Check out the new USENIX Web site. next up previous
Next: Taking Advantage of Diversity Up: The Phoenix Recovery System: Previous: Introduction


Backups are a common way to protect data from being lost as a result of a catastrophe. We know of three approaches to backup.

Local backup is the most common approach for recovering from data loss, and it has many advantages. Users and organizations have complete control over the amount and frequency with which data is backed up. Furthermore, tape and optical storage are inexpensive, high capacity devices. However, large organizations that have large amounts of data have to employ personnel to provide the backup service. Individual home users often do not use it because of the time and hassle of doing so, causing home systems to be highly vulnerable to exploit and potential data loss.

Another approach is to use a commercial remote backup service, such as DataThought Consulting [4] or [9]. This approach is convenient, yet expensive. Currently, automatic backup via a modem or the Internet for 500MB of data costs around $30-$125 a month.

Cooperative remote backup services provide the convenience of a commercial backup service but at a more attractive price. Instead of paying money, users relinquish a fraction of their computing resources (disk storage, CPU cycles for handling requests, and network bandwidth for propagating data). pStore [1] is an example of such a service. However, its primary goal is to tolerate local failures such as disk crashes, power failures, etc. Pastiche [2] also provides similar services, while trying to minimize storage overhead by finding similarities in data being backed up. Its aim is also to guard against localized catastrophes, by storing one replica of all data in a geographically remote location.

We believe that a cooperative, distributed system is a compelling architecture for providing a convenient and effective approach for tolerating Internet catastrophes. It would be an attractive system for individual Internet users, like home broadband users, who do not wish to pay for commercial backup service or do not want the hassle of making their own local backups frequently. Users of Phoenix would not need to exert any significant effort to backup their data. Specifying what data to protect can be made as easy as specifying what data to share on a file sharing peer-to-peer system. Further, a cooperative architecture has little cost in terms of time and money; instead, users relinquish a small fraction of their computer resources to gain access to a highly resilient backup service. A user specifies an amount $F$ of bytes from its disk space to be used by the system, and the system would protect a proportional amount $F/k$ of its data. We observe that the value $k$ depends on the host diversity, and can differ among the hosts. In addition, the system would limit the network bandwidth and CPU utilization to minimize the impact of the service on normal operation.

To our knowledge, Phoenix is the first effort to build a cooperative backup system resilient to wide-scale Internet catastrophes.

next up previous
Next: Taking Advantage of Diversity Up: The Phoenix Recovery System: Previous: Introduction