Steven Danneman

About Me

Steven in Macao

        I'm currently working as a Software Development Engineer in the Isilon Storage Division of EMC in Seattle, WA makers of scale-out NAS clusters. Previously I received my B.S. in Computer Science from the University of Washington.

        I'm also a member of the Samba team developing open source Windows interoperability software for the *nix world.

        In the time that's left over I enjoy cinema, traveling, and reading.


Identity Mapping in the OneFS Clustered File System - SDC 2012
        Building a NAS appliance, which seamlessly provides both SMB and NFS file sharing protocols, requires supporting both the authentication and access control semantics of Windows and Unix. In a unified file system like this, between the authentication and authorization steps, arises a requirement for identity mapping. ID mapping is a unique third step that equates security identifiers from both domains, in order to provide an authenticated ID that can be used in access control checks. This talk will cover the design and implementation of the Isilon OneFS identity mapping system.
Adding Role Based Access Controls onto a Unix Storage Platform - SDC 2011
        The traditional Unix authorization model defines an all powerful root user who can perform any system task, modify any file, and change any system configuration. This simple model produces several fundamental problems for a storage platform. The root user, whether maliciously or accidentally, can cause catastrophic data loss. They can also view and undetectably modify the contents of any file and thus need to be an extremely trusted individual. Solving these problems requires partitioning the traditional root administrative rights among many different users and limiting within the file system the ability of any one user to view and modify all files. This can be accomplished with Role Based Access Control.
A Comparison Between the Samba 3 and Likewise Lwiod SMB File Servers - SDC 2010, SambaXP 2010
        The Samba 3 smbd file server is the most predominantly deployed open source SMB server in the world. Lwiod is an open source SMB file server developed by Likewise Software. Both provide Windows file sharing functionality on Unix operating systems. In this presentation I compare and contrast the overall architecture and feature sets of these two servers from both an administrator and developer's perspective. Viewers should gain an understanding of the primary benefits and drawbacks of each implementation.
Permissions Mapping in the Isilon OneFS File System - SDC 2009
        There are a few authorization domains used widely today: POSIX mode bits and CIFS/NFSv4 Access Control Lists. Creating a file system which intelligently maps between different sets of file permissions is tricky. I explain how Isilon accomplishes this in its OneFS operating system. By mapping ACLs from one authorization domain to the other, our clustered file server provides one unified permissions model for CIFS, NFSv3 and NFSv4 clients.
Improvements in Samba to Take Advantage of OneFS - SambaXP 2009
        The Samba networking stack provides a modular framework for file system developers to optimally integrate their features with those expected from the SMB protocol. This presentation discusses how Isilon used this VFS framework to expose the NTFS equivalent functionality of OneFS to its Windows clients.
Using Samba with a Commercial Clustered Filesystem - CIFS Workshop 2007
        An overview of Isilon's distributed file system design and SMB networking stack utilizing Samba.