Title :
Conditional Capabilities
Author :
Ekanadham, Kattamuri ; Bernstein, Arthur J.
Author_Institution :
Department of Computer Science, State University of New York
Abstract :
Protection in capability-based operating systems is comsidered. The concept of a conditional capability, which is a generalization of a conventional capability, is proposed. The conditional capability can only be exercised when certain conditions relating to the context of its use are satisfied. It is shown that such capabilities form a basis upon which features such as domains of protection, revocation, and type extension can be built. The implementation of these features can be isolated into sepuate modules thus leaving the basic protection module uncluttered and simplifying the overall structure of the system.
Keywords :
Access control; capabilities; conditional capabilities; keys; locks; operating system; protection; Computer science; Control systems; Kernel; Operating systems; Permission; Protection; Access control; capabilities; conditional capabilities; keys; locks; operating system; protection;
Journal_Title :
Software Engineering, IEEE Transactions on
DOI :
10.1109/TSE.1979.230184
