dbo:abstract
|
- The object-capability model is a computer security model. A capability describes a transferable right to perform one (or more) operations on a given object. It can be obtained by the following combination:
* An unforgeable reference (in the sense of object references or protected pointers) that can be sent in messages.
* A message that specifies the operation to be performed. The security model relies on not being able to forge references.
* Objects can interact only by sending messages on references.
* A reference can be obtained by: 1.
* Initial conditions: In the initial state of the computational world being described, object A may already have a reference to object B. 2.
* Parenthood: If A creates B, at that moment A obtains the only reference to the newly created B. 3.
* Endowment: If A creates B, B is born with that subset of A's references with which A chose to endow it. 4.
* Introduction: If A has references to both B and C, A can send to B a message containing a reference to C. B can retain that reference for subsequent use. In the object-capability model, all computation is performed following the above rules. Advantages that motivate object-oriented programming, such as encapsulation or information hiding, modularity, and separation of concerns, correspond to security goals such as least privilege and privilege separation in capability-based programming. The object-capability model was first proposed by Jack Dennis and Earl C. Van Horn in 1966. (en)
|
dbo:wikiPageExternalLink
| |
dbo:wikiPageID
| |
dbo:wikiPageLength
|
- 8556 (xsd:nonNegativeInteger)
|
dbo:wikiPageRevisionID
| |
dbo:wikiPageWikiLink
| |
dbp:wikiPageUsesTemplate
| |
dcterms:subject
| |
gold:hypernym
| |
rdf:type
| |
rdfs:comment
|
- The object-capability model is a computer security model. A capability describes a transferable right to perform one (or more) operations on a given object. It can be obtained by the following combination:
* An unforgeable reference (in the sense of object references or protected pointers) that can be sent in messages.
* A message that specifies the operation to be performed. The security model relies on not being able to forge references. In the object-capability model, all computation is performed following the above rules. (en)
|
rdfs:label
|
- Object-capability model (en)
|
owl:sameAs
| |
prov:wasDerivedFrom
| |
foaf:isPrimaryTopicOf
| |
is dbo:wikiPageRedirects
of | |
is dbo:wikiPageWikiLink
of | |
is dbp:paradigm
of | |
is foaf:primaryTopic
of | |