Return-Path: william@bourbon.usc.edu Delivery-Date: Tue Nov 25 11:45:37 2008 X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on merlot.usc.edu X-Spam-Level: X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.2.3 Received: from bourbon.usc.edu (bourbon.usc.edu [128.125.9.75]) by merlot.usc.edu (8.14.1/8.14.1) with ESMTP id mAPJjap7014800 for ; Tue, 25 Nov 2008 11:45:36 -0800 Received: from bourbon.usc.edu (localhost.localdomain [127.0.0.1]) by bourbon.usc.edu (8.14.2/8.14.1) with ESMTP id mAPJiI71010454 for ; Tue, 25 Nov 2008 11:44:18 -0800 Message-Id: <200811251944.mAPJiI71010454@bourbon.usc.edu> To: cs551@merlot.usc.edu Subject: Re: CS551: Final Project 2 : Delete Date: Tue, 25 Nov 2008 11:44:18 -0800 From: Bill Cheng Someone wrote: > For delete command, consider the scenario: > > there are 2 nodes > @ node - 1 commands are: store chess.jpg 1 tag="value" (assume that this > file will be cached at node 2, the probs are such) > @ node - 2 commands are: delete filename=chess.jpg sha1=(correct sha1) > nonce=(correct nonce) > > so at node 2, the following should happen, > it should check if it has a file with the same SHA1 and FileName and Nonce, > if the SHA1 and FileName and Nonce do not match, the node does nothing (no > flooding of delete commands too) > if it exists, the node has to then check if it has the one time password for > it too. > if the node does not have the one time password for this file, then it > should prompt the user for sending the delete based on a random password, > if the user says yes it has to flood delete requests to other nodes and also > delete the file copy which it has, else it should do nothing. Everything is correct so far, except that it should not delete the copy it has because the random password will not hash to the Nonce value. So, your node 2 is not authorized to delete this file. > now at node 1, (assuming node 2 flooded delete), the following shoud happen: > > it should check the SHA1 of the password in the delete message, with the > nonce inside the delete message. > if these do not match, the node should do nothing. > if these match, the node should go ahead, look for the file with this file > name, sha1 and nonce in its mini file system and if it finds the file, it > should be deleted. Correct. In this particular scenario, the chance of the password hashing into the same value as the Nonce is very minimal. -- Bill Cheng // bill.cheng@usc.edu