Architectural implications of abstract data type implementation

Authors:
Virgil D. Gligor
Affiliations:
-
Venue:
ISCA '79 Proceedings of the 6th annual symposium on Computer architecture
Year:
1979

Citing 14
Cited 1

Fault Tolerant Operating Systems

ACM Computing Surveys (CSUR)
Operating System Structures to Support Security and Reliable Software

ACM Computing Surveys (CSUR)
Reflections on an operating system design

Communications of the ACM
The UNIX time-sharing system

Communications of the ACM
Synchronization of communicating processes

Communications of the ACM
Protection in programming languages

Communications of the ACM
HYDRA: the kernel of a multiprocessor operating system

Communications of the ACM
Types are not sets

POPL '73 Proceedings of the 1st annual ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Towards more flexible type systems

Programming Symposium, Proceedings Colloque sur la Programmation
The Cambridge CAP computer and its protection system

SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
A verifiable protection system

Proceedings of the international conference on Reliable software
Protection in programmed systems.

Protection in programmed systems.
Computer system organization: The B5700/B6700 series (ACM monograph series)

Computer system organization: The B5700/B6700 series (ACM monograph series)
The multics system: an examination of its structure

The multics system: an examination of its structure

Toward type-oriented dynamic vertical migration

ACM SIGMICRO Newsletter

Quantified Score

Hi-index	0.00

Visualization

Abstract

Some protection mechanisms support the implementation of abstract type objects. The “separation of privilege” and the “least privilege” principles define several requirements that must guide the design of such protection mechanisms. Some of these requirements can be used to eliminate inadequate or unnecessary mechanisms. Type protection mechanisms and some of the requirements of the least privilege principle have either practical theoretical limitations. To mitigate these limitations, a capability-based architecture must support (1) the migration of abstract type objects outside the control of their type manager, and (2) inexpensive, small segments. To meet the requiements of the “separation of privilege” and “least privilege” principles, a capability-based architecture only needs to support (1) protected procedures and (2) “explicit” mechanisms for separating access privileges to objects and to object representations.