MoteFS's security architecture is a layered system that allows diverse usage scenarios. Pure capability-based access allows clients to access data without needing expensive public key or authentication servers, or complicated administration. However, MoteFS's capabilities can also be watermarked, allowing a range of services to be added on a per-mount basis, up to and including traditional user authentication based on passwords or public keys.
Basing the system around the use of immutable snapshots enables the underlying system to use several performance optimizations aggressively. Performance results from our MoteFS prototype show that, far from adding overhead, the use of snapshots allows the system to perform comparably to NFS in the local-area case and significantly outperform existing systems in wide-area environments.