Wikipedia

Distributed Computing Environment

This is an old revision of this page, as edited by Marvin The Paranoid (talk | contribs) at 22:14, 14 January 2005 (Marked up reference to Kerberos to point to Wikipedia's page about it). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The Distributed Computing Environment (DCE) is a software system developed in the early 1990s by a consortium that included Apollo Computer (later part of Hewlett-Packard), IBM, Digital Equipment Corporation, and others. The DCE supplies a framework and toolkit for developing client/server applications. The framework includes a remote procedure call (RPC) mechanism, a naming (directory) service, an authentication service, and a distributed file system (DFS). DCE RPC was derived from an earlier RPC system called the Network Computing System (NCS) created at Apollo Computer. The naming service was derived from work done at DEC. DCE DFS was based on the Andrew file system (AFS), originally developed at Carnegie-Mellon University, and later extended by Transarc Corporation (which was later merged into IBM). DCE 1.2.2 was released on 12th January 2005 under a Free Software License (the LGPL) by The Open Group. DCE 1.1 was available much earlier under the OSF BSD license, and resulted in FreeDCE (freedce.sf.net) being available since 2000. FreeDCE contains an implementation of DCOM.

To understand why DCE is useful, one must look at its closest competitor - Kerberos. Like DCE, Kerberos is a distributed computing application. It provides an authentication system for a network of machines - much like Sun's Network Information Service or LDAP. Kerberos is an authentication system only - it can identify the entity requesting resources to the server, but it cannot do authorization. That has to be implemented at each individual server. If for example, in a system that uses Kerberos authentication, a user A authenticates himself and requests resource R on machine M1, then M1 has to be set up to authorize A to access R on M1. If R is a shared resource thats available on machine M2 also, then M2 has to explicitly authorize A to access resource R. Kerberos does not provide a way to allow one to share authorization settings across its ___domain. DCE can. It does this by supporting Access Control Lists (ACLs).

There are three major components of DCE : (1) the security server (which is responsible for authentication) (2) The Cell Directory Server (CDS) (which is the respository of resources and ACLs) and (3) The Distributed Time Server which provides an accurate clock for proper functioning of the entire cell. Modern DCE implementations such as IBM's are fully capable of interoperating with Kerberos as the security server, LDAP for the CDS and the Network Time Protocol implementations for the time server.

While it is possible to implement a distributed file system using plain old DCE by defining files to the CDS and defining the appropriate ACLs on them, this is not user-friendly. DCE/DFS (Distributed Filesystem - not to be confused with the Microsoft product called DFS which is NOT interoperable with DCE) is a DCE based application which provides a distributed filesystem on DCE.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Distributed_Computing_Environment&oldid=10221420"