Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved



Glossary
A
ActiveSpaces distributed application system
A set of ActiveSpaces programs that cooperate to fulfill a mission.
ActiveSpaces program
A program that uses ActiveSpaces software to work collaboratively over a shared data set that is represented by one or more tuple spaces.
ACL
Access Control List (ACL). A list of subjects and groups and the permissions granted to the subjects or to members of groups, which controls access to ActiveSpaces resources. You specify ACLs in the policy file for a security domain with the access_control setting, which can be set to true or false.
agent
A optional standalone process or daemon that is part of ActiveSpaces and provides services or features to the space. Using the Admin CLI, the administrator launches ActiveSpaces agents on the host or hosts where these services will run. They currently provide the following services:
1.
Persist the system spaces configuration information to disk.
2.
associative array
A collection of values with unique keys, where each key is associated with one value. The keys can be any object, not necessarily an integer. A space can be used as an associative array.
authentication source
An ActiveSpaces component that presents credentials to an external authenticator and decides whether a supplied Credential—retrieved by the Authenticator—is valid. The authentication source can be an LDAP client, an OS or Pluggable Authentication Modules (PAM) login, a smart-card, an API invoker and so on. The authenticator performs the verification by connecting to an external resource (such as an LDAP v3 directory server) or by invoking local system calls, such as win32 LogonUser() or with UNIX/Linux, pam_authenticate().
 
authenticator
An ActiveSpaces component that establishes a unique association between a subject and an identity through its credentials. The authenticator securely obtains Credentials from authenticating components to generate Subject—Credential associations. The authenticator converts and forwards the credential to the component, which verifies its validity.
C
cache
A generic term commonly used to refer to a repository of data that duplicates original values stored elsewhere, making that data more readily available to be fetched quickly where it is needed. In ActiveSpaces, a cache is distinguished from a tuple space in that data may be evicted from a cache without notification, for instance, to make space for other data. In this case, the evicted data, if needed later, will be fetched from the original data store, of which the cache is merely a copy. Data is never evicted from a space without notification; it is only removed if it expires or is deliberately taken out. It is possible to configure a space to act as a cache by setting a capacity and an eviction policy other than none in the space's definition.
cluster
A group of linked computers working closely together to increase scalability, and to maximize performance and availability beyond what can be achieved by a single computer of comparable power.
coherency
When multiple identical copies of data are maintained, coherency is a quality that indicates the copies are kept in synch when the original data changes.
credential
An object that can be used to establish the identity of a requestor node. This can be data:
D
distributed cache
A cache that uses multiple locations for storage of data.
distributed in-memory tuple space
A generic term for the category of software product that includes ActiveSpaces. The data in a tuple space is distributed over multiple machines for scalability and failover, and it is stored in memory for optimal performance.
data grid
A data store that is distributed over a cluster comprised of multiple machines or members. With ActiveSpaces, the capacity of the data grid scales linearly as you add members to the cluster.
data partitioning
Distributing a set of data over a cluster of members. ActiveSpaces performs data partitioning transparently, based on the members that have been provided to the tuple space. Developers do not need to concern themselves with which parts of the data are stored on which members.
data
A means of providing fault tolerance where a copy of data from one member is stored on another member, so that no member can be a single point of failure. When is enabled for a space, the replicates are updated whenever tuple data changes through a put or take command. (A get command will not cause replicates to be updated, since it does not change the data.)
There are two kinds of , synchronous and asynchronous. Synchronous will have an impact on performance, since it involves putting (or taking) data and replicating it in a single transaction. With asynchronous , there is little perceptible impact on performance, but there is a small amount of time where the data is not fully replicated.
Whether or not a space is replicated and, if so, whether the is synchronous or asynchronous, is specified when the space is created. The administrator can also specify the degree of , that is, how many replicas of the data will be created.
With synchronous , the administrator or application has immediate verification of whether or not the was successful, because if it was not, then the put or take command that triggered the attempted will itself fail, returning an error message. In asynchronous mode, the command will succeed, regardless of successful . An application or administrator can listen to advisory spaces to determine whether there was a problem with for an instance of asynchronous .
If a space is being used as a cache-aside, the space will normally be created without , since the system of record for that data will be a database. In this case, if the single member containing the space goes down or is offline, the data can be obtained from the database.
domain data key
Used for memory- and local-persistence encryption. It can be generated or regenerated by using the as-admin tool;.
E
entry
An entry represents a tuple that is stored in a space. While a tuple is made up of a key and value, an entry is made up of the tuple plus the metadata associated with its being stored in a space. In addition to details used internally by ActiveSpaces, the metadata includes the entry’s time-to-live value (TTL), that is, how much time is left before the entry expires, at which time it will be deleted from the space.
event
In ActiveSpaces, an event reflects a change to some of the data in a space or a change in state of a space or member.
event listener
See space listener.
event notification
An asynchronous message sent to event listeners when data changes. The message takes the form of an invocation of a callback method on the space listener.
F
field
A field is a portion of a tuple, similar to a single value (or row) in a column of a database table. A field is associated with a name, a type, and a value.
G
group
A group that can be used to organize users and domain objects, thus simplifying administration. Security groups allow you to assign the same security permissions to a large numbers of users or requestors, such as employees in a single department or in a single location or nodes in a security domain, ensuring that security permissions are consistent across all members of a group.
The security group can include:
For example, a security group named group3 can include users (user6 and user7) and also other security groups, such as a group named group2.
For example, My Ldap X509Cert CN, which represents ian X509 v3certificate
H
hash map
An associative array that uses a hash function to optimize search and insertion operations. The hash function transforms the key into a hash, a number that is used as an index in an array to locate the values during a lookup.
I
Identity
A set of properties of an entity that can be used to uniquely distinguish it from other entities. A logical association with:
K
key
A unique value based on the value of one or more fields.
The key is used to implement the insertion policy for a tuple. The key is also used by the ActiveSpaces distribution algorithm to determine how data is distributed.
L
leech
A member that joins a space but does not lend any resources to the space, such as memory or processing power. Distinct from a seeder.
listener
See space listener.
lock
An application can lock an entry so that the entry cannot be modified (but can still be read) until the lock is explicitly removed.
M
member
A process, either an application or an agent, that is linked to the ActiveSpaces libraries and is joined to a space as one of a cluster of members. A single machine may contain more than one member. A member can be a seeder or a leech, depending on whether or not it lends resources to the space.
A member can be a seeder in one space and a leech in another.
metaspace
An administrative collection of system spaces and user spaces sharing the same transport argument, which includes a multicast address that can be used for messages (event notifications).
A metaspace is a container for managing a number of user spaces, and a group of members that are working together in a cluster. The metaspace is the initial handle to ActiveSpaces. An application or member first joins a metaspace, and through it, gets access to other objects and functionality.
N
node
A term sometimes used in place of the term member. This usage can be confusing, because the term node is most often used outside of ActiveSpaces to refer to a machine, whereas within ActiveSpaces, a single machine may contain more than one member.
P
peer
A process that has connected to a metaspace and joined a space as either a seeder or a leech.
permission
A specific set of access control permissions possessed by either a user or a group, which defines how to access Resources in the Security Domain. Permissions are granted to specific scopes—to metaspaces or spaces.
The privilege that is granted depends on the scope level; for example, at the metaspace level, specified metaspaces or all metaspaces can be granted access to transactions, or to connections, and at the space level, specified spaces or all spaces can be granted access to read, write, delete, browse, lock, or seed operations.
Rights or privileges are specified in a permissions table that you code in the policy file for a domain
R
relaxed coherency
If there are multiple copies of a tuple (due to or local caching), any change to the tuple is reflected in those copies as quickly as possible. ActiveSpaces uses relaxed coherency in most modes of operation. (See strict coherency.)
requestor
An ActiveSpaces node that requests access to resources (by attempting to join one or more metaspace) controlled by one or more Security Domain Controllers.
resource
ActiveSpaces objects such as metaspaces, spaces or tuples.
