Download:
|
by C. Jensen, D. Hagimont
http://sirac.inrialpes.fr/Infos/Personnes/Christian.Jensen/research/./arias-ac.ps.gz
Add To MetaCart
Abstract:
The main motivation for distributed shared memory is to simplify the development of distributed applications. For these applications, the speci��cation and implementation of access control is an important issue. Developing a protection model and mechanism that combine expressiveness, simplicity and AEexibility is a diOEcult challenge. In this paper, we present the design and implementation of a new protection model based on Hidden Software Capabilities, in which the protection speci-��cation is completely disjoined from the application code, and described in an extended Interface De��nition Language (IDL). This allows the designer to specify protection constraints for existing modules and to easily change the protection policy of an application, without any modi��cation to the programs. This protection model has been integrated in a single address space operating system based on distributed shared memory. Our evaluation shows that the model is very AEexible and easy to use, and that the overhead due to protection is low with respect to the cost of a RPC-based solution. 1
Citations
|
864
|
Implementing remote procedure calls
– Birrell, Nelson
- 1984
|
|
847
|
Memory coherence in shared virtual memory systems
– Li, Hudak
- 1989
|
|
519
|
Exokernel: An operating system architecture for application-level resource management
– Engler, Kaashoek, et al.
- 1995
|
|
184
|
Programming Semantics for Multiprogrammed Computations
– Dennis, Horn
- 1966
|
|
134
|
Capability-Based Computer Systems
– Levy
- 1984
|
|
83
|
Renesse. Using Sparse Capabilities in a Distributed Operating System
– Tanenbaum, Mullender, et al.
- 1986
|
|
71
|
Sharing and Protection in a Single Address Space Operating System
– Chase, Levy, et al.
- 1994
|
|
35
|
Power programming with RPC, O’Reilly & Associates
– Bloomer
- 1992
|
|
27
|
A protection scheme for mobile agents on java
– Hagimont, Ismail
- 1997
|
|
27
|
MONADS-PC: A Capability Based Workstation to Support Software Engineering
– Rosenberg, Abramson
- 1985
|
|
25
|
et al. The O2 system
– Deux
- 1991
|
|
23
|
The cambridge cap computer and its protection system
– Needham, Walker
- 1977
|
|
16
|
Hidden software capabilities
– Hagimont, Mossière, et al.
- 1996
|
|
8
|
Protection domain extensions in Mungi
– Vochteloo, Elphinstone, et al.
- 1996
|
|
7
|
The Arias distributed shared memory: An overview
– Dechamboux, Hagimont, et al.
- 1996
|
|
4
|
Capability-Based Protection in a Persistent Global Virtual Memory System
– Vochteloo, Russell, et al.
- 1993
|
|
3
|
Capability concept Mechanism and Structure
– England
- 1975
|
|
3
|
A protection scheme for a CORBA environment
– Hagimont, Huet, et al.
- 1997
|
|
1
|
Angel: Resource uni��cation in a 64-bit micro-kernel
– Murray, Stiemerling, et al.
- 1993
|
