Date of Award
Doctor of Philosophy
"Resource modules" are proposed as a useful tool for the design of software for network applications. A resource module encapsulates data and operations (called exported procedures) on the data and consists of protection, synchronization and access components. A collection of such modules working together constitutes a network computation. Handling resource sharing and concurrency effectively is a major goal of the resource module approach;Efficient sharing of resources requires both an access control policy and an information flow policy. The protection component of a resource modules is responsible for implementing these policies. A modified access control list, which realizes the principle of least privilege as provided by capabilities, combined with access-rights expressions provides a powerful access control mechanism;An information flow mechanism which is a combination of compile-time and run-time approaches is developed to implement an information flow policy. A compile-time algorithm establishes the internal information flow security of an individual exported procedure independently of other resource modules. It also creates a special data structure for efficient run-time certification. A run-time mechanism completes the certification of the entire program at message passing time by verifying every information flow caused by procedure invocations. An extension of the certification mechanism is also developed in order to eliminate the run-time overhead. This mechanism uses information generated by the compile-time algorithm and certifies, at link time, all possible information flows which would be caused by execution of the program.
Digital Repository @ Iowa State University, http://lib.dr.iastate.edu/
Mizuno, Masaaki, "Highly-structured software for network systems and its protection " (1987). Retrospective Theses and Dissertations. 11710.