Amazon VOStore?

Matthew Graham mjg at cacr.caltech.edu
Thu Aug 17 08:38:52 PDT 2006 

Hi,

We have been aware of the Amazon S3 for a while and have had a look at 
its interface but as their rubric states: Amazon S3 is intentionally 
built with a minimal feature set. It is designed to be a final solution 
whereas VOSpace is a layered functionality solution - it starts with 
VOSpace 1.0 and then progresses from there.
> (1) Why not take the Amazon definition and just use that exactly?
It does not answer all our use cases.
> (2) What can Amazon do that VOSpace cannot (and why is that feature 
> there?)
AS3 supports single-level directories (which it calls buckets): VOSpace 
1.0 is a perfectly flat store but 1.x will support full directory 
structures.

AS3 allows manipulation of Access Control Policy to data objects: 
VOSpace 1.0 is implementation dependent - your data objects might be 
world readable/writable or only only readable/writable. Future versions 
of VOSpace will use the Access Control mechanisms coming out of the IVOA 
security work.
> (3) What can VOSpace do that Amazon cannot (and which use-case needs 
> that?)
Move an object

Copy an object

Support third-party data transfers - the space pushes or pulls the data 
- this is the scalability use case where you do not want to bytes to 
come to your laptop first.

Support arbitrary data transfer protocols

In VOSpace, structured and unstructured data are both first-level 
entities and different views (data formats) can be taken of structured 
data (implementation dependent) since the space knows the data structure 
and how to manipulate this: for example, a VOTable could be imported and 
then exported as CSV.

And then there is all the stuff that we are planning for the next 
versions of VOSpace, such as full directory hierarchy, searching , and 
space federation.

> (4) How does the metadata model differ between Amazon and VOSpace?
Both seem to support arbitrary metadata (key, value) for a data object 
but only VOSpace will list the metadata that is currently uses and 
system supported.
> (5) What are the differences in security model? If the VO model is 
> different, why is it different?
VOSpace uses SSO (WS-Security) for authentication but currently has no 
authorisation mechanism beyond what implementation dependent: Amazon 
uses credentials in the unsecure message to authenticate and has access 
control policies. VOSpace uses the agreed IVOA security model so that we 
have standardised security across all our services.

> (6) What does VOSpace do that Amazon cannot (and who is demanding that 
> extra feature?)
This is question (3) again.
> (7) Is there a problem in implementing Amazon on top of SRB?
Almost certainly.

Cheers,

    Matthew

More information about the vospace mailing list