Security in a Persistent Distributed Operating System

The MONADS computer architecture is based on a very large persistent virtual memory which eliminates the need for a conventional file store and filing system. This architecture supports persistent objects (modules) which are protected by capabilities and processes which persist not only between login sessions but also over system shutdowns. These features naturally give rise to a wide range of security advantages which would be very difficult to achieve in conventional systems. In this paper we describe these security advantages and discuss how they can easily be carried over to a distributed environment.

[1]  John Rosenberg,et al.  A Secure RISC-based Architecture Supporting Data Persistence , 1990, Security and Persistence.

[2]  James Leslie Keedy,et al.  A massive memory supercomputer , 1989, [1989] Proceedings of the Twenty-Second Annual Hawaii International Conference on System Sciences. Volume 1: Architecture Track.

[3]  John Rosenberg Support for Transactions in a Segmented Single Level Store Architecture , 1990 .

[4]  Paul A. Karger,et al.  Improving security and performance for capability systems , 1988 .

[5]  Roger M. Needham,et al.  On the duality of operating system structures , 1979, OPSR.

[6]  Roger M. Needham,et al.  The Cambridge CAP computer and its protection system , 1977, SOSP '77.

[7]  James Leslie Keedy,et al.  Object Management and Addressing in the MONADS Architecture , 1987, POS.

[8]  William A. Wulf,et al.  HYDRA , 1974, Commun. ACM.

[9]  Clifford Stoll,et al.  Stalking the wily hacker , 1988, CACM.

[10]  James Leslie Keedy,et al.  Support for Objects in the MONADS Architecture , 1989, POS.

[11]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[12]  Kai Li,et al.  Shared virtual memory on loosely coupled multiprocessors , 1986 .

[13]  Richard C. H. Connor,et al.  The Napier Type System , 1989, POS.

[14]  David Abramson,et al.  Implementing a large virtual memory in a Distributed Computing , 1985 .

[15]  John Rosenberg,et al.  MONADS-PC - a capability-based workstation to support software engineering , 1985 .

[16]  James Leslie Keedy,et al.  Persistent protected modules and persistent processes as the basis for a more secure operating system , 1992, Proceedings of the Twenty-Fifth Hawaii International Conference on System Sciences.

[17]  Maurice V. Wilkes,et al.  The Cambridge CAP computer and its operating system (Operating and programming systems series) , 1979 .

[18]  Li Gong On security in capability-based systems , 1989, OPSR.