Academic Journals Database
Disseminating quality controlled scientific knowledge

Key-Lock Mechanisms for Object Protection in Single-Address-Space Systems

Author(s): Lanfranco Lopriore

Journal: Journal of Computers
ISSN 1796-203X

Volume: 4;
Issue: 12;
Start page: 1322;
Date: 2009;
Original page

Keywords: access right | process | protection | revocation | single address space | thread

This paper focuses on memory addressing environments that support the notion of a single address space. We consider the problem of hampering access attempts to the private objects of a given thread, when these attempts are generated by unauthorized threads of different processes. We introduce two different forms of access privilege representation - handles and gates - which are designed to coexist within the boundaries of the same protection system. The handle concept is a generalization of the classical protected pointer concept. A handle associates several keys (passwords) with an object name. Each key grants a specific access right to the named object. A gate is a compact representation of access privileges, which uses a single bit to encode an access right. Handles are protected from forgery by key sparseness. They can be freely mixed in memory with ordinary data. On the other hand, gates are sensitive data that must be kept segregated in private memory regions of the protection system. The dualism of handles and gates makes it possible to take advantage of the simplicity of access right distribution and object sharing between threads, which is characteristic of key-based protection systems, and to avoid the negative impact on overall system performance, which results from the large key size and the high costs of lengthy processing that are connected with key validation.
Affiliate Program      Why do you need a reservation system?