|
Object-capability Model
The object-capability model is a computer security model. A capability describes a transferable right to perform one (or more) operations on a given object. It can be obtained by the following combination: :* An unforgeable reference (in the sense of object references or protected pointers) that can be sent in messages. :* A message that specifies the operation to be performed. The security model relies on not being able to forge references. :* Objects can interact only by sending messages on references. :* A reference can be obtained by: ::# Initial conditions: In the initial state of the computational world being described, object A may already have a reference to object B. ::# Parenthood: If A creates B, at that moment A obtains the only reference to the newly created B. ::# Endowment: If A creates B, B is born with that subset of A's references with which A chose to endow it. ::# Introduction: If A has references to both B and C, A can send to B a message containing a referen ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Security Model
A computer is a machine that can be programmed to carry out sequences of arithmetic or logical operations (computation) automatically. Modern digital electronic computers can perform generic sets of operations known as programs. These programs enable computers to perform a wide range of tasks. A computer system is a nominally complete computer that includes the hardware, operating system (main software), and peripheral equipment needed and used for full operation. This term may also refer to a group of computers that are linked and function together, such as a computer network or computer cluster. A broad range of industrial and consumer products use computers as control systems. Simple special-purpose devices like microwave ovens and remote controls are included, as are factory devices like industrial robots and computer-aided design, as well as general-purpose devices like personal computers and mobile devices like smartphones. Computers power the Internet, which links bil ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Joe-E
Joe-E is a subset of the Java programming language intended to support programming according to object-capability discipline. The language is notable for being an early object-capability subset language. It has influenced later subset languages, such as ADsafe and Caja/Cajita, subsets of Javascript. It is also notable for allowing methods to be verified as functionally pure, based on their method signatures. Matthew Finifter, Adrian Mettler, Naveen Sastry, David Wagner; October 2008, Conference on Computer and Communications Security. The restrictions imposed by the Joe-E verifier include: * Classes may not have mutable static fields, because these create global state. * Catching out-of-memory exceptions is prohibited, because doing so allows non-deterministic execution. For t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Joule (programming Language)
Joule is a capability-secure massively-concurrent dataflow programming language, designed for building distributed applications. It is so concurrent that the order of statements within a block is irrelevant to the operation of the block. Statements are executed whenever possible, based on their inputs. Everything in Joule happens by sending messages. There is no control flow. Instead, the programmer describes the flow of data, making it a dataflow programming language. Joule development started in 1994 at ''Agorics'' in Palo Alto, California. It is considered the precursor to the E programming language. Language syntax Numerals consist of ASCII digits 0–9; identifiers are Unicode sequences of digits, letters, and operator characters that begin with a letter. It is also possible to form identifiers by using Unicode sequences (including whitespace) enclosed by either straight (' ') or standard (‘ ’) single quotes, where the backslash is the escape character. Keywords have ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Emerald (programming Language)
Emerald is a distributed, object-oriented programming Object-oriented programming (OOP) is a programming paradigm based on the concept of "objects", which can contain data and code. The data is in the form of fields (often known as attributes or ''properties''), and the code is in the form of ... language developed in the 1980s by Andrew P. Black, Norman C. Hutchinson, Eric B. Jul, and Henry M. Levy, in the Department of Computer Science at the University of Washington. A simple Emerald program can create an object and move it around the system: const Kilroy ← object Kilroy process const origin ← locate self const up ← origin.getActiveNodes for e in up const there ← e.getTheNode move self to there end for move self to origin end process end Kilroy Emerald was designed to support high performance distribution, location, and high performance of objects, to simplify distributed programming, to exploit information hiding, and to be ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Fiasco (L4 Clone)
L4 is a family of second-generation microkernels, used to implement a variety of types of operating systems (OS), though mostly for Unix-like, ''Portable Operating System Interface'' (POSIX) compliant types. L4, like its predecessor microkernel L3, was created by German computer scientist Jochen Liedtke as a response to the poor performance of earlier microkernel-based OSes. Liedtke felt that a system designed from the start for high performance, rather than other goals, could produce a microkernel of practical use. His original implementation in hand-coded Intel i386-specific assembly language code in 1993 sparked intense interest in the computer industry. Since its introduction, L4 has been developed to be cross-platform and to improve security, isolation, and robustness. There have been various re-implementations of the original binary L4 kernel application binary interface (ABI) and its successors, including ''L4Ka::Pistachio'' (Karlsruhe Institute of Technology), ''L4/MIPS' ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OKL4
