Federated, Available, and Reliable Storage for an Incompletely Trusted Environment

Farsite is a serverless, distributed file system that does not assume mutual trust among the client computers on which it runs. Logically, the system functions as a central file server, but physically, there is no central server machine. Instead, a group of desktop client computers collaboratively establish a virtual file server that can be accessed by any of the clients.

The system provides a global name space for files, location-transparent access to both private files and shared public files, and improved reliability relative to storing files on a desktop workstation. It does this by distributing multiple encrypted replicas of each file among a set of client machines. Files are referenced through a hierarchical directory structure that is maintained by a distributed directory service.

Our broad objective is to figure out how to build highly available, reliable, and secure systems on a substrate of cooperating but mutually distrusting hosts. In the context of our distributed file system, we have identified three specific goals:

  • To provide high availability and reliability for file storage.
  • To provide security and resistance to Byzantine threats.
  • To have the system automatically configure and tune itself adaptively.