Protection in Programmed Systems.
CARNEGIE-MELLON UNIV PITTSBURGH PA DEPT OF COMPUTER SCIENCE
Pagination or Media Count:
The report discusses the control of access to objects within programmed systems. The vehicle for this study is a model of protection that isolates a small set of mechanisms needed to provide access control, leaving the policy for invoking these mechanisms to vary naturally with applications. Emphasis is placed on access control required for parameters that accompany a process crossing between execution environments and a new concept called amplification is defined. The model is shown to provide structure and terminology sufficient for describing and comparing diverse protection systems, for expressing and proving boundary conditions that characterize the manipulation of objects within environments independent of the code executed, and for partially ordering protection systems according to the services they provide. In addition, the dissertation introduces the concept of a centralized protection facility capable of providing access control for user defined objects and accesses. Author
- Computer Programming and Software
- Computer Systems
- Computer Systems Management and Standards