Capability-based addressing

In computer science, capability-based addressing is a scheme used by some computers to control access to memory. Under a capability-based addressing scheme, pointers are replaced by protected objects (called capabilities) that can be created only through the use of privileged instructions which may be executed only by either the kernel or some other privileged process authorised to do so. This effectively allows the kernel to control which processes may access which objects in memory without the need to use separate address spaces and therefore requiring a context switch when an access occurs. This allows an efficient implementation of capability-based security.

Practical implementations

Two techniques are available for implementation:

The designers of the System/38's descendent systems, including AS/400 and IBM i, removed capability-based addressing. The reason given for this decision is that they could find no way to revoke capabilities[1] (although patterns for implementing revocation in capability systems had been published as early as 1974,[2] even before the introduction of System/38).

Chronology of systems adopting capability-based addressing

Further potential additions can be found here: .

Notes

  1. Frank G. Soltis Fortress Rochester: The Inside Story of the IBM ISeries pp. 119, 283
  2. Redell, David D. (November 1974). "Naming and Protection in Extendible Operating Systems". PhD. Thesis, also published as Project MAC TR-140. MIT.

References

External links

This article is issued from Wikipedia - version of the 11/4/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.