Un modèle de contrôle d'accès générique et sa réalisation dans la mémoire virtuelle répartie unique Arias

Abstract : Single Address Space Operating Systems allow virtual addresses to be used by applications as globally unique references. This means that address resolution and access control have to be separated because virtual addresses can be referenced by all applications on all nodes in the system. We propose an access control model for a Single Address Space Operating System based on Hidden Software Capabilities. The model is based on the notions of capabilities (elemental access rights), protection domains (containers for access rights) and cross domain calls (allow the flow of control to change from one protection domain to another). The model builds on two important principles: segregated capabilities and the controled delegation of capabilities through protection interfaces. Application code and protection interfaces are defined separately. The evaluation of this model indicates that the majority of existing access control models, including the mandatory model proposed by Bell & LaPadula, can be based on Hidden Software Capabilities. The Hidden Software Capability model has been implemented in the Arias Single Address Space Operating System. Experience with this implementation, shows that separation of protection definition and application code facilitates software reuse and evolution of applications. The performance of the implemented cross domain call is roughly equivalent to a standard RPC.
Complete list of metadatas

Cited literature [88 references]  Display  Hide  Download

https://tel.archives-ouvertes.fr/tel-00004841
Contributor : Thèses Imag <>
Submitted on : Wednesday, February 18, 2004 - 3:14:36 PM
Last modification on : Wednesday, April 11, 2018 - 1:54:26 AM
Long-term archiving on : Friday, April 2, 2010 - 8:28:06 PM

Identifiers

  • HAL Id : tel-00004841, version 1

Collections

Citation

Christian Damsgaard Jensen. Un modèle de contrôle d'accès générique et sa réalisation dans la mémoire virtuelle répartie unique Arias. Réseaux et télécommunications [cs.NI]. Université Joseph-Fourier - Grenoble I, 1999. Français. ⟨tel-00004841⟩

Share

Metrics

Record views

397

Files downloads

7953