HOME

TheInfoList



Click Here for Items Related To - capability-based addressing
OR:
capability-based addressing on:   [Wikipedia]   [Google]   [Amazon]

In
computer science Computer science is the study of computation, automation, and information. Computer science spans theoretical disciplines (such as algorithms, theory of computation, information theory, and automation) to practical disciplines (includi ...
, capability-based addressing is a scheme used by some computers to control access to memory as an efficient implementation of
capability-based security Capability-based security is a concept in the design of secure computing systems, one of the existing security models. A capability (known in some systems as a key) is a communicable, unforgeable token of authority. It refers to a value that refer ...
. Under a capability-based addressing scheme, pointers are replaced by protected objects (called capabilities) that can be created only through the use of privileged instructions which may be executed only by either the
kernel Kernel may refer to: Computing * Kernel (operating system), the central component of most operating systems * Kernel (image processing), a matrix used for image convolution * Compute kernel, in GPGPU programming * Kernel method, in machine learn ...
or some other privileged process authorised to do so. Thus, a kernel can limit application code and other subsystems access to the minimum necessary portions of memory (and disable write access where appropriate), without the need to use separate address spaces and therefore require a context switch when an access occurs.


Practical implementations

Two techniques are available for implementation: *Require capabilities to be stored in a particular area of memory that cannot be written to by the process that will use them. For example, the
Plessey System 250 Plessey System 250, also known as PP250, was the first operational computer to implement capability-based addressing, to check and balance the computation as a pure Church–Turing machine. Plessey built the systems for a British Army message r ...
required that all capabilities be stored in capability-list segments. *Extend memory with an additional bit, writable only in supervisor mode, that indicates that a particular location is a capability. This is a generalization of the use of tag bits to protect segment descriptors in the
Burroughs large systems The Burroughs Large Systems Group produced a family of large 48-bit mainframes using stack machine instruction sets with dense syllables.E.g., 12-bit syllables for B5000, 8-bit syllables for B6500 The first machine in the family was the B5000 in ...
, and it was used to protect capabilities in the
IBM System/38 The System/38 is a discontinued minicomputer and midrange computer manufactured and sold by IBM. The system was announced in 1978. The System/38 has 48-bit addressing, which was unique for the time, and a novel integrated database system. It w ...
. The designers of the System/38's descendent systems, including
AS/400 The IBM AS/400 (Application System/400) is a family of midrange computers from IBM announced in June 1988 and released in August 1988. It was the successor to the System/36 and System/38 platforms, and ran the OS/400 operating system. Lower-cos ...
and IBM i, removed capability-based addressing. The reason given for this decision is that they could find no way to revoke capabilitiesFrank G. Soltis
Fortress Rochester: The Inside Story of the IBM ISeries
' pp. 119, 283 (although patterns for implementing revocation in capability systems had been published as early as 1974, even before the introduction of System/38).


Chronology of systems adopting capability-based addressing

*1969: System 250
Plessey The Plessey Company plc was a British electronics, defence and telecommunications company. It originated in 1917, growing and diversifying into electronics. It expanded after World War II by acquisition of companies and formed overseas compani ...
Company *1970–77: CAP computer
University of Cambridge Computer Laboratory The Department of Computer Science and Technology, formerly the Computer Laboratory, is the computer science department of the University of Cambridge. it employed 35 academic staff, 25 support staff, 35 affiliated research staff, and about 15 ...
*1978:
System/38 The System/38 is a discontinued minicomputer and midrange computer manufactured and sold by IBM. The system was announced in 1978. The System/38 has 48-bit addressing, which was unique for the time, and a novel integrated database system. It w ...
– IBM *1980:
Flex machine The Flex Computer System was developed by Michael Foster and Ian Currie of Royal Signals and Radar Establishment (RSRE) in Malvern, England, during the late 1970s and 1980s. It used a tagged storage scheme to implement a capability architectu ...
Royal Signals and Radar Establishment The Royal Signals and Radar Establishment (RSRE) was a scientific research establishment within the Ministry of Defence (MoD) of the United Kingdom. It was located primarily at Malvern in Worcestershire, England. The RSRE motto was ''Ubique ...
(RSRE) Malvern *1981: Intel iAPX 432 – Intel *2014
CHERI
(adds capabilities to existing ISAs for safer programming, even in C and
C++ C++ (pronounced "C plus plus") is a high-level general-purpose programming language created by Danish computer scientist Bjarne Stroustrup as an extension of the C programming language, or "C with Classes". The language has expanded significan ...
) *2020
CHEx86
*2022
ARM Morello
(
AArch64 AArch64 or ARM64 is the 64-bit extension of the ARM architecture family. It was first introduced with the Armv8-A architecture. Arm releases a new extension every year. ARMv8.x and ARMv9.x extensions and features Announced in October 2011, AR ...
with CHERI capabilities)


Notes


References

* * * *

*Viktors Berstis,
Security and protection of data in the IBM System/38
', Proceedings of the 7th annual symposium on Computer Architecture, p. 245-252, May 6–08, 1980, La Baule, United States * W. David Sincoskie, David J. Farber: SODS/OS: Distributed Operating System for the IBM Series/1. Operating Systems Review 14(3): 46-54 (July 1980) *G. J. Myers, B. R. S. Buckingham,
A hardware implementation of capability-based addressing
', ACM SIGOPS Operating Systems Review, v.14 n.4, p. 13-25, October 1980 *Houdek, M. E., Soltis, F. G., and Hoffman, R. L. 1981.
IBM System/38 support for capability-based addressing
'. In Proceedings of the 8th ACM International Symposium on Computer Architecture. ACM/IEEE, pp. 341–348.
The Cambridge CAP Computer
Levy, 1988
Plessey System 250
a commercial Capability solution, Hank Levy, 1988 *G. D. Buzzard, T. N. Mudge (1983) ''Object-based Computer Systems and the Ada Programming Language'

The University of Michigan – Computer Research Laboratory and Robotics Research Laboratory Department of Electrical and Computer Engineering


External links

* {{Object-capability security Memory management Operating system security