Jump to content

Object-capability model

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Ka-Ping Yee (talk | contribs) at 08:20, 6 January 2007 (Created page with 'The '''object-capability model''' is a computer security model based on an object-oriented model of computing. Under the object-c...'). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)

The object-capability model is a computer security model based on an object-oriented model of computing. Under the object-capability paradigm:

  • Objects are both accessed and designated through unforgeable references.
  • Computation is performed by sending messages along these references to objects.
  • A reference to an object can be obtained by:
  1. initial conditions (the system starts up with a set of objects that may have references to each other)
  2. parenthood (the creator of an object has access to the created object)
  3. a message (objects can embed references in the messages they send)

In a pure object-capability system, all computation is performed by objects that follow these rules, and these are the only ways that objects can access each other and obtain access to each other.

Implementations

EROS is a secure operating system that implements the object-capability model.

E is a programming language based on the object-capability model.

References

Miller, Mark S. (December 2003). "Paradigm Regained: Abstraction Mechanisms for Access Control". Proceedings of ASIAN'03. Springer-Verlag. {{cite conference}}: Unknown parameter |booktitle= ignored (|book-title= suggested) (help); Unknown parameter |coauthors= ignored (|author= suggested) (help)

Retrieved from "https://en.wikipedia.org/w/index.php?title=Object-capability_model&oldid=98836146"