• DocumentCode
    750779
  • Title

    Review and Revocation of Access Privileges Distributed Through Capabilities

  • Author

    Gligor, Virgil D.

  • Author_Institution
    Department of Computer Science, University of Maryland
  • Issue
    6
  • fYear
    1979
  • Firstpage
    575
  • Lastpage
    586
  • Abstract
    The problems of review and revocation of access privileges are presented in the context of the systems that use capabilities for the long-term distribution of access privileges. An approach that solves both of these problems in their-most general form is presented in this paper. The approach requires that a capability propagation graph be maintained in memory spaces associated with subjects (e.g., domains, processes, etc.) that make copies of the respective capability; the graph remains inaccessible to those subjects, however. Parallel processes of the operating system update the graph as the system runs.
  • Keywords
    Access control lists; access privilege; access review; capabilities; capability-propagation graph; fle systems; kernels; management policies; reference counts; selective revocation; shared objects; short capabilities; type extension; Access control; Control systems; Design methodology; Hardware; Hierarchical systems; Kernel; Operating systems; Protection; Stress; Vehicles; Access control lists; access privilege; access review; capabilities; capability-propagation graph; fle systems; kernels; management policies; reference counts; selective revocation; shared objects; short capabilities; type extension;
  • fLanguage
    English
  • Journal_Title
    Software Engineering, IEEE Transactions on
  • Publisher
    ieee
  • ISSN
    0098-5589
  • Type

    jour

  • DOI
    10.1109/TSE.1979.230193
  • Filename
    1702674
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=750779