mirror of
https://github.com/tahoe-lafs/tahoe-lafs.git
synced 2024-12-23 14:52:26 +00:00
docs: about.html: edit thanks to nej
This commit is contained in:
parent
6c0e894134
commit
f3a9a47420
@ -16,7 +16,7 @@
|
||||
|
||||
<h2>Overview</h2>
|
||||
<p>A "storage grid" comprises a number of storage servers. A storage server has local attached storage (typically one or more SATA hard disks). A "gateway" uses the storage servers and provides to its clients a filesystem over a standard protocol such as HTTP(S), FUSE, or SMB.</p>
|
||||
<p>Users do not rely on storage servers to provide <i>confidentiality</i> nor <i>integrity</i> for the data -- instead all of the data is encrypted and integrity checked by the gateway, so that the servers are not able to learn anything about the data nor to alter it.</p>
|
||||
<p>Users do not rely on storage servers to provide <i>confidentiality</i> nor <i>integrity</i> for the data -- instead all of the data is encrypted and integrity checked by the gateway, so that the servers are not able to nor alter the contents of the files.</p>
|
||||
<p>Users do rely on the storage servers for <i>availability</i> -- the ciphertext is erasure-coded and distributed across <cite>N</cite> different storage servers (the default value for <cite>N</cite> is 12) so that it can be recovered from any <cite>K</cite> of these servers (the default value of <cite>K</cite> is 3). Therefore only the simulaneous failure of <cite>N-K+1</cite> (with the defaults, 10) servers can make the data unavailable. Phrasing this in terms of <i>reliance</i>, we say that the users <i>rely on</i> the gateway for the confidentiality and integrity of the data, and on any 3 of the 12 servers for the availability of the data.</p>
|
||||
<p>The typical deployment mode is that each user runs her own gateway on her own machine. This way she needs to rely only on her own machine for the confidentiality and integrity of the data, and she can take advantage of tighter filesystem interfaces such as FUSE and SMB.</p>
|
||||
<p>An alternate deployment mode is that the gateway runs on a remote machine and the user connects to it over HTTPS. This means that the operator of the gateway can view and modify the user's data (the user <i>relies on</i> the gateway for confidentiality and integrity), but it means that the user can access the filesystem with a client that doesn't have the gateway software installed, such as an Internet kiosk or cell phone.</p>
|
||||
|
Loading…
Reference in New Issue
Block a user