REFERENCE-BASED PROTECTION

Posted on:1984-10-01

Degree:Ph.D

Type:Thesis

University:Harvard University

Candidate:HERRMANN, JEFFREY CHARLES

Full Text:PDF

GTID:2476390017962455

Subject:Computer Science

Abstract/Summary:

This thesis examines several key issues in the design of reference-based (capability-based) protection mechanisms. Improvements in protection are likely to lead not just to better system security, but to enhanced software reliability as well.; One question investigated is how the reference-based model compares to other strategies for achieving the same goals. The reference-based approach is campared directly to two other common approaches to protection mechanism design: compiler-based protection and object-based protection. Results include justification for earlier hypotheses about the advantages of reference-based protection, as well as the identification of several advantages previously ignored, including better support of access delegation and dependent access.; A second area of investigation involves the role of reference-based protection in data abstraction. Past schemes, including those of HYDRA and Redell, are examined and their weaknesses identified. Problems include a lack of adequate control over access rights, restrictions on representation type, and the presence of loopholes. New schemes which solve these problems are presented, including (1) single-level, tree-structured, and unrestricted schemes enabling full control over access rights, (2) partition and coded-rights schemes which permit the flexibility of multiple representations within the framework (and efficiency) of the tree-structured approach, and (3) a "surrogate type" scheme which supports the full generality of unrestricted representation types at much lower cost than previous unrestricted schemes such as Redell's generalized sealing.; A third issue examined is the problem of revoking access rights, wth emphasis on schemes for selective transparent revocation. It is shown that Redell's tree-structured dependency hierarchy can be derived from assumptions of transparency and non-subvertability. Redell's arguments for implicit revocation handles are shown to be weak, and the addition of explicit handles to Redell's schemes and ours is shown to be feasible without significant cost. Schemes for controlling access rights and for correctly maintaining the interaction between revocation and abstraction are presented. The role of non-selective and non-transparent revocation is also discussed.

Keywords/Search Tags:

Protection, Reference-based, Access rights, Schemes, Revocation

Related items

1	The Limit Of Illegal Administrative Action Revocation-
2	A Research On Right Of Revocation In Purchase Contract With Analysis On Article 25 Of The Latest Law Of The People’s Republic Of China On The Protection Of Consumer Rights And Interests
3	The Research Of The Third Party Revocation Lawsuit
4	A Reasearch On Right Of Revocation In Purchase Contract With Analysis On Article 25 Of The Latest Law Of The People’s Republic Of China On The Protection Of Consumer Rights And Interests
5	On The Exercise Of Revocation Right Of Rural Collective Members
6	On The Consumer's Rights For Revocation In Germany
7	The Research On Consumer’s Rights Of Revocation
8	Research On Investigating Into Crime Of Pyramid Schemes Of N City
9	Administrative Revocation Right Research
10	Research On The Action Of Revocation Of Shareholders' General Meeting