论文信息 - Hidden software capabilities

Hidden software capabilities

Software capabilities are a very convenient means to protect co-operating applications. They allow access rights to be dynamically exchanged between mutually suspicious interacting applications. However in all the proposed approaches, capabilities are made available at the programming language level, requiring application developers to wire protection definition in the application code, which is detrimental to both flexibility and reusability. We believe instead that capabilities should be hidden from the application programmer allowing protection definition and application code to be clearly separated. In this paper we propose a new protection model based on hidden software capabilities, in which protection definition is completely disjoined from the application code and described in an extended interface definition language (IDL). This allows to specify protection for existing modules and to easily change the protection policy of an application. This protection model can be integrated in a wide range of operating systems. We are currently implementing it in a single address space operating system based on distributed shared memory.

[1] Oliver C. Kowalski,et al. Protection in the BirliX operating system , 1990, Proceedings.,10th International Conference on Distributed Computing Systems.

[2] Daniel Hagimont,et al. Protection in the Guide Object-Oriented Distributed System , 1994, ECOOP.

[3] Andrew Birrell,et al. Implementing remote procedure calls , 1984, TOCS.

[4] Elliott I. Organick,et al. The multics system: an examination of its structure , 1972 .

[5] Marc Shapiro,et al. Structure and Encapsulation in Distributed Systems: The Proxy Principle , 1986, ICDCS.

[6] Luis-Felipe Cabrera,et al. Fine-Grained Access Control in a Transactional Object-Oriented System , 1992, Comput. Syst..

[7] William A. Wulf,et al. HYDRA , 1974, Commun. ACM.

[8] Henry M. Levy,et al. Capability-Based Computer Systems , 1984 .

[9] Robbert van Renesse,et al. Using Sparse Capabilities in a Distributed Operating System , 1986, ICDCS.

[10] Maurice V. Wilkes,et al. The Cambridge CAP computer and its operating system (Operating and programming systems series) , 1979 .