Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Data Management

BranchCache Security Guide

BranchCache Security Guide
Microsoft Corporation
Published: September, 2009
Abstract
This document provides guidance to help organizations understand and manage the
security of the Microsoft® BranchCache™ feature introduced in Microsoft Windows
Server® 2008 R2 and Microsoft Windows® 7.
The information contained in this document represents the current view of
Microsoft Corporation on the issues discussed as of the date of publication. Because
Microsoft must respond to changing market conditions, it should not be interpreted
to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the
accuracy of any information presented after the date of publication.
This White Paper is for informational purposes only. MICROSOFT MAKES NO
WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN
THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user.
Microsoft may have patents, patent applications, trademarks, copyrights, or other
intellectual property rights covering subject matter in this document. Except as
expressly provided in any written license agreement from Microsoft, the furnishing
of this document does not give you any license to these patents, trademarks,
copyrights, or other intellectual property.
Unless otherwise noted, the example companies, organizations, products, domain
names, e-mail addresses, logos, people, places, and events depicted herein are
fictitious, and no association with any real company, organization, product, domain
name, e-mail address, logo, person, place, or event is intended or should be inferred.
Your right to copy this documentation is limited by copyright law and the terms of
the software license agreement. As the software licensee, you may make a
reasonable number of copies or printouts for your own use. Making unauthorized
copies, adaptations, compilations, or derivative works for commercial distribution is
prohibited and constitutes a punishable violation of the law.
© 2009 Microsoft Corporation. All rights reserved.
Microsoft, Active Directory, Windows, Windows NT, and Windows Server are either
registered trademarks or trademarks of Microsoft Corporation in the United States
and/or other countries.
All other trademarks are property of their respective owners.
Contents
BranchCache Security Guide .................................................................................................................. 1
Contents......................................................................................................................................................... 3
BranchCache Overview ............................................................................................................................ 5
BranchCache Terminology .................................................................................................................. 6
Distributed Cache Mode Security .......................................................................................................... 7
Hosted Cache Mode Security ................................................................................................................. 8
BranchCache Security............................................................................................................................... 8
Request Content ..................................................................................................................................... 9
Locate Content ..................................................................................................................................... 11
Retrieve Content .................................................................................................................................. 13
Cache Content ...................................................................................................................................... 15
Security of Cached Data ........................................................................................................................ 18
Client ........................................................................................................................................................ 18
Hosted Cache ....................................................................................................................................... 19
Summary .................................................................................................................................................... 19
Glossary ...................................................................................................................................................... 20
BranchCache Overview
Microsoft BranchCache is designed to reduce traffic on wide area network (WAN)
links and provide users in branch offices with a better experience when accessing
remote resources. In BranchCache-enabled environments, a copy of data retrieved
from a content server over a WAN link is cached in the branch. Subsequent client
requests for the same data are fulfilled from the branch cache, reducing traffic on
slower and more expensive WAN links and increasing application responsiveness
on the client.
BranchCache optimizes traffic flow between Windows Server 2008 R2 servers and
BranchCache-enabled clients; Windows Server 2008 R2 servers and computers
running Windows 7 can be configured as BranchCache clients. BranchCache is
transparent to existing authentication or authorization solutions. Existing protocols
encapsulate the BranchCache protocol, preserving the security of existing
authentication and authorization mechanisms, including Secure Sockets Layer (SSL)
and Transport Layer Security (TLS), Server Message Block (SMB) signing, and
Internet Protocol Security (IPSec). BranchCache reduces network bandwidth
utilization and improves application performance even with encrypted content.
BranchCache operates in one of two modes:


Distributed Cache: In Distributed Cache mode, BranchCache-enabled
clients cache copies of files downloaded from content servers across the
WAN and send them directly to other clients when requested. Distributed
Cache mode is especially beneficial for branch offices that do not have a local
server.
Hosted Cache: In Hosted Cache mode, a Windows Server 2008 R2 server,
known as the Hosted Cache, acts as the host for the cached content.
BranchCache-enabled clients cache data that they have requested and
downloaded from content servers locally and use the Hosted Cache to
retrieve data that is not available from their own local cache. Clients know
the identity of the Hosted Cache and retrieve data from the Hosted Cache.
For data not available from the Hosted Cache, the client downloads the data
from the content server and offers it for caching to the Hosted Cache. Hosted
Cache mode is beneficial in organizations that want to audit access to
content in the local cache, or larger branch offices that have local servers.
Figure 1: BranchCache Hosted and Distributed cache modes
BranchCache improves the performance of applications that use one of the following
protocols:



Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol Secure
(HTTPS). The protocols that Web browsers and many other applications
(such as Microsoft Internet Explorer®, Microsoft Windows Media Player®,
and more) use.
Server Message Block (SMB), including signed SMB traffic. SMB is the
protocol used for shared folders on Windows networks.
Background Intelligent Transfer Service (BITS). BITS is used to transfer files
asynchronously between a client and a server. BITS is the protocol that
System Center Configuration manager (SCCM) and Windows Server Update
Services (WSUS) use.
BranchCache Terminology
Before describing BranchCache functionality, security, and the protocols and
processes used in caching and transferring data, some commonly used terms will be
defined.
Client: A computer running Windows 7 Enterprise or Windows 7 Ultimate or a
Windows Server 2008 R2 server that wants to access content from a content
server.
Content: Data that an application wants to access. Examples of content include
Web pages and documents stored on either Web servers or file servers that
support HTTP, HTTPS, or SMB transfers.
Content metadata: Data that identifies the content and is used to help secure it.
Content metadata consists of the Segment Identifier, Segment Secret, and
Segment Hash of Data.
Content server: A content server is the original server that a client contacts to
obtain either the hashes of the content or the actual content when it is not
available within BranchCache. The content server must be a Windows Server
2008 R2 server.
A complete glossary is provided at the end of this document.
For more information about BranchCache see “BranchCache Technical Overview”.
Distributed Cache Mode Security
Clients that operate in Distributed Cache mode require very little configuration.
Administrators must enable BranchCache and configure the client to operate in
Distributed Cache mode. Additional configurations such as the size and location of
the cache can be made but are not required for BranchCache to function securely.
BranchCache in Distributed Cache mode is configured in one of three ways:



Local computer policy: Suitable for very small deployments.
Group Policy: Uses built-in Microsoft Active Directory® (ADMX) templates
to configure domain-based clients.
Netsh: Command-line configuration tool.
In Distributed Cache Mode, BranchCache uses the HTTP protocol for data transfer
between client computers, and the WS-Discovery protocol for cached content
discovery. The client firewall must be configured to allow HTTP and WS-Discovery
traffic on computers that use Distributed Cache mode.
Hosted Cache mode and Distributed Cache mode are mutually exclusive. A client
computer can be configured to use only a single caching mode at a time.
Hosted Cache Mode Security
In Hosted Cache mode, the server designated as the Hosted Cache is configured with
a number of features designed to help ensure the security of the content and the
metadata.
To protect the content metadata in transit and to support authentication, Hosted
Cache mode uses HTTPS. The Hosted Cache server must be provisioned with a
certificate that is trusted by clients and is suitable for server authentication. It may
be necessary to distribute this certificate to client computers if it does not chain to a
root certificate that is already trusted. Clients operating in Hosted Cache mode must
be configured to allow incoming HTTP traffic from the Hosted Cache server.
BranchCache Security
BranchCache implements a secure by design approach that works seamlessly
alongside the existing network security architectures deployed in an enterprise,
without the requirement of additional equipment or complex configuration.
BranchCache is easily managed by using existing systems management technology;
for example, you can enable BranchCache on client computers by using Group
Policy.
BranchCache accelerates delivery of encrypted content such as when using HTTPS
and IPSec and at the same time ensures authorization of users by the original server.
When you enable BranchCache, the security architectures and systems specifically
designed for your environment will continue to work as is; nothing different is
needed to support BranchCache. Authentication is still performed using domain
credentials. Authorization using Access Control Lists (ACLs) is respected, and other
configurations continue to function just as they did before BranchCache was
enabled.
The BranchCache security model is based on the exchange of metadata using the
original protocol (HTTP, HTTPS, or SMB). This metadata takes the place of the
original content in that protocol exchange.
BranchCache metadata takes the form of a series of hashes. The values of the hashes
depend on:

The data itself.

Configuration parameters, such as the hashing algorithm and block size.

