Tahoe-LAFS (Tahoe Least-Authority File Store
) is a
free and open, secure,
decentralized
Decentralization or decentralisation is the process by which the activities of an organization, particularly those regarding planning and decision making, are distributed or delegated away from a central, authoritative location or group.
Conce ...
, fault-tolerant,
distributed data store
A distributed data store is a computer network where information is stored on more than one node, often in a replicated fashion. It is usually specifically used to refer to either a distributed database where users store information on a ''numb ...
and
distributed file system
A clustered file system is a file system which is shared by being simultaneously mounted on multiple servers. There are several approaches to clustering, most of which do not employ a clustered file system (only direct attached storage for ...
.
It can be used as an
online backup
A remote, online, or managed backup service, sometimes marketed as cloud backup or backup-as-a-service, is a service that provides users with a system for the backup, storage, and recovery of computer files. Online backup providers are companies ...
system, or to serve as a file or Web host similar to
Freenet
Freenet is a peer-to-peer platform for censorship-resistant, anonymous communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web ...
, depending on the
front-end used to insert and access files in the Tahoe system. Tahoe can also be used in a
RAID
Raid, RAID or Raids may refer to:
Attack
* Raid (military), a sudden attack behind the enemy's lines without the intention of holding ground
* Corporate raid, a type of hostile takeover in business
* Panty raid, a prankish raid by male college ...
-like fashion using multiple disks to make a single large
Redundant Array of Inexpensive Nodes (RAIN) pool of reliable data storage.
The system is designed and implemented around the "
principle of least authority
In information security, computer science, and other fields, the principle of least privilege (PoLP), also known as the principle of minimal privilege (PoMP) or the principle of least authority (PoLA), requires that in a particular abstraction la ...
" (POLA), described by Brian Warner (one of the project's original founders) as the idea "that any component of the system should have as little power of authority as it needs to get its job done".
Strict adherence to this convention is enabled by the use of
cryptographic
Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or '' -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adve ...
capabilities that provide the minimum set of
privileges necessary to perform a given task by asking agents. A RAIN array acts as a storage volume; these servers do not need to be trusted by confidentiality or integrity of the stored data.
History
Tahoe-LAFS was started in 2006 at online backup services company ''All My Data''
and has been actively developed since 2007. In 2008, Brian Warner and
Zooko Wilcox-O'Hearn
Zooko Wilcox-O'Hearn (born Bryce Wilcox; 13 May 1974 in Phoenix, Arizona), is an American Colorado-based computer security specialist, self-proclaimed cypherpunk, and CEO of the Electric Coin Company (ECC), a for-profit company leading the develo ...
published a paper on Tahoe at the 4th
ACM international workshop on Storage security and survivability.
When ''All My Data'' closed in 2009, Tahoe-LAFS became a free software project under the
GNU General Public License
The GNU General Public License (GNU GPL or simply GPL) is a series of widely used free software licenses that guarantee end users the Four Freedoms (Free software), four freedoms to run, study, share, and modify the software. The license was th ...
or ''The Transitive Grace License'', which allows owners of the code twelve months to profit from their work before releasing it. In 2010, Tahoe-LAFS was mentioned as a tool against censorship by the
Electronic Frontier Foundation
The Electronic Frontier Foundation (EFF) is an international non-profit digital rights group based in San Francisco, California. The foundation was formed on 10 July 1990 by John Gilmore, John Perry Barlow and Mitch Kapor to promote Internet ci ...
. In 2013, it was one of the hackathon projects at the
GNU
GNU () is an extensive collection of free software (383 packages as of January 2022), which can be used as an operating system or can be used in parts with other operating systems. The use of the completed GNU tools led to the family of operat ...
30th anniversary.
Functionality
The Tahoe-LAFS Client sends an unencrypted file via a web API to the HTTPS Server. The HTTPS Server passes the file off to the Tahoe-LAFS Storage client which encrypts the file and then uses erasure coding to store fragments of the file on multiple storage drives.
