lecture_3_part_2

lecture_3_part_2 - Capabilities Each subject keeps a set of...

Info iconThis preview shows pages 1–12. Sign up to view the full content.

View Full Document Right Arrow Icon
Lecture 3 Page 1 CS 236 Online Capabilities Each subject keeps a set of data items that specify his allowable accesses Essentially, a set of tickets Possession of the capability for an object implies that access is allowed
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Lecture 3 Page 2 CS 236 Online Properties of Capabilities Must be unforgeable In single machine, keep under control of OS What about in a networked system? In most systems, some capabilities allow creation of other capabilities Process can pass restricted set of capabilities to a subprocess
Background image of page 2
Lecture 3 Page 3 CS 236 Online Capabilities and Domains The set of objects a subject can access at a given moment is its domain The subject has a capability for each object in its domain Domains can be expanded by obtaining new capabilities New domains can be created for subprocesses Where do we keep capabilities?
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Lecture 3 Page 4 CS 236 Online Capabilities Protecting a File Read X Subject B Subject C Capabilities for C Capabilities for A File X Read, Write Capabilities for B File X Read File X Subject A Capability Checking File X Read, Write r e a d File X Read, Write Check validity of capability OK!
Background image of page 4
Lecture 3 Page 5 CS 236 Online w r i t e d n Capabilities Denying Access write User B User C Capabilities for C Capabilities for A File X Read, Write Capabilities for B File X Read File X User A Capability Checking Check validity of capability No Capability Provided!
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Lecture 3 Page 6 CS 236 Online How Will This Work in a Network? Subject B Subject C Capabilities for C Capabilities for B File X Read Capabilities for A File X Read, Write Subject A Capability Checking File X File X Subject A Subject B File X Read Subject C File X Read, Write How can we tell if it’s a good capability? File X Read, Write
Background image of page 6
Lecture 3 Page 7 CS 236 Online Revoking Capabilities Fred Nancy Accounts receivable How do we take away Fred’s capability? Without taking away Nancy’s?
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Lecture 3 Page 8 CS 236 Online Revocation By Destroying the Capability Fred Nancy Accounts receivable How can you be sure you’ve destroyed all copies everywhere?
Background image of page 8
Lecture 3 Page 9 CS 236 Online Revocation By Invalidation on Use Fred Nancy Accounts receivable Fred Read Accounts Receivable Accounts receivable capability revocation list Ted Anne Costs time to check revocation list Especially if list gets long
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Lecture 3 Page 10 CS 236 Online Revocation By Generation Numbers Fred Nancy Accounts receivable 3 3 3 If generation numbers match, the capability is still valid To invalidate capability, increase generation number 4 Requires some control of capabilities Selective revocation is hard Can replace generation number with some other software token
Background image of page 10
Lecture 3 Page 11 CS 236 Online Pros and Cons of Capabilities + Easy to determine what a subject can access +
Background image of page 11

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 12
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page1 / 39

lecture_3_part_2 - Capabilities Each subject keeps a set of...

This preview shows document pages 1 - 12. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online