home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!sun-barr!ames!agate!darkstar.UCSC.EDU!osr
- From: ino@is.s.u-tokyo.ac.jp (Shigekazu Inohara)
- Newsgroups: comp.os.research
- Subject: Summary: capability-based filesystem?
- Date: Sat, 25 Jul 1992 00:46:33 GMT
- Organization: Dept. of Information Science, Univ. of Tokyo, Japan.
- Lines: 90
- Approved: comp-os-research@ftp.cse.ucsc.edu
- Message-ID: <14t8foINN169@darkstar.UCSC.EDU>
- References: <141qj1INN8ap@darkstar.UCSC.EDU>
- NNTP-Posting-Host: ftp.cse.ucsc.edu
- Originator: osr@ftp
-
- Here is the summary of answers I received to my question in article
- <141qj1INN8ap@darkstar.UCSC.EDU>:
-
- >I am studying capability-based protection, and a question came to my
- >mind: "how to build a filesystem with per-file capabilities?"
- >
- >In the case of ACL-based protection, client-side programs need to have
- >nothing, because the filesystem determines what files the program can
- >access only from the identity of the programs (e.g. their owner, in
- >UNIX). In the case of capability-based protection, however,
- >client-side programs have to provide the capability for the file that
- >they wish to access. How can they have the capability, if a
- >filesystem is the only public name space in the system?
-
- Many people gave me precious information. In addition to several
- people that followed my article on the comp.os.research, many e-mail
- replies came to me. I have not in fact expected to receive so many
- people's hearty answers. Thank you very much.
-
- ----------------------------------------------------------------------
- The following people suggested that the Amoeba system by Andy
- Tanenbaum's group solved the above question.
-
- ast@cs.vu.nl <Andy Tanenbaum>
- dfk@wildcat.dartmouth.edu (David Kotz)
- douglis@MITL.COM (Fred Douglis)
- philw@research.att.com
- "Samuel S. Paik" <d65y@crux1.cit.cornell.edu>
- shizgal@cpsc.ucalgary.ca (Irvin Shizgal)
- kaashoek@frans.cs.vu.nl
-
- Amoeba's documents can be anonymous ftp'able from
-
- Site Name Internet address Directory
- ---- ---- ---------------- ---------
- VU ftp.cs.vu.nl 192.31.231.42 amoeba
- UCSC midgard.ucsc.edu 128.114.14.6 pub/amoeba
-
- ----------------------------------------------------------------------
-
- Timothy.Roscoe@cl.cam.ac.uk gave me a pointer to the Cambridge CAP
- computer and its operating system.
-
- Author: Wilkes, Maurice V., Maurice Vincent
- Title: The Cambridge CAP computer and its operating system; M.V.
- Wilkes, R.M. Needham
- New York: North Holland, 1979
- x,165p; 24cm
- Series title: Operating and programming systems series; 6
- The computer science library
- Subjects: CAP (Computer)
- Other entries: Needham, R. M., Roger Michael
-
-
- ----------------------------------------------------------------------
-
- maeda@isl.rdc.toshiba.co.jp (Ken-ichi Maeda) discussed capability list
- passing.
-
- -----------------------------------------------------------------------
-
- ken@cs.cornell.edu (Ken Birman) taught me about CAL-TSS system,
- developed by Butler Lampson.
-
- ----------------------------------------------------------------------
-
- miller@SCTC.COM (Steven M. Miller) also suggested the job of a
- capability server.
-
- ----------------------------------------------------------------------
-
- cwm@beta.lanl.gov (Christina W Mercier)'s e-mail described the
- Kerberos authentication approach and Lawrence Livermore National Lab's
- file system.
-
- ----------------------------------------------------------------------
-
- li@oracorp.com suggested to read
-
- L. Gong, ``A Secure Identity-Based Capability System'', in
- Proceedings of the IEEE 1989 Symposium on Security and Privacy,
- Oakland, California, May, 1989, pp.56-63.
-
- ----------------------------------------------------------------------
- --
- Shigekazu INOHARA Dept. of Info. Sci., Faculty of Sci., Univ. of Tokyo
- 7-3-1 Hongo Bunkyo-ku, Tokyo 113, Japan
- ino@is.s.u-tokyo.ac.jp
-
-
-
