Some comments on the implementation of capabilities
Australian Computer Journal
The Mungi single-address-space operating system
Software—Practice & Experience - Special issue on multiprocessor operating systems
A note on the confinement problem
Communications of the ACM
Protection in the Hydra Operating System
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Protection domain extensions in Mungi
IWOOOS '96 Proceedings of the 5th International Workshop on Object Orientation in Operating Systems (IWOOOS '96)
Design, implementation and performance of protection in the mungi single address space operating system
Covert channel analysis of the password-capability system
ACSAC'05 Proceedings of the 10th Asia-Pacific conference on Advances in Computer Systems Architecture
Object protection in distributed systems
Journal of Parallel and Distributed Computing
Hi-index | 0.00 |
The Password-Capability System has been designed as an operating system kernel suitable for general-purpose computing in a hostile environment It has an access control mechanism based on password-capabilities, on top of which a confinement mechanism and a type management mechanism are layered This paper studies the security of these mechanisms We find that the mechanisms leak information which can be utilised by an attacker Furthermore, we find that conditions placed on the generation of password-capabilities by the mechanisms enable the attacker to forge password-capabilities more efficiently than by exhaustive search We show that all the discovered attacks can be prevented This paves the way for the use of the mechanisms in a highly secure third-generation of the Password-Capability System.