Abstract
The Password-Capability System has been designed as an operating system kernel suitable for general-purpose computing in a hostile environment. It has an access control mechanism based on password-capabilities, on top of which a confinement mechanism and a type management mechanism are layered. This paper studies the security of these mechanisms. We find that the mechanisms leak information which can be utilised by an attacker. Furthermore, we find that conditions placed on the generation of password-capabilities by the mechanisms enable the attacker to forge password-capabilities more efficiently than by exhaustive search. We show that all the discovered attacks can be prevented. This paves the way for the use of the mechanisms in a highly secure third-generation of the Password-Capability System. © Springer-Verlag Berlin Heidelberg 2006.
Author supplied keywords
Cite
CITATION STYLE
Mossop, D., & Pose, R. (2006). Information leakage and capability forgery in a capability-based operating system kernel. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 4277 LNCS-I, pp. 517–526). Springer Verlag. https://doi.org/10.1007/11915034_75
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
