The model suggests a uniform approach to implementing "atomic"objects. The thesis addresses both the problem of synchronising operations invoked by transactions on objects and the problem of synchronising transactions, so that their execution satisfies the correctness criterion of serialisability. It is shown that a wide range of protocols can be implemented using this model: existing concurrency control protocols for distributed environments can be obtained, as well as hybrid protocols that combine features of them.
By separating the "scheduler" module into two different modules which perform the local synchronisation of operations invoked on objects by transactions and the synchronisation of transactions, respectively, the problem of incompatibility of protocols is overcome and different protocols are permitted within the same application at the same time.
Finally the problem of deadlocks is addressed and two algorithms for deadlock detection and resolution are proposed which, unlike their predecessors, systematically eliminate the likelihood of phantom deadlock detection to the level that can genuinely be attributed to timing issues. The first algorithm is intended to introduce the resolution scheme; it is very simple, but imposes an overhead on the deadlock detection scheme. In the second, the overhead between the detection and resolution parts of the algorithm is balanced and the overall time complexity is shown to be equal to that of the best algorithms previously reported.
This thesis describes a model for cooperative object oriented programming based on distributed systems technology. It overviews developers' requirements for cooperative programming as well as the issues involved in the development of a programming environment suitable for developers' cooperation.
The first part of the model, or the abstract model, is concerned with organisational issues, such as division of work among members of a programming team, developers interaction, and general structure of the software development environment. We introduce the notion of developer's contexts and strong and weak ownership with proposed changes to support sequential as well as parallel development.
The second part of the model, also called the concrete model, elaborates the abstract model by making it more specific, i.e. by defining the supporting technology used (distributed object oriented systems), and the specific architecture needed to implement the abstract model. It also populates the abstract model by introducing specific structures and modules necessary to support the concepts and ideas introduced. The concrete model introduces novel techniques in the areas of class hierarchy management, object migration and object access control.
In the process of designing the concrete model, we provide an in-depth analysis of the problems of maintaining a consistent behaviour of objects in a distributed cooperative programming environment, and how such consistent object behaviour is achieved in the model. We present the concept of dual class hierarchies to support object behaviour maintenance in a distributed cooperative programming environment.
In distributed object-oriented programming, the programming paradigm is interacting distributed objects rather than distributed data. We have established an object model for distributed, shared and persistent objects. The model introduces the distributed object context, which represents an object environment in which distributed objects are manipulated. Object activities and their states are also introduced in the model to describe the dynamic behaviours of distributed objects. the concept of orthogonal persistence is integrated in our model to support persistent object sharing.
Object protection is essential for object sharing. A security mechanism is designed for access control of shared distributed objects. This mechanism, called the private access channel, provides the same level of fine grained object-based security as the capability scheme.
A novel two-level garbage collection algorithm has also been designed and implemented to reclaim distributed garbage. It makes use of the local garbage collector (no matter what algorithm it uses) and deals with the distributed garbage efficiently.
This thesis presents an object model as a key to all the issues and ideas behind our research effort towards better distributed computing. A prototype of a distributed object-oriented programming system that conforms to our object model was implemented and is also described in the thesis. It is a distributed and persistent Smalltalk-80, called DPS system. The purposes of DPS system are to demonstrate the model, refine its details and provide an object-oriented platform for building applications that are intended to be used by a group of people who would like to use computers for communication and sharing information.
All transactions are required to use the most recent versions of services. If transactions violate this rule, the protocol tests whether the violated transactions can be excepted from the requirement without causing inconsistent state in the services they used. If they fail this test, they are aborted.
Because sending coherence information is a by-product of the two-phase commitment protocol using multicast, the protocol avoids unnecessary communication with repositories of services to update replicas in caches. The abortion rate of transactions is reduced by updating replicas as soon as possible and by considering operation sequences of transactions. By updating replicas and validating the transactions in caches, concurrency control and cache coherence are well distributed; the workload of conventional servers is distributed into caches.
A recovery scheme and a deadlock detection algorithm are proposed for use with the cache coherence protocol and the object-space model. The latter reduces the number of deadlock messages by up to half of those generated by other recent algorithms. The proposed recovery scheme is designed to minimise the cost of updating replicas in caches as well as to recover from failures of services. The persistent version of a passive service is stored as a base version and a history file which consists of a set of version updating information. Replicas in caches update themselves with the cache coherence protocol except when they fail to receive any update information. The passive service supplies missing versions enabling replicas in caches to be kept up-to-date, reducing the cost of restarting transactions and communication.
Group Communication facilitates the fast interactive response times that are essential for productive groupworking. However, Secure Group Communication for Groupware is more complex than simply securing the group from the hostile actions of those outside, which is the approach taken by most existing secure group systems. Group tasks typically involve the multiple participants acting with different rights, i.e. different levels of trust. This is recognition that corrupt activity can also originate from inside the group. The group communication system for groupware presented here recognises and deals with this threat whilst maintaining the speed of other systems. Although important for efficient groupworking, group communication does not present the most appropriate level of abstraction to the programmer. A shared object abstraction is far more convenient. For secure groupware, shared objects can be protected at the level of their methods by associating with each of them an Access Control List (ACL). However conventional ACLs are relatively static, whereas the security policies of group tasks are far more dynamic. This thesis introduces two techniques for specifying and enforcing dynamic policies. Firstly State-Dependent Access Control allows rights to reflect the current state of the group task. Additionally, the notion of consent is often a feature of group security policies. Secondly therefore, the concept of Backing is introduced as an attempt to mechanise the collection and proof of consent from some group of other participants.
The complete body of work allows secure and efficient groupware to be more easily built. The resulting application instances can collectively support complex security polices and can communicate both safely and efficiently.