Reflections on an operating system design
Communications of the ACM
Communications of the ACM
The Cambridge CAP computer and its protection system
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
ACM Transactions on Computer Systems (TOCS)
Experience Using Multiprocessor Systems—A Status Report
ACM Computing Surveys (CSUR)
An asynchronous garbage collector for the CAP filing system
ACM SIGOPS Operating Systems Review
ICSE '78 Proceedings of the 3rd international conference on Software engineering
WFS a simple shared file system for a distributed environment
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
Adding capability access to conventional file servers
ACM SIGOPS Operating Systems Review
Removing backing store administration from the CAP operating system
ACM SIGOPS Operating Systems Review
Hi-index | 0.00 |
The filing system for the CAP is based on the idea of preservation of capabilities: if a program has been able to obtain some capability then it has an absolute right to preserve it for subsequent use. The pursuit of this principle, using capability-oriented mechanisms in preference to access control lists, has led to a filing system in which a preserved capability may be retrieved from different directories to achieve different access statuses, in which the significance of a text name depends on the directory to which it is presented, and in which filing system 'privilege' is expressed by possession of directory capabilities.