论文信息 - Protection in the OSKAR Opereting System: Goals, Concepts, Conseqeuences

Protection in the OSKAR Opereting System: Goals, Concepts, Conseqeuences

Present protection mechanisms in operating Systems are usually dedicated to provide reliability within the operating system. This paper presents a design that can be used to solve basic information protection problems by means of the operating system as well. It is based on a uniform system structuring unit, called a subsystem, and allows rather fine grain protection strategies to be reallzed. Further differences to other approaches lie in the notion of subject used and in the very detailed form privileges can be granted. The paper introduces the basic concepts, sketches on some implementation aspects and discusses the consequences of the approach. The ideas are currently implemented as part of the OSKAR operating system project.

[1] D. L. Parnas,et al. On the criteria to be used in decomposing systems into modules , 1972, Software Pioneers.

[2] B. H. Liskov,et al. Specification techniques for data abstractions , 1975, IEEE Transactions on Software Engineering.

[3] F. de P. Hanika,et al. Introduction to Operating System Design , 1976 .

[4] Eduardo B. Fernández,et al. Data Base Security: Requirements, Policies, and Models , 1980, IBM Syst. J..

[5] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.

[6] Robert S. Fabry,et al. Capability-based addressing , 1974, CACM.

[7] Peter J. Denning,et al. Protection: principles and practice , 1972, AFIPS '72 (Spring).

[8] David Jefferson,et al. Protection in the Hydra Operating System , 1975, SOSP.

[9] Gerald J. Popek,et al. Encapsulation: an approach to operating system security , 1974, ACM '74.