A server secret.
In a BranchCache-enabled environment, this metadata is treated with the same
degree of security as the data itself.
BranchCache uses the Peer Content Caching and Retrieval Framework protocols to
implement the processes required to ensure the secure caching and retrieval of data
between content caches.
The flow of metadata and data in BranchCache-enabled environments can be
divided into four distinct phases:
1.
2.
3.
4.
Request Content
Locate Content
Retrieve Content
Cache Content
The following sections describe these phases.
Request Content
In the first phase, the client requests content, such as a file or a Web page, from a
server in a remote location. The server verifies that the client is authorized to
receive the requested data. If the client is authorized and both content server and
client are BranchCache-enabled, the content server generates content metadata.
Using the content metadata enables the client to identify and retrieve data from
within the branch, rather than over the WAN link.
Figure 2: Request Content
To generate content metadata, the content server divides the content into segments
and subdivides those segments into blocks. BranchCache uses secure cryptographic
hashes to identify and verify each block and segment, supporting the SHA256 hash
algorithm.
The content server sends the metadata on the same channel as would have been
used for the data; as a result, the wire-level security guarantees of the data and the
content metadata are identical. Additionally, all content servers must be configured
with a binary secret value of arbitrary length, known as a Server Secret (Ks), to
ensure that clients do not have the ability to generate the content metadata. This
prevents clients from using brute force attacks to guess minor changes in content
across versions in situations in which the client had access to a previous version but
does not have access to the current version.
The Server Secret is used as a key to derive the Segment Secrets that are used to
secure communications between the Hosted Cache and the peers.
The content metadata includes the following:

The Block Hash List: The list of hashed data blocks.

The Hash of Data (HoD): Generated by hashing the Block Hash List.
o
o

BlockHashi = Hash(dataBlocki) 1<=i<=n
HoD = Hash(BlockHashList)
Segment Secret (Kp): A content-specific hash that is sent to authorized
clients. Applying a hashing algorithm to the combined Server Secret and the
Hash of Data generates this hash.
o Kp = HMAC(Ks, HoD)
After the initial portion of content information, “HoD + Kp”, has been received, the
client performs the following actions:


Uses the Segment Secret (Kp) as the encryption key (Ke).
Generates the Segment ID (HoHoDk) from the HoD and Kp as follows:
o HoHoDk = HMAC(Kp, HoD + C), where C is the ASCII string
“MS_P2P_CACHING” with NUL terminator.
The client uses the Segment ID to locate the requested content in the local cache,
whether that cache is distributed between clients or the Hosted Cache. If the client
cannot locate the requested content on the local network, it returns to the server
and requests a download, which is then added to the branch cache.
The primary threat at this layer is the risk to the Segment Secret. BranchCache
encrypts content data blocks sent in messages by using the encryption key derived
from the Segment Secret of the content segment within which the content blocks are
contained. This approach ensures that an entity that is not in possession of the
Server Secret used to derive the Segment Secret cannot discover the actual data in a
data block. The Segment Secret must be treated with the same degree of security as
the plaintext segment itself, because knowledge of the Segment Secret for a given
segment enables an entity to obtain the segment from peers and then decrypt it.
Knowledge of the Server Secret does not immediately yield any particular plaintext
but can be used to derive certain types of data from the cipher text and then to
possibly expose some partially known data to a brute-force guessing attack. The
Server Secret, therefore, should be kept confidential.
Locate Content
After the content metadata for the data that the client is requesting has been
received, the client attempts to locate the data in the branch cache. In a Hosted
Cache environment, the client is configured with the Fully Qualified Domain Name
(FQDN) of the server hosting the cache and makes a direct connection to that server
to retrieve the data. In Distributed Cache mode, however, the data may be stored
across multiple caches on multiple peers. The client must discover where the data is
located before it can be retrieved.
The Discovery process is shown in the diagram below:
Figure 3: Locating Data in Distributed Cache Mode
In BranchCache Distributed cache mode, clients locate data by using a discovery
protocol based on the Web Services Dynamic Discovery (WS-Discovery) protocol.
Clients send WS-Discovery multicast Probe messages to discover cached content
over the network. Probe messages include the Segment ID, which enables clients to
check whether the requested content matches the content stored in their cache.
Clients reply to the querying client with unicast Probe-Match messages if the
Segment ID matches one that is cached locally.
The WS-Discovery process depends on the fact that the client requesting the
discovery has the appropriate content metadata, as provided by the content server,
for the content that it is requesting. The clients answering the request need to have
a content cache that they can check to determine whether they have the requested
content stored locally in order to answer a query. In either case, the client cannot
participate in the protocol if it is configured to interact with a Hosted Cache rather
than other clients.
Security Threats
The main threat to data during the Request Data phase is information disclosure,
because access to the content metadata implies authorized access to data. To
mitigate this risk, the discovery process does not reveal the content metadata, apart
from the Segment ID, a label that reveals nothing about the plaintext segment.
Unavailable Data
When the requested data is not found in the branch, the client must request it
directly from the content server across the WAN link.
After the data is received, it is added to the local cache. In this case, the metadata
prevents a client from adding to the local cache any data that does not match the
hashes. The process of verifying content by matching hashes ensures that only valid
data is added to the cache, and the integrity of the local cache is protected.
Retrieve Content
Clients within a BranchCache-enabled environment retrieve content in one of two
ways, depending on whether they are in Distributed Cache mode, retrieving content
from each other, or Hosted Cache mode, retrieving it from only a single
preconfigured server. In Distributed Cache mode, a client uses the Discovery
protocol (see “Locate Content” earlier in this guide) to locate clients who have the
desired content and then initiates exchanges with the discovered clients to obtain
the content. In Hosted Cache mode, a client directly initiates exchanges with the
Hosted Cache to obtain the desired content.
A client retrieving data must have the content metadata (see “Request Content”
earlier in this guide) for the block ranges and segments that it is interested in
retrieving from the cache.


