From 6a3c8aebd3a0c512f3a0ebc6fc9fba44bb3c2b48 Mon Sep 17 00:00:00 2001 From: Ali Younis Date: Mon, 3 Oct 2016 12:12:46 -0700 Subject: [PATCH] Added Guarantees section --- version2/doc/iotcloud.tex | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/version2/doc/iotcloud.tex b/version2/doc/iotcloud.tex index 8c11982..3acd7aa 100644 --- a/version2/doc/iotcloud.tex +++ b/version2/doc/iotcloud.tex @@ -203,7 +203,7 @@ When deciding which records to delete the following is to be done: \end{enumerate} Note this makes that size of the data structure be bounded. -If there are $n$ devices and the data structure has a minimum size of $m$. Then the max size of the data structure is given by $m + n$ for the case when all the devices make an update at the same time. +If there are $n$ devices and the data structure has a minimum size of $m$. Then the max size of the data structure is given by $m + n -1$ for the case when all the devices make an update at the same time. \subsection{\textbf{Rescuing Transactions, Commits, Aborts, Ext}} Data should be proactively rescued from the "oldest" records currently in the data structure. Unused space in new records should be used to rescue data from old records so that when it comes time to delete the old records, there are no live pieces of data that need to be rescued. When a piece of data is rescued, it is rescued with its vector clock as well (so that the time of that data can be saved). @@ -226,7 +226,7 @@ Checking the data structure for consistency is done as follows: \item Verify that no currently live data Structure re-size notification is smaller than the last known data structure size. Data structure can only grow in size. \item Verify that all the server sequence numbers for the records that are currently present have unique numbers that have a difference of 1 (no gaps). \item Verify record server sequence numbers against the stated server sequence numbers in the server sequence number notification payloads (make sure the server is not changing the sequence number on the fly). - \item + \item Verify that no to records have the same server sequence number \end{enumerate} @@ -272,6 +272,23 @@ Live Status of entries: \end{enumerate} + +\section{\textbf{System Guarantees}} +\begin{itemize} + \item Server cannot view data inside records + \item Server cannot forge or modify or create any records + \item Server cannot withhold any records + \item Server cannot reorder records that could not have been ordered differently due to network latency + \item Server cannot delete records unless told to do so. + \item There will always be an obvious key-value pair that is the latest key value pair. + \item The data structure is bounded in size such that $m$ is the minimum size of the data structure, $n$ is the number of devices in the system and $s$ is the current size of the data structure: $m \leq s \leq (m+n-1)$ + \item Data structure can only grow when there are too may key-value pairs (and aborts) than what fit in the current data structure size within reason. + \item No currently valid data can be lost by the system and go undetected. + \item Devices can operate offline and re-sync with the system and get a consistent view of the system + \item If the server tries to hold a device on an older version of the data structure, that device can eventually rejoin the main data structure without problems. + \item Devices that have a transaction aborted will be able to be notified about the abort indefinately (no time frame when notification must be accepted). + +\end{itemize} \end{document} \ No newline at end of file -- 2.34.1