Device Sharing

rdv at ISI.EDU rdv at ISI.EDU
Wed Feb 26 16:42:28 PST 1997

* From the SCSI Reflector (scsi at, posted by:
* rdv at ISI.EDU
I think everybody agrees that some form of device ownership mechanism
is necessary, but the level at which it should be implemented is still 
apparently up in the air -- does it belong in the transport
infrastructure or the high-level command set?

Note that SBP-2 Login Access and the SCSI RESERVE/RELEASE mechanisms
are ownership for concurrency, but make no effort to control access
for security.  Their level of control is by initiator (effectively,
network address), with no distinction made among various
processes/subsystems available at a given network node or address.  In
addition, access to the functionality at a disk drive is generally
unrestricted (beyond the concept of extent reservations), so anybody
with access to a drive can execute, for example, FORMAT.  A
disadvantage of SBP-2 is that it is transport-specific, so code
adapted to use it will be ineffective on Fibre Channel or physical
SCSI buses.

Although at this point it's still research, we in the Netstation
project ( are working on a model called
Derived Virtual Devices (DVDs) which provides security control by
allowing any client with access to a device to grant to a subset of
that access to anyone it wishes.  Clients are to be identified
cryptographically, so that access rights are limited to programs or
subsystems (e.g., the file system) with that key.  User programs at
a given node are unable to directly access the device even if the
operating system and network in between would carry the traffic,
unless they have explicitly been granted that right.  Rights to use
specific commands can be individually controlled, so for example, read 
only, write before read (useful in secure environments to prevent
reading of old data without an explicit ERASE) and append only (for
tapes) access can be defined, as well as limiting management functions 
such as FORMAT and microcode downloads.

On a related note, we have suggested that IP may in fact be the
preferred means of accessing devices (both for data and commands), but
I won't go into detail on that now.  Such an approach can definitely
solve the "what physical network type am I on?" problem as well as
supporting transfer among heterogeneous interconnects.

See the recent papers on these topics available through our web page
-- 1996 on DVDs and 1997 on IP for NAPs.  The arguments and
descriptions are more cogent than this brief email, check them out if
you're interested.


Rod Van Meter USC/ISI rdv at,rdv at +1(310)822-1511x417
"When...a mouse is instructing an eagle on how to handle a
dragon, you can see the trend."  The Washington Post, December 12,
1996, chastising the U.S. government's kowtowing to Beijing and
lauding Disney's decision to distribute a movie about the Dalai Lama,
despite pressure from China.
* For SCSI Reflector information, send a message with
* 'info scsi' (no quotes) in the message body to majordomo at

More information about the T10 mailing list