The content metadata contains all of the relevant information necessary for
discovering and verifying the content blocks.
The encryption algorithm that the client or the hosted cache uses to encrypt
the content must be known by the client. In Windows 7, the only supported
encryption algorithm is AES-128.
The client sends a MSG_GETBLKS request to the server for the first block that it
requires. The MSG_GETBLKS request contains the Segment ID and block range that
identify the desired content. Because only one block will be returned, the block
range contains only a single block. (Requests for multiple blocks are currently not
supported.) The client also stores the request in the Outstanding Request List .
Upon receiving a valid MSG_GETBLKS request message from a client, the server
must check whether the block specified in the request exists in the server’s Content
Cache. If it does, then the server sends a MSG_BLK response containing the Segment
ID, the Block ID, the encrypted data block, and the initialization vector used for
encrypting the block. Otherwise, the server sends an empty MSG_BLK, in order to let
the client know that it does not have the requested block. An empty MSG_BLK
response is a MSG_BLK message containing the Segment ID and Block ID of the
requested block, along with a zero-sized data block.
When the client receives the MSG_BLK response, it verifies that the message
corresponds to a MSG_GETBLKS request message in its Outstanding Request List.
(The Segment ID and block index must match that of an outstanding request.) The
client discards the message if this verification is unsuccessful. If the verification is
successful, the block is first decrypted and then validated against the appropriate
block hash from the content metadata that the client obtained from the original
content server. If the validation is successful, the decrypted block is stored in the
cache.
This process is repeated until the client has all of the required blocks.
The retrieval protocol retrieves and assembles complete segments of content from a
combination of sources: a set of server peers or a Hosted Cache, plus the original
content server if the former does not have the complete content.
Security Threats
To help protect content, BranchCache encrypts data as it is passed between clients
or between Hosted Cache clients and the Hosted Cache server. BranchCache
encrypts the block in the MSG_BLK response message. In Windows 7, the default
encryption algorithm is AES-128, the encryption key is Ke, and the key size is 128
bits, as dictated by the encryption algorithm. The server generates an initialization
vector suitable for the encryption algorithm and uses the encryption key to encrypt
the block. The server then records the encryption algorithm and the initialization
vector in the message. Servers and clients never exchange, share, or send each other
the encryption key. The client receives the encryption key from the server hosting
the original content. Then, using the encryption algorithm and initialization vector it
received from the server, it decrypts the block. There is no other explicit
authentication or authorization built into the download protocol.
The primary security threats at this layer include:


