Sharing and protection in a single-address-space operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on computer architecture
HYDRA: the kernel of a multiprocessor operating system
Communications of the ACM
Capability-Based Computer Systems
Capability-Based Computer Systems
Protection in the Guide Object-Oriented Distributed System
ECOOP '94 Proceedings of the 8th European Conference on Object-Oriented Programming
ICDCS '96 Proceedings of the 16th International Conference on Distributed Computing Systems (ICDCS '96)
The multics system: an examination of its structure
The multics system: an examination of its structure
Hi-index | 0.00 |
This paper presents a protection model based on software capabilities. Its main advantage is that capabilities are hidden from the application programmer, allowing the protection policy of an application to be defined independently from the application code. This is very interesting for protecting an already developed application.Our claim is that this protection model is well suited for a wide range of environments, from clusters of tightly coupled servers to large loosely coupled servers on the Internet. It is particularly interesting when applications are built by assembling many existing pieces of code into a single application.We argue our claim by describing our model and its integration in three different environments: a DSM (Distributed Shared Memory )system [Pérez 95], CORBA (Common Request Broker Architecture) [OMG 91] and the Java programming environment [Java 95].The rest of the paper is structured as follows. In section 2, we provide an overview of our protection model based on hidden software capabilities. Section 3 discusses the integration of this model in a DSM system, an ORB and the Java environment. We conclude in section 4.