Version Management in Gs'psy. Proceedings of the ACM Software Engineering Symposium on Praaical Software Development Environmerus November, 1988. Ellis S. , [Conklir 87] Jeff Conklin. H>T>cnext: An Introduction and Survey. JEEE Computer September, 1987. , [Coulouris 88] George Coulouris and Jean DoUimorc. Inierruitional Compuier Science Series: Disrribuied Systems, Concepts and Designs. Addison-Wcsley Publishing Company, 1988. -116- [Decouchant S6] D DecoL chant. Disinbuted Manags: for the SmaIltalk-80 Svsterr. 86 September. 1986. Des:£m of a OOPSLA [Dclisle 86] Norman . Deltsle and Contexts Mayer Schwann A Paniuoning Concept - for Hv-pertext. Compuier- Supported Cooperative Procee:iir.is o' the Conference on V^'ork.ACM .DtambcT. 1986. [Dcmers S8j A. I>mers. H. Snirgis. D Greene. C Hause. W. Ir.s'-. D Sutnehar and D. Terr.. Epidemic AJgonthms for D H Larson. S Shenker. Rephcared Daubase Maintenance. AC.y Operating Systerns Review [Fishman S"j J, , January-, 1988 D Beech. H.P. Caie. C. Chou. T. Connors. J.W Dav.s. Hoch, W. Kent. P. L>Tigbaek.. B. Mahbod, A. Neunat. T..A Ryar. and M.C. Shan. Ir.s. An Objeci-Oncnted Datai;ase Management System. ACM Transa::::n on Ofnce Irfcrr'Jinon Systems Janua.-> 1987. Fishmar.. CG N. Dcrrer.. . [Grant S"] K Gran:. K Y. La:. T.W. Malone, R. Roa and . D. Rosenbhtt. Semjsc-jcn:red Messages arc Surpnsingly Useful for Computer- Suppor.ed Coordmanon. Transactions of Office Informav.on Systems ACM [GrefS'] Ro'Der: W October, 1987. , Gref. Disr^buted Database Systems: A Comcar^on ber^een ORACLE and INGRES Master's thesis. Massachuser.s Instimte of Technology. May, 1987. [GreL'88] Irene Greif, Leonard Kawell. Steven Beckhardt, Ra>mond TLmoihy HaJvorscn and Ozzte. Management Group Communication Second Conference of Compuxer-Supponed Replicatec Document Proceedings of the Cooperative Work, [Ha^S:] L.M. Haas ACM , ir a System.. September. 1988. et al. R* A Research Project on Distributed Relational DBMS. Data Base Engineering Oaobcr, 1982. : . [Hormck 87] Marie A Hormck and Stanley Zdonick. Shared, Segmented ACM Transacnon on [KohierSl] for an Object-Oriented Informanon Systems , : Database January, 1987. Walter Kohier. A Survey of Techniques for Synchronization and Recovery Decentralized Computer Systems. Compunng Surveys June, 1981. ACM [La: 88] Memory System Office in , K. Y. Lai, Thomas MaJone and Keh-Chiang Yu. Object Lens: A Spreadsheet for Coopcranve Work. Transactions on Office Infonrjjiion Systems October. 1988. ACM , , -ir- [Lampcr "8j L La-T-pon. Tun?. Clocks and ihe Ordenng of Events in Communis. u:<ons of me ACM jui> 197a. [Lee 8S] a Dismbuted Sysiem. . , ar.d Tr.0rr.a5 MaJone. Groups Communjcate VMien They Use Differen: Languages P'-oceedims of the Conference or. Office Inforrruinon S\siems March. ^ Jntae Lee Hou Car. , 198S. [Majer S"] [MaJone 89] David Ma:er and Jacob Stein. De\e.pomen'. and LmpicmenLaiJon of an Objea-Qneniec DBMS. Research Direcuon in Objea-Orieraed Programming. MIT Press September. 19S7. Tnomas Maione. Keh-Chiang Yu and AddL-e Sermfonr.i! Strucrure Suommed [Neuhold SZ] E :: , Jintae Lee. to Hypertext. ACM Hypertext Conference I9S9 , Noven^ber, 1989. Neuhoid and B. Walter. OverMev, of the .Ajchitecture of the Disnibuted Daiabase System As. J. POREL. Dismbuted Databases. H.J Schneider, [Porter 88] Harr> A H Poner. Earl F. ed. North Hollar 1982. , Ecklund. T. Anderson and Bruce Schneider. Dis^-.buted Objec: Server. 2nd Conference on Object-Oriemed Database Systems , S .ptembcr. 1988. [Purdy 87] [Reed "8] Alan Purdy and Bruce Schuchaidt. Lntegraang an Object Se\e: with Other Worlds. ACM Transaction on Office Informanon Systems D. P. , January . 1987. Reed and Synchronizar.on in a Decentralized Computer System. thesis, Massachusens Instimie of Technology September, 19''8. .Vj'^;'!^ P.-JD [Reps 88] , Thomas Reps et. al. Suppon for Iniegranng Program V'anants in an Environment for Programming in the Large. Imerrujtioruil Workshop on Sofrv^are Version and Configuration Conirol .January, 1988. [Rowc 86] LawTcnce Rowc. A Shared Objea Hierarchy. 1986 ACM -IEEE Iruemationa! Workshop on Objea-Oriented Database Systems 1986. In Proceedings of the , [Saltzer 75] Jerome Saltzer and ?viichea] Schrocder. Tne Protecuon of Lnformahon in Computer Systems. Proceedings of the IEEE September. 1975. , -IIS- fSinha ^5] M Siiiha. P Nanadika: and S. Mebndirana Timesiamp Based Cenification Schemes for Transaciions Database Sysiems. Proeedings of ACM SIGMOD Conference [Stonebraker 79] M R. , in Distributed in Distributed May, 1985. Stonebraker. Concurrencv Control and Consisiencv of Multiple Copies LNGRES IEEE Transjcnons on i^Stonebraker 86] Sofr^'are Engineering May, 19''9. Micheal Stonebraker and Lawxence Rowe. The Design of POSTGRES. In Proceedings of the 1986 ACM-SIGMOND on Management of Data [Tnomas "9] . . Iniernanorml Conference 1986. Robcn TTiomas. A Majcnry Consensus .Approach to Concurrency Control for Multiple Copy Databases ACM [Trigg 86] Transactions on Database Systems . June, 1979. RandaT H Tngg. Lucy A. Suchman and Frank G. Halasz. Supporong Coliaborauon in Notecards. Proceedmes of the Conference on Computer-Supported Cooperative Wo-k. ACM December, 1986. . ii3lS ?.b. Date Due Lib-26-67 mi 3 TDflD LIBRARIES DUCl 0D7D1S73 5