Advanced Operating Systems   COMP9242 2002/S2

UNSW

Printer-Friendly Version Administration                - Notices - Course Intro - Consultations # On-line Survey (closed) - Survey Results   Work - Lectures - Milestone 0 - Project Admin - Project Spec - Project FAQ - Exam   Documentation - ASysT Lab - L4 source browser - Sulima ISA Simulator - R4x00 ISA Summary  - MIPS R4700 Reference - MIPS R4000 User Manual  - Network Driver - GT64111   Related Info - Aurema OS Prize - OS Hall of Fame   History - 2000 - 1999 - 1998   Staff - Gernot Heiser (LiC)

Capabilities Main advantage of capabilities is the fine-grain access control: Easy to provide specific access to selected agents. Capability presents prima facie evidence of the right to access: capability ==> object identifier (naming), capability ==> (set of) access rights, Any representation must contain object ID and access rights. Any representation must protect capability from forgery. How implemented and protected? tagged (protected by hardware), partitioned (protected by software), sparse (protected by obscurity).