Vanderbilt, D. H., Controlled Information Sharing in a Computer Utility. MAC TR-67, MIT, Cambridge, Mass., Oct. 1969.  Home/Search   Document Not in Database   Summary   Related Articles

....without it a domain cannot prevent an undebugged subordinate domain from wantonly giving away access to objects. The rules above do not permit the owner of an object to take away access to that object. Whether this should be permitted is an unresolved issue. It is permitted by most systems; see [13] for a contrary view. If it is to be permitted, the following rule is appropriate. d) d 1 can remove access attributes from A d 2 ,x if d 1 has owner access to x, provided d 2 does not have protected access to x. The protected restriction allows one owner to defend his access from other ....

....an interesting exercise to devise a mechanism for controlling who gets to alter this additional information. Capabilities can also be used to attack problem (c) above. All we have to do is observe that it is possible to build an arbitrary graph of domains, each with a set of capabi1ities or C list [3, 7, 13]. Protection 8 Everything we know about tree structured naming schemes can then be applied to economize on storage for shared capabilities. A completely different approach is to attach the protection information to the object rather than the domain. In its most general form, the idea is to ....

Vanderbilt, D. H., Controlled Information Sharing in a Computer Utility. MAC TR-67, MIT, Cambridge, Mass., Oct. 1969.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC