From: Zooko O'Whielacronx Date: Tue, 22 Jan 2008 04:52:01 +0000 (-0700) Subject: docs: about.html: edit thanks to nej X-Git-Url: https://git.rkrishnan.org/...?a=commitdiff_plain;h=f3a9a47420dca953774c12e106935f6dd8fd5217;p=tahoe-lafs%2Ftahoe-lafs.git docs: about.html: edit thanks to nej --- diff --git a/docs/about.html b/docs/about.html index 213b2bf1..39ec09af 100644 --- a/docs/about.html +++ b/docs/about.html @@ -16,7 +16,7 @@

Overview

A "storage grid" comprises a number of storage servers. A storage server has local attached storage (typically one or more SATA hard disks). A "gateway" uses the storage servers and provides to its clients a filesystem over a standard protocol such as HTTP(S), FUSE, or SMB.

-

Users do not rely on storage servers to provide confidentiality nor integrity for the data -- instead all of the data is encrypted and integrity checked by the gateway, so that the servers are not able to learn anything about the data nor to alter it.

+

Users do not rely on storage servers to provide confidentiality nor integrity for the data -- instead all of the data is encrypted and integrity checked by the gateway, so that the servers are not able to nor alter the contents of the files.

Users do rely on the storage servers for availability -- the ciphertext is erasure-coded and distributed across N different storage servers (the default value for N is 12) so that it can be recovered from any K of these servers (the default value of K is 3). Therefore only the simulaneous failure of N-K+1 (with the defaults, 10) servers can make the data unavailable. Phrasing this in terms of reliance, we say that the users rely on the gateway for the confidentiality and integrity of the data, and on any 3 of the 12 servers for the availability of the data.

The typical deployment mode is that each user runs her own gateway on her own machine. This way she needs to rely only on her own machine for the confidentiality and integrity of the data, and she can take advantage of tighter filesystem interfaces such as FUSE and SMB.

An alternate deployment mode is that the gateway runs on a remote machine and the user connects to it over HTTPS. This means that the operator of the gateway can view and modify the user's data (the user relies on the gateway for confidentiality and integrity), but it means that the user can access the filesystem with a client that doesn't have the gateway software installed, such as an Internet kiosk or cell phone.