Title :
Capability-based protection in the Mungi operating system
Author :
Vochteloo, Jerry ; Russell, Stephen ; Heiser, Gernot
Author_Institution :
Sch. of Comput. Sci. & Eng., New South Wales Univ., Kensington, NSW, Australia
Abstract :
A single address space operating system is an excellent environment for the implementation of distributed object-based systems. The tissue of providing effective and efficient protection of objects in such an environment has, however, not been addressed satisfactorily. This paper presents the protection mechanism of Mungi, which is based on password capabilities. A system-maintained data structure called the capability tree is used for the long-term storage of capabilities, and reflects the hierarchical structure of object privacy. A second system data structure, the active protection domain, allows the system to find capabilities quickly when validating memory accesses. The model supports inheritance of protection domains, as well as temporary extension of protection domains to support privileged procedures. Untrusted programs can be confined to run in a restricted protection domain. The protection system performs efficiently on conventional architectures, and is simple enough that most programs do not need to be aware of its operation
Keywords :
data structures; distributed processing; object-oriented databases; operating systems (computers); security of data; Mungi operating system; capability tree; capability-based protection; data structure; distributed object-based systems; inheritance; object privacy; protection mechanism; single address space operating system; Australia; Computer science; Data privacy; Data structures; Distributed computing; Microprocessors; Object oriented modeling; Operating systems; Protection; Tree data structures;
Conference_Titel :
Object Orientation in Operating Systems, 1993., Proceedings of the Third International Workshop on
Conference_Location :
Asheville, NC
Print_ISBN :
0-8186-5270-5
DOI :
10.1109/IWOOOS.1993.324922
