论文信息 - Type System Support for Dynamic Revocation

Type System Support for Dynamic Revocation

Safe languages provide mechanisms to share data among multiple protection domains in a protected fashion, but lack support for revocation and control over resource usage. This paper describes a type system extension, called permits, to support the revocation of data structures. Permits use a combination of static and run-time checks to ensure the revocability of data shared between safe language tasks, with a minimum of run-time overhead. The paper presents the syntax for this extension formally, and summarizes our experience with implementing the type system in a real language.

Thorsten von Eicken | Chris Hawblitzel | C. Hawblitzel | T. V. Eicken

[1] Godmar Back Patrick Tullmann Leigh Stoller Wilson C. Hsie Lepreau. Java Operating Systems : Design and Implementation , 1998 .

[2] Dan S. Wallach,et al. Extensible security architectures for Java , 1997, SOSP.

[3] J. Liedtke. On -Kernel Construction , 1995 .

[4] John C. Mitchell,et al. Abstract types have existential type , 1988, TOPL.

[5] Hanspeter Mössenböck. The Oberon System , 1992, TOOLS.

[6] Deyu Hu,et al. Implementing Multiple Protection Domains in Java , 1998, USENIX Annual Technical Conference.

[7] Frank Pfenning,et al. Eliminating array bound checking through dependent types , 1998, PLDI.

[8] Henry M. Levy,et al. Capability-Based Computer Systems , 1984 .

[9] David Walker,et al. Typed memory management in a calculus of capabilities , 1999, POPL '99.

[10] Brian N. Bershad,et al. Extensibility safety and performance in the SPIN operating system , 1995, SOSP.

[11] William A. Wulf,et al. HYDRA/C.Mmp, An Experimental Computer System , 1981 .

[12] Yogen K. Dalal,et al. Pilot: an operating system for a personal computer , 1980, CACM.

[13] Andrew W. Appel,et al. Compiling with Continuations , 1991 .

[14] David D. Redell,et al. NAMING AND PROTECTION IN EXTENDABLE OPERATING SYSTEMS , 1974 .