Persistent protected modules and persistent processes as the basis for a more secure operating system

The MONADS computer architecture is based on a very large persistent virtual memory which eliminates the need for a conventional file store and filing system, thus providing a suitable basis for persistent programming. The architecture also provides direct support for persistent objects (modules), which are protected by capabilities, and for processes which persist not only between login sessions but also over system shutdowns. The authors briefly outline these aspects of the architecture and describe how they are used in the design of the MONADS operating system. They then show how these features naturally give rise to a wide range of security advantages which would be very difficult to achieve in conventional systems. They first discuss the security advantages of persistent protected modules and then they consider how persistent processes are organised, how they relate to modules and how they contribute to stronger security. Next they describe how users can communicate despite the protection mechanisms and how such communication can be carried out securely. Then follows a concluding discussion of the security and other advantages of a persistent architecture and an indication of the direction of future work