Naming and Protection in Extendible Operating Systems

Abstract

The properties of capability-based extendible operating systems are described, and various aspects of such systems are discussed, with emphasis on the conflict between free distribution of access privileges and later revocation of those privileges. The discussion culminates in a set of goals for a new scheme. A new design is then proposed, which provides both type extension and revocation through the definition of generalized sealing of capabilities. The implementation of this design is discussed in sufficient detail to demonstrate that it would be workable and acceptably economical. The utility of the proposed capability mechanism is demonstrated by describing two facilities implementable in terms of it. These are: (a) revocable parameters for calls between mutually suspicious subsystems, and (b) directories providing a civilized dedium for the storage and distribution of revocable capabilities.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 01, 1974
Accession Number
ADA001721

Entities

People

  • David D. Redell

Organizations

  • Massachusetts Institute of Technology

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Human Systems
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • California
  • Computer Access Control
  • Computer Programming
  • Computer Science
  • Computers
  • Construction
  • Content Addressable Memory
  • Directories
  • Hash Tables
  • Hierarchies
  • Information Processing
  • Information Systems
  • Law
  • Operating Systems
  • Reliability
  • Security
  • Standards

Readers

  • Materials Science and Engineering.
  • Parallel and Distributed Computing.
  • Systems Analysis and Design