StuPeas — Sun, 11 Feb 2007 21:11:42 +0000

O.K, Thanks Abhishek, It is very ambiguous, and its supposted to be for newcomers to the topic!!

Abhishek Reddy — Sun, 11 Feb 2007 19:58:43 +0000

StuPeas;214899 wrote: "A network using the user-level access model allows users to obtain access to resources only if they belong to a centralised access list. This access list can be centralised to a particular server or to an entire network"

I think it refers to the fact that the list of users and their access priorities are stored and served in some central node. Any nodes sharing resources under these permissions will check with the central server before exposing them to a requesting user.

Say, if you ask to read a particular shared file, its host will check if you're permitted to do so through the ACLs given by the central server, before allowing or denying you access. The ACL definition may permit you to read only, but not write or delete, etc.

StuPeas;214899 wrote: "Operatin systems that provide both centralised and local user-level server access include the following: Win2000 server......"

I presume this means that the ACLs can be managed at either a central server as above or just on the local host. It's a little bit ambiguous to me, sorry.

StuPeas — Sun, 11 Feb 2007 19:33:57 +0000

Thanks Abhishek. you have answered a KEY point regarding access permissions for the network (which just so happens to be the exact principle im having problems with).

If you have a second or two, maybe you could clear up my confusion regarding "Access Control Lists" that are used for "User-Level Access" (i.e. where a shared "object" contains information regarding the user or group "permissions" for the object in question), as opposed to simple password protection for a share.

The primary text im quoting from is "CIW network administration, Sybex (2002)".
The book says...

"A network using the user-level access model allows users to obtain access to resources only if they belong to a centralised access list. This access list can be centralised to a particular server or to an entire network"

Im not sure what the text in Bold means.

If possible could you also translate this for me as well...

"Operatin systems that provide both centralised and local user-level server access include the following: Win2000 server......"

An answer for these points will probably clear up my confusion altogether and i will be writing you into my will.

Thanks

Stuart.

Abhishek Reddy — Sun, 11 Feb 2007 18:46:26 +0000

You do seem to have some preconceptions that may cause confusion. You're still sort of on the right track though.

Here are some basic ideas, in a client-server network model.

When a node in a network shares data that other nodes ask for, it is acting as a server. The nodes making requests are clients. For example, when you load a web page, your computer is the client, as it makes the HTTP request; and the remote host is the web server, as it listens and responds to your request.

A node can be a server and a client at the same time. In a P2P network, all nodes can ask for data, and all nodes can share data. That means every node is potentially a client or server, simultaneously.

That means any number of servers could be added into the mix, and it won't stop any nodes sharing data in a truly P2P way (it depends on the protocol). In fact, they couldn't do it without at least one server.

However, centralised servers may be needed for some purposes, like password/key or database services. By juggling keys, you could, for instance, have a P2P network with centralised authentication but decentralised data communication.

So all your data wouldn't have to go through the central server, that would just mediate your connection. The remote host and you will have to mutually identify yourselves to the server (and perhaps fetch keys to decrypt each other's packets). This is how many instant messaging chat applications operate. Again, it depends on the protocol.

I hope that hasn't confused you more.