Skip to main content
SpringerLink
Log in

Capabilities and Encryption: The Ultimate Defense Against Security Attacks ?

  • Conference paper
Security and Persistence

Part of the book series: Workshops in Computing ((WORKSHOPS COMP.))

Abstract

Capability-based addressing is an attractive mechanism to control access to information in an object-oriented system. Several capability-based systems have been built in the past, but most of them proved to be unsatisfactory because they suffered from severe performance penalties due to a number of implementation problems. In the MONADS-PC these problems have been solved by providing dedicated architectural support for a two-level capability scheme which is used to efficiently address and protect segments in its large uniform virtual memory and to control access to the semantic operations of major objects. Although this organization has many advantages for protecting information within a MONADS PC system, it is not sufficient to cope with the security attacks outside its sphere of control, such as physically copying software from removable storage devices or intercepting insecure communication lines in a network of computers. One way to avoid such security violations is to use encryption techniques. The focus of our research is to investigate the suitability of different encryption techniques in a MONADS environment. We discuss the issues involved in using encryption in conjunction with capabilities and postulate that both methods are necessary to provide a high degree of system security.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. D.A. Abramson and J.L. Keedy. Implementing a Large Virtual Memory in a Distributed Computing System. In Proc. of the 18th Hawaii Int. Conference on System Sciences, pages 515–522, 1985.

    Google Scholar 

  2. S.G. Akl. Digital Signatures: A Tutorial Survey. IEEE Computer, 2: 15–24, 1983.

    Google Scholar 

  3. P. Brössler, F.A. Henskens, J.L. Keedy, and J. Rosenberg. Addressing Objects in a Very Large Distributed Virtual Memory. In Proc. of the IFIP Conference on Distributed Processing, pages 105–116, Amsterdam, 1987. North Holland.

    Google Scholar 

  4. M. Evered and J.L. Keedy. A Model for Protection in Persistent Object—Oriented Systems. In Proc. of the Int. Workshop on Computer Architectures to Support Security and Persistence, pages 5(1)–5(15), Bremen, West Germany, 1990.

    Google Scholar 

  5. R.S. Fabry. Capability Based Addressing. Communications of the ACM, 17 (7), 1974.

    Article  Google Scholar 

  6. M. Groß. How to Achieve Trustworthy Basis Systems With Secure Booting. Technical Report, GMD Darmstadt, 1989.

    Google Scholar 

  7. A. Herzberg and S. Pinter. Public Protection of Software. ACM Transactions on Computer Systems, 5 (11): 371–393, 1987.

    Article  Google Scholar 

  8. IBM. IBM System/38 Technical Developments. IBM General Systems Division, 1980.

    Google Scholar 

  9. INTEL. Introduction to the iAPX432 Architecture. INTEL Corporation, no. 17821-001 edition, 1981.

    Google Scholar 

  10. A.K. Jones. The Object Model, a Conceptual Tool for Structuring Software, volume 60 of Lecture Notes in Computer Science, pages 7–16. Springer-Verlag, 1978.

    Google Scholar 

  11. A. Kalinski, R. Rivest, and S. Sherman. Is DES a Pure Cipher, volume 218 of Lecture Notes in Computer Science, pages 212–221. Springer-Verlag, 1985.

    Google Scholar 

  12. J.L. Keedy. An Implementation of Capabilities without a Central Mapping Table. In Proc. of the 17th Hawaii Int. Conference on System Sciences, pages 180–185, 1984.

    Google Scholar 

  13. J.L. Keedy. The MONADS-PC System: A Programmer’s Overview. Technical Report 8-89, University of Bremen, 1989.

    Google Scholar 

  14. E. Kranakis. Primality and Cryptography. Teubner-Verlag, Stuttgart, 1986.

    MATH  Google Scholar 

  15. C. Meyers and S. Matyas. Cryptography. Wiley KATHamp; Sons, 1982.

    Google Scholar 

  16. R.M. Needham. The CAP Project — an Interim Evaluation. In Proc. of the ACM Symposium on Operating System Principles, pages 17–22, 1977.

    Google Scholar 

  17. H. Paetzold. Encryption Methods for Distributed Systems (in German). Master’s thesis, University of Darmstadt, Dept. of Computer Science, 1989.

    Google Scholar 

  18. R. Rivest, A. Shamir, and A. Adleman. A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Communications of the ACM, 21 (2): 120–126, 1978.

    Article  MATH  MathSciNet  Google Scholar 

  19. J. Rosenberg and D.A. Abramson. MONADS-PC: A Capability Based Workstation to Support Software Engineering. In Proc. of the 18th Hawaii Int. Conference on System Sciences, 1985.

    Google Scholar 

  20. H. Sedlack and U. Golze. A Public Key Code Cryptography Processor. Informationstechnik, 281 (3): 157–161, 1986.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Darmstadt, Germany

    B. Freisleben & P. Kammerer

  2. University of Bremen, Germany

    J. L. Keedy

Authors
  1. B. Freisleben
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. P. Kammerer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. J. L. Keedy
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electrical Engineering and Computer Science, University of Newcastle, 2308, NSW, Australia

    John Rosenberg BSc, PhD

  2. Faculty of Mathematics and Computer Science, University of Bremen, Bibliothekstrasse, Postfach 330440, D-2800, Bremen 33, West Germany

    J. Leslie Keedy BD, DPhil, PhD

Rights and permissions

Reprints and permissions

Copyright information

© 1990 British Computer Society

About this paper

Cite this paper

Freisleben, B., Kammerer, P., Keedy, J.L. (1990). Capabilities and Encryption: The Ultimate Defense Against Security Attacks ?. In: Rosenberg, J., Keedy, J.L. (eds) Security and Persistence. Workshops in Computing. Springer, London. https://doi.org/10.1007/978-1-4471-3178-6_8

Download citation

  • DOI: https://doi.org/10.1007/978-1-4471-3178-6_8

  • Publisher Name: Springer, London

  • Print ISBN: 978-3-540-19646-4

  • Online ISBN: 978-1-4471-3178-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation