RESUME OF MICHAEL R EISLER

Copyright (c) 2001, 2006, 2009 Michael R. Eisler, All Rights Reserved

This resume was posted by me to my website at http://www.eisler.com/resume. If you found it at any other website, it did not come from me.

Revised: 2009-04-06

 

CONTACT INFORMATION

• Email:
• mre5565  AT yahoo.com
• Web:
• http://nfsworld.blogspot.com
• http://www.eisler.com
• Post:
• 5765 Chase Point Circle, Colorado Springs, CO  80919
• Telephone:
• Work: 719 599 9026
• Home: 719 599 8759

 

TECHNICAL SKILLS

• Computer languages:
• C
• Security:
• GSS-API, Kerberos V5
• Knowledgeable on how to integrate security into existing applications and protocols.
• Conversant with current U.S. Export Control compliance regulations.
• Networking:
• NFS, TCP/IP, Streams, Ethernet

 

PROFESSIONAL EXPERIENCE

• 7/2002 – present: NetApp, Inc., Sunnyvale, CA (Senior Technical Director, NAS business unit and CTO office)
• Providing technical over sight for a worldwide team of 60 NFS engineers
• Directing strategy for NFS on NetApp’s storage operating systems
• Designer and editor of NFSv4.0 and NFSv4.1 protocols:
• pNFS
• A novel approach to client machine credential management
• Proposed extensions for block-level caching, de-duplication, metadata striping
• Member of CTO’s system architecture team
• Led a cross functional program to deliver a certified IPv6 feature for Data ONTAP.
• Directed a team of engineers who designed and implemented four projects to increase NFS server scalability and availability.
• Designed global namespace feature for next generation storage operating system.
• Scaled Kerberized NFS
• Obtained approvals for export of Network Appliance’s operating system product.
• 5/2000 - 5/2002: Zambeel, Inc., Fremont, CA (Distinguished Engineer)
• Lead engineer for Zambeel's first product release.
• Architected NFS and CIFS features.
• Designed and implemented cache coherency aspects of clustered file system.
• 11/2000 - 5/2000: Sun Microsystems, Inc., Santa Clara, CA (Senior Staff Engineer in the Java Consumer and Embedded division)
•  Became conversant with JavaCard technology and developed a framework for adding custom applets to an identity card.
• 6/1992 - 11/2000: Sun Microsystems, Inc., Menlo Park, CA (Senior Staff Engineer for the Solaris software division)
• NFSv4
• Drove senior executives to standardize NFSv4 in an open standards body.
• Led formation of NFSv4 working group at IETF.
• Co-designed the NFSv4 protocol and drove Internationalization, Security, and User and Group identification, minor versioning
• Implemented basic operations like COMPOUND, GETATTR, LOOKUP, READDIR, READ, WRITE in the Solaris NFSv4 client and server
• Security
• Co-designed the RPCSEC_GSS security protocol that uses the Generic Security Services API (GSS-API) to secure RPC applications (including NFS).
• Re-Architected the security of NFS and the NIS+ directory service around a Generic Security Services (GSS) framework of pluggable security modules.
• Conceived a single network sign-on strategy built around Kerberos V5 that would permit transparent use of security across all network services.
• Led the Sun Enterprise Authentication Mechanism (SEAM) 1.0 project, a Kerberos V5 implementation for Solaris 2.6 and Solaris 7. This was a 5 year, 3 phase, 15 person project, led from a remote location. Other roles included:
• Served as architect for project.
• Wrote Java-based installer and System V packages.
• Provided Beta program's technical support.
• Corrected several internationalization problems and acted as liaison with localization groups.
• Designed a scheme for plugging in security mechanisms into GSS-API that passed U.S. Export Control muster.
• Implemented GSS-API service provider interface for Solaris kernel. Ported GSS-API to 64 bit data model
• Coordinated with a team that implemented a GSS framework for NIS+.
• Member of Sun wide team that designed a coherent security strategy for Solaris.
• Participated in build/buy negotiations and decisions around core technologies: Kerberos V5, GSS/RPC, SSH.
• Drove the formation of a marketing study of customer security requirements.
• Represented Sun in meetings with National Security Agency to obtain export control approvals for Solaris, Kerberos and Java GSS-API products.
• Advised several groups within Sun on how to design for export compliance.
• WebNFS for Solaris
• Co-invented WebNFS concept.
• Prototyped WebNFS extensions to the NFS server to facilitate its use on the Internet and simplify accessibility by web browsers and Java applets.
• Implemented a WebNFS client in the mount and automounter utilities to permit NFS access through firewalls.
• Raised consciousness on Year 2000 issues within Sun. Represented Solaris networking to Y2000 task force. Coordinated all Year 2000 repairs in Solaris 2.6 networking code.
• Led NFS File Sets project from design to prototype stage until budget cuts forced suspension of project.
• Designed a mechanism for volume migration between NFS servers.
• Implemented a pseudo-disk driver that created virtual disks out of large regular files stored on local or remote file systems.
• Led the Solaris NFS/TCP project. Other roles included:
• Architecture and design
• Bug fixing.
• Coordinating with off site contractor.
• Member of team that developed NFS server that was the basis for Sun's industry leading NFS performance results (SPEC SFS benchmark).
• 9/1989- 5/1992: Pyramid Technology, San Jose, CA
  Member of team that produced the first port of System V Release 4 (SVR4) to the MIPS R3000 processor.
• Modified a socket-based AMD Lance Ethernet driver to run within STREAMS.
• Implemented a network kernel debugger interface that multiplexed traffic from the Ethernet to either the SVR4 kernel or a co-resident debug monitor. This allowed a remote debugger to send debug commands to the monitor to permit symbolic debugging of the UNIX kernel.
• Brought up transport independent RPC, NFS, and TCP/IP.