L4 is a family of second-generation microkernels, used to implement a variety of types of operating systems (OS), though mostly for Unix-like, ''Portable Operating System Interface'' (POSIX) compliant types. L4, like its predecessor microkernel L3, was created by German computer scientist Jochen Liedtke as a response to the poor performance of earlier microkernel-based OSes. Liedtke felt that a system designed from the start for high performance, rather than other goals, could produce a microkernel of practical use. His original implementation in hand-coded Intel i386-specific assembly language code in 1993 sparked intense interest in the computer industry. Since its introduction, L4 has been developed to be cross-platform and to improve security, isolation, and robustness. There have been various re-implementations of the original binary L4 kernel application binary interface (ABI) and its successors, including ''L4Ka::Pistachio'' (Karlsruhe Institute of Technology), ''L4/MIPS' ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
SeL4
L4 is a family of second-generation microkernels, used to implement a variety of types of operating systems (OS), though mostly for Unix-like, ''Portable Operating System Interface'' (POSIX) compliant types. L4, like its predecessor microkernel L3, was created by German computer scientist Jochen Liedtke as a response to the poor performance of earlier microkernel-based OSes. Liedtke felt that a system designed from the start for high performance, rather than other goals, could produce a microkernel of practical use. His original implementation in hand-coded Intel i386-specific assembly language code in 1993 sparked intense interest in the computer industry. Since its introduction, L4 has been developed to be cross-platform and to improve security, isolation, and robustness. There have been various re-implementations of the original binary L4 kernel application binary interface (ABI) and its successors, including ''L4Ka::Pistachio'' (Karlsruhe Institute of Technology), ''L4/MIPS' ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
CapROS
Capability-based Reliable Operating System (CapROS) is an operating system incorporating pure capability-based security. It features automatic persistence of data and processes, even across system reboots. Capability systems naturally support the principle of least authority, which improves security and fault tolerance. It is free and open-source software released under the GNU General Public License version 2 (GPLv2), and GNU Lesser General Public License version 2 (LGPLv2). CapROS is an evolution of the Extremely Reliable Operating System (EROS). While EROS was purely a research system, CapROS is intended to be a stable system of commercial quality. CapROS currently runs on Intel IA-32 and ARM microprocessors. CapROS is being developed by Strawberry Development Group with funding from the Defense Advanced Research Projects Agency (DARPA) and others. The primary developer is Charles Landau. History The CapROS project was formed in 2005 as a non-academic continuation of EROS. T ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Integrity (operating System)
INTEGRITY and INTEGRITY-178B are real-time operating systems (RTOSes) produced and marketed by Green Hills Software. INTEGRITY INTEGRITY is POSIX-certified and intended for use in embedded system An embedded system is a computer system—a combination of a computer processor, computer memory, and input/output peripheral devices—that has a dedicated function within a larger mechanical or electronic system. It is ''embedded'' as ...s of 32-bits or 64-bit computing, 64-bits. Supported computer architectures include variants of: ARM architecture, ARM, Blackfin, NXP ColdFire, ColdFire, MIPS architecture, MIPS, PowerPC, XScale, and x86. INTEGRITY is supported by popular Transport Layer Security, SSL/TLS libraries such as wolfSSL. INTEGRITY-178B INTEGRITY-178B is the DO-178B–compliant version of INTEGRITY. It is used in several military jets such as the B-2, F-16, F-22, and F-35 Lightning II, F-35, and the commercial aircraft Airbus A380. Its Kernel (operating system), ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Extremely Reliable Operating System
Extremely Reliable Operating System (EROS) is an operating system developed starting in 1991 at the University of Pennsylvania, and then Johns Hopkins University, and The EROS Group, LLC. Features include automatic data and process persistence, some preliminary real-time support, and capability-based security. EROS is purely a research operating system, and was never deployed in real world use. , development stopped in favor of a successor system, CapROS. Key concepts The overriding goal of the EROS system (and its relatives) is to provide strong support at the operating system level for the efficient restructuring of critical applications into small communicating components. Each component can communicate with the others only through protected interfaces, and is isolated from the rest of the system. A ''protected interface'', in this context, is one that is enforced by the lowest level part of the operating system, the kernel. That is the only part of the system that can move inf ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
KeyKOS
KeyKOS is a persistent, pure capability-based operating system for the IBM S/370 mainframe computers. It allows emulating the environments of VM, MVS, and Portable Operating System Interface (POSIX). It is a predecessor of the Extremely Reliable Operating System (EROS), and its successor operating systems, CapROS, and Coyotos. KeyKOS is a nanokernel-based operating system. In the mid-1970s, development of KeyKOS began at Tymshare, Inc., under the name GNOSIS. In 1984, McDonnell Douglas McDonnell Douglas was a major American aerospace manufacturing corporation and defense contractor, formed by the merger of McDonnell Aircraft and the Douglas Aircraft Company in 1967. Between then and its own merger with Boeing in 1997, it produ ... (MD) bought Tymshare. A year later MD spun off Key Logic, which bought GNOSIS and renamed it ''KeyKOS''. References External links * , Norman Hardy GNOSIS: A Prototype Operating System for the 1990s a 1979 paper, Tymshare Inc. a 1988 paper ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
