{"title":"Protection and resource control in distributed operating systems","authors":"Sape J Mullender, Andrew S Tanenbaum","doi":"10.1016/0376-5075(84)90005-9","DOIUrl":null,"url":null,"abstract":"<div><p>Local networks often consist of a cable snaking through a building with sockets in each room into which users can plug their personal computers. Using such a network for building a coherent distributed or network operating system is difficult because the system administrators have no control over the user's machine — not the applications programs, not the system kernel, not even the choice of hardware. In this paper we discuss a general method to protect such systems against malicious users without placing any restrictions on the kinds of operating systems that can be constructed. Depending on the details of the hardware, either one-way functions or public key cryptography forms the basis for the protection. As an example of our method, we show how a traditional object-oriented capability system can be implemented on top of the basic protection mechanism, and how a service for accounting and resource control can be constructed.</p></div>","PeriodicalId":100316,"journal":{"name":"Computer Networks (1976)","volume":"8 5","pages":"Pages 421-432"},"PeriodicalIF":0.0000,"publicationDate":"1984-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/0376-5075(84)90005-9","citationCount":"50","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks (1976)","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/0376507584900059","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 50
Abstract
Local networks often consist of a cable snaking through a building with sockets in each room into which users can plug their personal computers. Using such a network for building a coherent distributed or network operating system is difficult because the system administrators have no control over the user's machine — not the applications programs, not the system kernel, not even the choice of hardware. In this paper we discuss a general method to protect such systems against malicious users without placing any restrictions on the kinds of operating systems that can be constructed. Depending on the details of the hardware, either one-way functions or public key cryptography forms the basis for the protection. As an example of our method, we show how a traditional object-oriented capability system can be implemented on top of the basic protection mechanism, and how a service for accounting and resource control can be constructed.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
