Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Hidden capabilities: towards a flexible protection utility for the internet
EW 7 Proceedings of the 7th workshop on ACM SIGOPS European workshop: Systems support for worldwide applications
Access Control Mechanisms in a Distributed, Persistent Memory System
IEEE Transactions on Parallel and Distributed Systems
Sealing, Encapsulation, and Mutability
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Dynamic Configuration and Enforcement of Access Control for Mobile Components
NGIT '99 Proceedings of the 4th International Workshop on Next Generation Information Technologies and Systems
Partial outsourcing: a new paradigm for access control
Proceedings of the eighth ACM symposium on Access control models and technologies
A unified security framework for networked applications
Proceedings of the 2003 ACM symposium on Applied computing
Journal of Functional Programming
Introducing reference flow control for detecting intrusion symptoms at the OS level
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
Hi-index | 0.00 |
Software capabilities are a very convenient means to protect co-operating applications. They allow access rights to be dynamically exchanged between mutually suspicious interacting applications. However in all the proposed approaches, capabilities are made available at the programming language level, requiring application developers to wire protection definition in the application code, which is detrimental to both flexibility and reusability. We believe instead that capabilities should be hidden from the application programmer allowing protection definition and application code to be clearly separated. In this paper we propose a new protection model based on hidden software capabilities, in which protection definition is completely disjoined from the application code and described in an extended interface definition language (IDL). This allows to specify protection for existing modules and to easily change the protection policy of an application. This protection model can be integrated in a wide range of operating systems. We are currently implementing it in a single address space operating system based on distributed shared memory.