Security and OS references

Drew R Whitehouse Drew.Whitehouse@anu.edu.au
12 May 1997 12:00:54 +1000


	These may be of interest -

1) Olin Shivers has a few new scheme/OS related papers - 

"Automatic management of operating-system resources" and
"Continuations and threads: Expressing machine concurrency directly in
advanced languages"

	http://www.ai.mit.edu/people/shivers/citations.html

2) Another scheme/OS paper -

   ftp://publications.ai.mit.edu/ai-publications/1500-1999/AIM-1564.ps.Z

"A Security Kernel Based on the Lambda-Calculus"
By Jonathan A. Rees 

Cooperation between independent agents depends upon establishing a
degree of security. Each of the cooperating agents needs assurance
that the cooperation will not endanger resources of value to that
agent. In a computer system, a computational mechanism can assure safe
cooperation among the system's users by mediating resource access
according to desired security policy. Such a mechanism, which is
called a {\em{}security kernel\/}, lies at the heart of many operating
systems and programming environments.The report describes Scheme 48, a
programming environment whose design is guided by established
principles of operating system security. Scheme 48's security kernel
is small, consisting of the call-by-value $\lambda$-calculus with a
few simple extensions to support abstract data types, object mutation,
and access to hardware resources. Each agent (user or subsystem) has a
separate evaluation environment that holds objects representing
privileges granted to that agent.  Because environments ultimately
determine availability of object references, protection and sharing
can be controlled largely by the way in which environments are
constructed. I will describe experience with Scheme 48 that shows how
it serves as a robust and flexible experimental platform. Two
successful applications of Scheme 48 are the programming environment
for the Cornell mobile robots, where Scheme 48 runs with no (other)
operating system support; and a secure multi-user environment that
runs on workstations.

-- 
;;----------------------------------------------------------------------
;; mailto:Drew.Whitehouse@anu.edu.au   http://anusf.anu.edu.au/~drw900/
;; Viz programmer, Australian National University Supercomputer Facility
;; Unsolicited commercial e-mail will be billed at $250/message.
;;----------------------------------------------------------------------