SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
The performance of μ-kernel-based systems
Proceedings of the sixteenth ACM symposium on Operating systems principles
Modern C++ design: generic programming and design patterns applied
Modern C++ design: generic programming and design patterns applied
Eros: a capability system
Robust composition: towards a unified approach to access control and concurrency control
Robust composition: towards a unified approach to access control and concurrency control
A case study on the cost and benefit of dynamic RPC marshalling for low-level system components
ACM SIGOPS Operating Systems Review
Taming subsystems: capabilities as universal resource access control in L4
Proceedings of the Second Workshop on Isolation and Integration in Embedded Systems
seL4: formal verification of an operating-system kernel
Communications of the ACM
NOVA: a microhypervisor-based secure virtualization architecture
Proceedings of the 5th European conference on Computer systems
Capsicum: practical capabilities for UNIX
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
The oz-e project: design guidelines for a secure multiparadigm programming language
MOZ'04 Proceedings of the Second international conference on Multiparadigm Programming in Mozart/Oz
| Hi-index | 0.00 |
Recent trends in secure operating systems indicate that an object-capability system is the security model with pre-eminent characteristics and practicality. Unlike traditional operating systems, which use a single global name space, object-capability systems name objects per protection domain. This allows a fine-grained isolation of the domains and follows the principle of least authority. Programming in such an environment differs considerably from traditional programming models. The fine-grained access to functionality requires a programming environment that supports the programmer when using a capability system. In this paper, we present an object-oriented framework that uses the C++ programming language to offer a frame-work for building and using operating-system components and applications.