A lattice model of secure information flow
Communications of the ACM
Reflections on an operating system design
Communications of the ACM
Modularization and hierarchy in a family of operating systems
Communications of the ACM
Communications of the ACM
Monitors: an operating system structuring concept
Communications of the ACM
A note on the confinement problem
Communications of the ACM
BLISS: a language for systems programming
Communications of the ACM
HYDRA: the kernel of a multiprocessor operating system
Communications of the ACM
Overview of the Hydra Operating System development
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Policy/mechanism separation in Hydra
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Protection in the Hydra Operating System
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
A comment on the confinement problem
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
The Multics kernel design project
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
On attaining reliable software for a secure operating system
Proceedings of the international conference on Reliable software
ACM Transactions on Computer Systems (TOCS)
Extending a capability based system into a network environment
SIGCOMM '86 Proceedings of the ACM SIGCOMM conference on Communications architectures & protocols
From RIG to Accent to Mach: the evolution of a network operating system
ACM '86 Proceedings of 1986 ACM Fall joint computer conference
In support of domain structure for operating systems
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
Ada packages and distributed systems
ACM SIGPLAN Notices
Hi-index | 0.00 |
An extensible file system has been designed and implemented for Hydra, an advanced capability-based operating system. This system demonstrates three notable contributions to subsystem design: - It provides a protected and efficient implementation via user-level code of functions ordinarily implemented as part of a conventional system's monolithic privileged section, - It provides practical solutions to two protection problems, the Modification Problem and the Confinement Problem, for users of the file system, and - It provides separation of mechanisms for data representation from mechanisms for protection and synchronization, thus allowing an extensible family of subfile systems to evolve. This paper treats the design and implementation of the Hydra File System and reflects on its implications for subsystem design and implementation.