Member of team that produced first port of SVR4 to a symmetric multiprocessor. Responsible for STREAMS framework.

• Modified SVR4 STREAMS to run on multiprocessor.
• Developed interface for allowing developers to ``symmetrize'' their modules to run in a symmetric multiprocessor STREAMS framework.
• Symmetrized SVR4's socket module (sockmod).
• Reworked (and multithreaded) the NFS client's policies for management of rnode allocation.
• Scaled TCP/IP to handle thousands of connections to improve database performance by adding hash lists.
• Improved TCP/IP response by analyzing for latencies and by reducing service procedure usage.
• 5/1988 - 8/1989: ELXSI, San Jose, CA
  Responsible for new feature development and support of ELXSI's System V.3 and 4.3BSD operating systems on ELXSI's message-based multi-processor.

• Added diskless NFS client support to ELXSI's BSD NFS server.
• Ported STREAMS-based TCP/IP to ELXSI's System V system.
• Ported RFS to ELXSI's System V.
• Wrote a STREAMS-based Ethernet device driver for ELXSI's System V.
• Prototyped system call performance enhancements by reducing message overhead. ELXSI messages were a relatively slow method for implementing "system calls" from applications to the UNIX kernel (maximum 10 megabyte/sec throughput). However, ELXSI's hardware supported a notion of primitive messages that were faster, at the expense of being very small. Designed interfaces to squeeze in information on the call and return to optimize the frequent cases.
• Improved STREAMS TCP/IP throughput by a factor of 4 times. This involved tuning high water marks, fixing bugs that prevented tuning from taking effect, changing socket stream head to make fewer putnext() calls to the stream, increasing TCP window sizes, and modifying ELXSI's system call interface to send large amounts of data via the memory manager server instead of within the system call message.
• 1/1987 - 4/1988: Lachman Associates (LAI), Naperville, IL
  Line manager for LAI's major products, System V NFS and System V STREAMS TCP.

• Delivered the first release of System V STREAMS TCP to market.
• Delivered follow on releases of System V NFS.
• Participated in the negotiations that led to the bundling of System V STREAMS TCP into System V Release 4.
• 1/1985 - 4/1988 Lachman Associates, Naperville, IL
  Responsible for development and maintenance of products and custom projects.

• Ported System V.2.2 NFS from the VAX porting base to ARIX's System V.2.1 platform. Required introducing Vnodes to ARIX's operating system, and coping with file system and memory management differences between System V.2.2 and System V.2.1.
• Ported System V.3 NFS from 3b2 porting base to x86 System V platform.
• Converted Precision Visual's graphics package to render images from ELXSI system onto Sun work station. This was done without using the X or NeWS window systems, and instead by adding Sun-RPC calls at the point where PVI's package entered device dependent logic.
• Ported NIS from SunOS to System V Release 2. The port from SunOS to System V was from a big-endian architecture (MC68000) to little-endian (VAX), thereby uncovering byte-swapping portability problems. In addition, developed a mechanism for dealing with map names longer that the 14 character file component limit on the System V file system.
• Implemented a socket library and UDP/IP protocol stack for a 3b15 running System V.2. A socket library was required for running a user-level NFS implementation on the 3b15. The 3b15 had no networking, except for raw access to the Ethernet controller. Used System V IPC (shared memory and messages) to exchange data from applications to master listening process. Implemented ARP from RFC specification.
• Supported Amdahl's pre-alpha S/370 UNIX implementation at one of its customer sites. Debugged kernel crashes. Prototyped fixes on site.

 

PUBLICATIONS

• Co-author of the book, Managing NFS and NIS, Second Edition, ISBN: 1565925106
• Primary Author of “Data ONTAP GX: A Scalable Storage Cluster”, Fifth USENIX Conference on File and Storage Technologies. February, 2007, San Jose, CA.
• Co-author of  The NFS Version 4 Protocol,  SANE 2000 Conference, May 24, 2000
• Primary Author/Presenter of "Security Mechanism Independence in ONC RPC", Sixth USENIX Security Symposium. July 1996, San Jose, CA.
• Internet RFC 3530 - NFS version 4 Protocol (co-author)
• Internet RFC 2847 - LIPKEY - A Low Infrastructure Public Key Mechanism Using SPKM
• Internet RFC 2755 - Security Negotiation for WebNFS (co-author))
• Internet RFC 2623 - NFS Version 2 and Version 3 Security Issues and the NFS Protocol's Use of RPCSEC_GSS and Kerberos V5
• Internet RFC 2203 (Primary author) - RPCSEC_GSS Protocol Specification

 

EDUCATION

• University of Central Florida, Orlando, FL
• MS in Computer Science, 1985.
• BS in Computer Science, 1983.

 

ISSUED AND APPLIED FOR US PATENTS

Note: only those visible on US PTO web site are listed.

• 5,737,523 Methods and Apparatus for Providing Dynamic Network File System Client Authentication.
• 20090024814 Providing an Administrative Path for Accessing a Writeable Master Storage Volume in a Mirrored Storage Environment.
• 20080046538 Automatic load spreading in a clustered network storage system.

 

PROFESSIONAL AFFILIATIONS

• Member of USENIX Association
• Internet Engineering Task Force (IETF) working groups
• Active participant in nfsv4
• Past participant in:
• Oncrpc
• Common authentication technology
• IPsec
• Ssh
• Tls