Tampering with data:
o A client serving data to a requester tampers with the data. The
BranchCache security model uses hashes to confirm that neither the
client nor the server has altered the data.
Information disclosure:
o
BranchCache will send encrypted content to any client that specifies
the appropriate Segment ID. Segment IDs are public, so any client can
receive encrypted content. However, the attacker must know the
encryption key to access the unencrypted content. The upper layer
protocol performs authentication and then gives the content
metadata to the authenticated and authorized client. The security of
the content metadata is equivalent to the content itself. BranchCache
will never expose the content metadata. The client authenticates the
Hosted Cache and sends the encrypted content information over
HTTPS.
An attacker sniffs the wire to get the desired data. BranchCache
encrypts all transfers between clients by using AES128 where the
secret key is Ke, preventing data from being sniffed from the wire.
Metadata downloaded from the original server is protected in
exactly the same way as the data itself would have been and is hence
no more or less protected from information disclosure than if
BranchCache had not been used at all.
Denial of Service:
o A client is overwhelmed by requests for data. BranchCache protocols
incorporate queue management counters and timers to prevent
clients from being overloaded.
o

Cache Content
In a BranchCache environment, content caches are built up over time as data is
retrieved over WAN links. This data is cached, either in local client caches in
Distributed Cache mode, or in the Hosted Cache in Hosted Cache mode.
In Distributed Cache mode, the client caches data that it receives. This cached data is
then used to supply content to other clients that request the content.
In Hosted Cache mode, clients add data to their own local cache and also offer data
to the Hosted Cache. The Hosted Cache Protocol provides a mechanism for clients to
inform the Hosted Cache about segment availability. To populate the Hosted Cache,
the client informs the Hosted Cache that it has a segment it can offer. The Hosted
Cache then gets all of the content information associated with the segment being
offered and downloads the blocks within the segment that it actually needs. This
process is repeated until the client has no more segments to offer.
To update the Hosted Cache by using the Hosted Cache Protocol, the following
requirements must be met:

The client is required to have a set of blocks within a segment that it can
offer to the Hosted Cache. The client must supply content information for the
offered segment; this is comprised of the Segment ID, the segment Hash of
Data, the Segment Secret, and a list of all block hashes contained within the
segment.

The Hosted Cache must be provisioned with a certificate chain and
associated private key, and the client with the chain’s root certificate, such
that both are compatible with HTTPS Server authentication.

The client is explicitly provisioned with the fully qualified Domain Name
System (DNS) name of the Hosted Cache and the Transmission Control
Protocol (TCP) port number upon which the Hosted Cache is listening for
BranchCache traffic. The Hosted Cache’s certificate is bound to this port.

The client actively listens for incoming block requests. The port on which it
is listening is passed as part of the offer messages from the client to the
Hosted Cache. This enables the Hosted Cache to use BranchCache protocols
to connect to the client to retrieve data blocks in the segment.

The Hosted Cache starts to listen for incoming HTTP requests when it is
initialized.

If the Hosted Cache is configured to require client authentication, both the
client and the Hosted Cache are required to support HTTPS authentication.
Figure 5: Hosted cache mode cache population
Figure 5 shows the process of populating the Hosted Cache in a BranchCacheenabled Branch Office. The process begins with the client sending an
INITIAL_OFFER_MESSAGE, which includes the Segment ID.
The Segment ID in the INITIAL_OFFER_MESSAGE request is used to retrieve the
corresponding segment Hash of Data, list of block hashes, and the segment secret
from the Hosted Cache's block cache. If the Hosted Cache already has all the content
information for a particular segment, the response to the INITIAL_OFFER_MESSAGE
will be OK, and no request to download blocks will be made.
If the Hosted Cache does not have all of the offered data blocks associated with the
block hashes in the segment, the response to the INITIAL_OFFER_MESSAGE will be
INTERESTED. The client then sends a SEGMENT_INFO_MESSAGE that describes the
single segment being offered. The Hosted Cache responds with an OK message and
initiates the download of the missing blocks from the offering client.
The segment Hash of Data, list of block hashes, and the segment secret are used to
ensure that the content being downloaded has not been tampered with or otherwise
altered. The downloaded blocks are then added to the Hosted Cache's block cache.
Security of Cached Data
Client
The greatest threat to data stored in the BranchCache is tampering. If an attacker
can tamper with data stored in the cache, then it may be possible to use this to try
and launch an attack against the computers that are using BranchCache. Attackers
can achieve this by inserting malicious software in place of other data. BranchCache
mitigates this threat by validating all content using block hashes found in the
content metadata. If an attacker attempts to tamper with this data, it will be
discarded and replaced with valid data from the original source.
A secondary threat to data stored in the BranchCache is information disclosure. In
Distributed Cache mode, the client caches only the content that it has requested
itself; however, that data is stored in clear text, and may be at risk. To help restrict
access to the BranchCache Service only, the local cache is protected by file system
permissions specified in an ACL. Although the ACL is effective in preventing
unauthorized users from accessing the cache, it is possible for a user with
administrative permissions to gain access to the cache simply by manually changing
the permissions specified in the ACL. BranchCache does not protect against the
malicious use of an administrative account.
Data stored in the content cache is not encrypted, so if data leakage is a concern,
encryption technologies such as BitLocker or the Encrypting File System (EFS) can
be implemented. The local cache added by BranchCache does not increase the
information disclosure threat borne by a computer in the branch office; the cache
contains only copies of files that reside unencrypted elsewhere on the disk.
Encrypting the entire disk is particularly important in environments in which the
physical security of the clients is difficult to ensure. For example, encrypting the
entire disk helps to secure sensitive data on mobile computers that may be removed
from the Branch Office environment periodically.
Hosted Cache
In Hosted Cache mode, the greatest threat to the security of the Hosted Cache is
information disclosure. BranchCache in a Hosted Cache environment behaves in a
similar manner to Distributed Cache mode, with file system permission protecting
the cached data. The difference is that the Hosted Cache stores all of the content that
any BranchCache-enabled computer in the branch office requests, rather than just
the data that a single client requests. The consequences of unauthorized intrusion
into this cache could be much more serious, because much more data is at risk.
In a Hosted Cache environment, the use of encryption technologies such as
BitLocker or EFS is advisable if any of the clients in the branch office can access
sensitive data across the WAN link. It is also necessary to prevent physical access to
the Hosted Cache, because disk encryption works only so long as the computer is
turned off when the attacker has physical access to it. If the computer is on or in
sleep mode, then disk encryption offers little protection.
Even if a client is configured in Hosted Cache mode, it will still cache data locally,
and you may choose to take steps to protect the local cache in addition to the Hosted
Cache.
Summary
In this guide, you have seen how BranchCache works seamlessly with existing
security architectures deployed in your environment. BranchCache respects
standard authentication and authorization methodologies and requires no
additional equipment or complex configuration to work within a standard network.
BranchCache uses metadata, hashes, and encryption to ensure the security of the
content that it requests, discovers, retrieves, and caches.
The mechanisms that BranchCache uses ensure that the encryption key and
Segment Secret remain secret; therefore, data is as secure as in the original
environment.
BranchCache reduces network bandwidth utilization and improves application
performance and ensures that content is secure, whether in transit or at rest.
Glossary
Client: A computer running Windows 7 Enterprise or Windows 7 Ultimate or a
Windows Server 2008 R2 server that wants to access certain content from a
content server. Clients also act as peers in Distributed Cache mode.
Content: Data that an application wants to access. Examples of content include
Web pages and documents stored on either Web servers or file servers that
support HTTP, HTTPS, or SMB transfers.
Content metadata: Data that identifies the content and is used to help secure it.
Content metadata consists of the Segment Identifier, Segment Secret, and
Segment Hash of Data.
Content server: The original server that a client contacts to obtain either the
hashes of the content or the actual content when it is not available within
BranchCache. The content server must be a Windows Server 2008 R2 server.
Distributed Cache mode: A mode of BranchCache operation in which the client
discovers and obtains content blocks from other peers and shares content
blocks that it has with other BranchCache-enabled peers on the same subnet.
Hosted Cache mode: A mode of BranchCache operation in which the cache is
stored on a Windows Server 2008 R2 server. The Windows Server 2008 R2
server that hosts the cache is known as the Hosted Cache and is located in the
branch office. The BranchCache-enabled clients are configured to check this
server’s cache, rather than peers’ caches, for content blocks.
Related documents
Cache Replacement Scheme based on Back Propagation Neural
Cache Replacement Scheme based on Back Propagation Neural
Slide 1
Slide 1
BranchCache - MSDN Blogs
BranchCache - MSDN Blogs
One - personal.stevens.edu
One - personal.stevens.edu
Windows 7 Beta - WordPress.com
Windows 7 Beta - WordPress.com
Word XP
Word XP
MapDB Cheat Sheet
MapDB Cheat Sheet
here
here
CMSC611: Advanced Computer Architecture Extra Credit Homework 2
CMSC611: Advanced Computer Architecture Extra Credit Homework 2
Download