S
scalability
For data stores, the ability to contain ever-increasing amounts of data. ActiveSpaces offers linear scalability, meaning that storage capacity and performance increase at a constant rate as members are added to a space.
security domain
A context in which uniform and consistent security settings can be enforced on a defined set of metaspaces. A metaspace can only be contained (managed) by one domain at a time. Within a domain, secured transports are negotiated between pairs of nodes, independent of other nodes. Memory- and local-persistence encryption use a shared secret, stored protected by the managing node’s identity (see the definition for Security Domain Controller).
security domain controller
An ActiveSpaces node that is dedicated to enforcing the policy definitions for one or more Security Domains. You should set up multiple security domain controllers for each security domain to provide fault tolerance for security.
security policy
The definition of security preferences for one or more Security Domains. The policy configuration is specified in a policy file that you create by using the as-admin define | create security_policy command. The policy file contains:
For information on creating the domain identity, see Creating a Security Policy File.
For information on creating the domain identity, see Security Policy Files.
security token
A file that is deployed on nodes that need to connect to access- controlled and/or secured ActiveSpaces Resources. The token comprises:
An X509v3 trust anchor for a Security Domain to establish initial trust. The trust anchor consists of the security key and security certificate for the domain which are contained in the policy file for the domain.
seeder
A member that joins a space and lends resources, such as memory and processing power, to the scalability of the space. Distinct from a leech.
In a distributed space, all peers are responsible for seeding certain tuples.
In a non-distributed space, one of the peers is assigned to be the seeder, determined by the ActiveSpaces distribution algorithm.
Ideally, peers are relatively stable, since there is overhead to reorganize the distribution of the tuples among the remaining peers when a peer leaves the space. For this reason, a transient application—one that will leave and join the space frequently—should generally be configured to join the space as a leech, rather than as a peer.
Note that agents are always seeders, not leeches. Agents provide an efficient, stable means of increasing the scalability of a space. Also, note that multiple seeders cannot be created from a single client program.
For each entry in a space, the ActiveSpaces distribution algorithm designates one seeder as the seeder of that tuple, whether or not the tuple is replicated on other members. The seeder holds and owns the authoritative copy of the complete tuple.
If the space has multiple seeders, a tuple may be held by different seeders at different times. If the current seeder of the entry leaves the space, another seeder is chosen as the entry’s new seeder, and the entry is then copied over to the new seeder.
Shared-All Persistence
With shared-all persistence, certain space members are designated as persisters — to provide the service of interacting with a persistence layer, just as some of the space members — the seeders — provide the basic space service.
Shared-Nothing Persistence
Each node that joins a space as a seeder maintains a copy of the space data on disk. Each node that joins as a seeder writes its data to disk and reads the data when needed for recovery and for cache misses
space browser
A space browser, created with the ActiveSpaces API, allows an application to iterate through the entries in a space. There are four kinds of space browsers: EventBrowser, GetBrowser, TakeBrowser, and LockBrowser. All space browsers have a single method, next, which returns an entry to the calling process. Space browsers are described in more detail in this document and in the API documentation.
space listener
The portion of your code that comprises a callback function to be invoked by ActiveSpaces when certain data changes or certain events occur. A listener is similar to a subscriber in a publish-subscribe messaging system.
The events for which callback functions will be invoked are lock, put, take, and unlock.
Depending on the distribution scope of the listener two additional callback functions, onSeed and onUnseed, can be invoked to monitor seeder changes due to re-distribution of entries when a seeder joins or leaves a space.
strict coherency
When there are multiple copies of a set of data (due to or local caching), strict coherency means that any change to the data must be applied to all copies at the same time. Because this adversely impacts performance, and because relaxed coherency offers nearly the same degree of coherence, ActiveSpaces provides strict coherency only for spaces that are non-distributed, that is, where only a single copy of the data exists. (See relaxed coherency.)
subject
An entity that is associated with an Identity through a Credential. A subject represents a single aspect of a Credential; for example, the name of a user or the common name value of the distinguished name component of an X509v3 certificate.
system spaces
A set of administrative spaces that are created and maintained by ActiveSpaces and are used to describe the attributes of the spaces. Distinct from user spaces.
T
tuple
A typed data object that is stored in a space. Similar to a row in a database table.
tuple space
A collection of tuples. Similar to a table in a database.
U
user spaces
Spaces that are defined by the user. Distinct from system spaces.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved