mjg at cacr.caltech.edu
Thu Aug 17 08:38:52 PDT 2006
We have been aware of the Amazon S3 for a while and have had a look at
its interface but as their rubric states: Amazon S3 is intentionally
built with a minimal feature set. It is designed to be a final solution
whereas VOSpace is a layered functionality solution - it starts with
VOSpace 1.0 and then progresses from there.
> (1) Why not take the Amazon definition and just use that exactly?
It does not answer all our use cases.
> (2) What can Amazon do that VOSpace cannot (and why is that feature
AS3 supports single-level directories (which it calls buckets): VOSpace
1.0 is a perfectly flat store but 1.x will support full directory
AS3 allows manipulation of Access Control Policy to data objects:
VOSpace 1.0 is implementation dependent - your data objects might be
world readable/writable or only only readable/writable. Future versions
of VOSpace will use the Access Control mechanisms coming out of the IVOA
> (3) What can VOSpace do that Amazon cannot (and which use-case needs
Move an object
Copy an object
Support third-party data transfers - the space pushes or pulls the data
- this is the scalability use case where you do not want to bytes to
come to your laptop first.
Support arbitrary data transfer protocols
In VOSpace, structured and unstructured data are both first-level
entities and different views (data formats) can be taken of structured
data (implementation dependent) since the space knows the data structure
and how to manipulate this: for example, a VOTable could be imported and
then exported as CSV.
And then there is all the stuff that we are planning for the next
versions of VOSpace, such as full directory hierarchy, searching , and
> (4) How does the metadata model differ between Amazon and VOSpace?
Both seem to support arbitrary metadata (key, value) for a data object
but only VOSpace will list the metadata that is currently uses and
> (5) What are the differences in security model? If the VO model is
> different, why is it different?
VOSpace uses SSO (WS-Security) for authentication but currently has no
authorisation mechanism beyond what implementation dependent: Amazon
uses credentials in the unsecure message to authenticate and has access
control policies. VOSpace uses the agreed IVOA security model so that we
have standardised security across all our services.
> (6) What does VOSpace do that Amazon cannot (and who is demanding that
> extra feature?)
This is question (3) again.
> (7) Is there a problem in implementing Amazon on top of SRB?
More information about the vospace