Tahoe-LAFS features "provider-independent security", in that the integrity and confidentiality of the files are guaranteed by the algorithms used on the client, independent of the storage servers, which may fail or may be operated by untrusted entities. Files are encrypted using
AES, then split up using
erasure coding
In coding theory, an erasure code is a forward error correction (FEC) code under the assumption of bit erasures (rather than bit errors), which transforms a message of ''k'' symbols into a longer message (code word) with ''n'' symbols such that th ...
, such that only a subset K of the original N servers storing the file chunks need to be available in order to recreate the original file. The default parameters are K=3, N=10, so each file is shared across 10 different servers, accessing it requires the correct function of any 3 of those servers.
Tahoe provides very little control over on which nodes data is stored.
Fork
A patched version of Tahoe-LAFS exists from 2011, and was made to run on anonymous networks such as
I2P
The Invisible Internet Project (I2P) is an anonymous network layer (implemented as a mix network) that allows for censorship-resistant, peer-to-peer communication. Anonymous connections are achieved by encrypting the user's traffic (by using ...
, with support for multiple introducers. There is also a version for Microsoft Windows.
It is distributed from a site within the I2P network. In contrast to normal Tahoe-LAFS operation, when I2P and Tahoe-LAFS are used together the location of the nodes is disguised. This allows for anonymous distributed grids to be formed.
See also
*
CephFS
Ceph (pronounced ) is an open-source software-defined storage platform that implements object storage on a single distributed computer cluster and provides 3-in-1 interfaces for object-, block- and file-level storage. Ceph aims primarily f ...
(file system)
*
Coda (file system)
Coda is a distributed file system developed as a research project at Carnegie Mellon University since 1987 under the direction of Mahadev Satyanarayanan. It descended directly from an older version of Andrew File System (AFS-2) and offers many ...
*
Comparison of distributed file systems
In computing, a distributed file system (DFS) or network file system is any file system that allows access to files from multiple hosts sharing via a computer network. This makes it possible for multiple users on multiple machines to share file ...
*
Freenet
Freenet is a peer-to-peer platform for censorship-resistant, anonymous communication. It uses a decentralized distributed data store to keep and deliver information, and has a suite of free software for publishing and communicating on the Web ...
*
GlusterFS
Gluster Inc. (formerly known as Z RESEARCH) was a software company that provided an open source platform for scale-out public and private cloud storage. The company was privately funded and headquartered in Sunnyvale, California, with an enginee ...
*
Moose File System
Moose File System (MooseFS) is an open-source, POSIX-compliant distributed file system developed by Core Technology. MooseFS aims to be fault-tolerant, highly available, highly performing, scalable general-purpose network distributed file system ...
*
LizardFS
LizardFS is an open source distributed file system that is POSIX-compliant and licensed under GPLv3. It was released in 2013 as fork of MooseFS. LizardFS is also offering a paid Technical Support (Standard, Enterprise and Enterprise Plus) with p ...
*
iFolder
iFolder is an open-source application, developed by Novell, Inc., intended to allow cross-platform file sharing across computer networks.
iFolder operates on the concept of shared folders, where a folder is marked as shared and the contents ...
*
List of distributed file systems
*
Lustre (file system)
Lustre is a type of parallel distributed file system, generally used for large-scale cluster computing. The name Lustre is a portmanteau word derived from Linux and cluster. Lustre file system software is available under the GNU General Public ...
*
Parallel Virtual File System
*
XtreemFS
*
IPFS
The InterPlanetary File System (IPFS) is a protocol, hypermedia and file sharing peer-to-peer network for storing and sharing data in a distributed file system. IPFS uses content-addressing to uniquely identify each file in a global namespac ...
References
External links
*
{{File systems
Distributed file systems
Userspace file systems
Free network-related software
Free file sharing software
Free software programmed in Python
File sharing software
File sharing software for Linux
Virtualization software for Linux
Cross-platform software
Cross-platform free software
Cloud infrastructure
Cloud storage
Free software for cloud computing
I2P