Home > Storage > PowerScale (Isilon) > Product Documentation > Protocols > Dell EMC PowerScale OneFS S3 Overview > OneFS S3 authentication and authorization
The S3 protocol enables accessing OneFS file-system data as objects. Every interaction with OneFS S3 is either authenticated or anonymous. Authentication verifies the identity of the requester trying to access OneFS data. After OneFS authenticates the requesting user or anonymous user, authorization is required to control which permissions the requester has for the required data. This section introduces how OneFS authenticates and authorizes each S3 request.
There are two types of uploading options when authenticating requests using the Authorization header of AWS Signature Version 4:
Some applications are using the chunked upload option by default, like AWS S3 Java SDK. Starting with OneFS 9.3.0, the chunked upload is introduced to enable these applications to work with OneFS S3 service seamlessly.
With chunked upload, you can break up your payload into chunks. These can be fixed or variable-size chunks. By uploading data in chunks, you avoid reading the entire payload to calculate the signature. Instead, for the first chunk, you calculate a seed signature that uses only the request headers. The second chunk contains the signature for the first chunk, and each subsequent chunk contains the signature for the chunk that precedes it. At the end of the upload, you send a final chunk with 0 bytes of data that contains the signature of the last chunk of the payload. You can refer to AWS S3 Chunked Upload for more details.