skip to main content
10.1145/3548636.3548656acmotherconferencesArticle/Chapter ViewAbstractPublication PagesitccConference Proceedingsconference-collections
research-article

A Simple and Efficient Object-Capability Revocation Method

Published: 23 August 2022 Publication History

Abstract

Revocation is important but difficult in object-capability based systems. As an essential mechanism of capability management, revocation provides the basis for canceling of granted access rights and reclaiming of shared resources. However, efficient revocation of capabilities is difficult to achieve due to the considerations for selective revocation and safety. In this paper, we propose an simple and efficient object-capability revocation method. We are inspired by the classic garbage collection algorithm Mark-and-Sweep algorithm, and decouple revocation process to two phases. In the first phase, capabilities are centrally set to be invalid or masked, by updating related fields in capability tap. In the second phase, this method trigger Rust's memory reclaim mechanism to sweep the disabled capabilities safely. Additionally, the sweep progress can be done as lazy sweeping to support fast revocation returning. Our revocation method can support selective revocation more efficiently than the existing methods, and the revocation process is concise and safe.

References

[1]
Jack B. Dennis and Earl C. Van Horn. 1966. Programming Semantics for Multipro- grammed Computations. Commun. ACM 9 (1966), 143–155.
[2]
M. Miller, K.-P. Yee, and J. Shapiro. 2003. Capability myths demolished. Johns Hopkins University, Tech. Rep.
[3]
Steve Klabnik and Carol Nichols. 2018. The Rust Programming Language. No Starch Press, USA.
[4]
Hawblitzel, C. and von Eicken, T. 1999. Type system support for dynamic revocation. In ACM SIGPLAN workshop on Compiler Support for System Software. ACM Press, Atlanta.
[5]
Thorsten von Eicken, T., Chang, C. C., Czajkowski, G., Hawblitzel, C., Hu, D., & Spoonhowe, D. 1999. J-kernel: A capability-based operating system for java. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 1603, 369–393. https://doi.org/10.1007/3-540-48749-2_17
[6]
Vikram Narayanan, Tianjiao Huang, David Detweiler, Dan Appel, Zhaofeng Li, Gerd Zellweger, and Anton Burtsev. 2020. RedLeaf: isolation and communication in a safe operating system. Proceedings of the 14th USENIX Conference on Operating Systems Design and Implementation. USENIX Association, USA, Article 2, 21–39.
[7]
Elliott I. Organick. 1972. The multics system: an examination of its structure. MIT Press, Cambridge, MA, USA.
[8]
David D. Redell, Yogen K. Dalal, Thomas R. Horsley, Hugh C. Lauer, William C. Lynch, Paul R. McJones, Hal G. Murray, and Stephen C. Purcell. 1980. Pilot: an operating system for a personal computer. Commun. ACM 23, 2 (Feb. 1980), 81–92. https://doi.org/10.1145/358818.358822
[9]
Karger, P. A. 1988. New Methods for Immediate Revocation. In Proceedings of the 1989 IEEE Symposium on Security and Privacy. IEEE Computer Society, Oakland, CA, USA, 48-55.
[10]
Alexander Warg and Adam Lackorzynski. 2011. Rounding pointers: type safe capabilities with C++ meta programming. In Proceedings of the 6th Workshop on Programming Languages and Operating Systems (PLOS '11). Association for Computing Machinery, New York, NY, USA, Article 3, 1–5. https://doi.org/10.1145/2039239.2039244
[11]
Guide to Rust Development. 2022. Retrieved Feb 27, 2022 from https://Rustc-dev-guide.Rust-lang.org/mir/Drop-elaboration.html
[12]
SeL4 Reference ManualVersion 12.1.0. 2022. Retrieved Feb 27, 2022 from https://sel4.systems/Info/Docs/seL4-manual-latest.pdf
[13]
Akhilesh Singhania, Ihor Kuz, Mark Nevill, Simon Gerber. 2017. Capability Management in Barrelfish, Retrieved Feb 27, 2022 from https://barrelfish.org/publications/TN-013-CapabilityManagement.pdf
[14]
Matthias Hille, Nils Asmussen, Pramod Bhatotia, and Hermann Härtig. 2019. SemperOS: a distributed capability system. In Proceedings of the 2019 USENIX Conference on Usenix Annual Technical Conference (USENIX ATC '19). USENIX Association, USA, 709–722.

Index Terms

  1. A Simple and Efficient Object-Capability Revocation Method

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    ITCC '22: Proceedings of the 4th International Conference on Information Technology and Computer Communications
    June 2022
    138 pages
    ISBN:9781450396820
    DOI:10.1145/3548636
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 23 August 2022

    Permissions

    Request permissions for this article.

    Check for updates

    Qualifiers

    • Research-article
    • Research
    • Refereed limited

    Conference

    ITCC 2022

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • 0
      Total Citations
    • 47
      Total Downloads
    • Downloads (Last 12 months)15
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 16 Feb 2025

    Other Metrics

    Citations

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    HTML Format

    View this article in HTML Format.

    HTML Format

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media