Abstract
The Password-Capability System has been designed as an operating system kernel suitable for general-purpose computing in a hostile environment. It has an access control mechanism based on password-capabilities, on top of which a confinement mechanism and a type management mechanism are layered. This paper studies the security of these mechanisms. We find that the mechanisms leak information which can be utilised by an attacker. Furthermore, we find that conditions placed on the generation of password-capabilities by the mechanisms enable the attacker to forge password-capabilities more efficiently than by exhaustive search. We show that all the discovered attacks can be prevented. This paves the way for the use of the mechanisms in a highly secure third-generation of the Password-Capability System.
An erratum to this chapter can be found at http://dx.doi.org/10.1007/11915034_125.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Mossop, D., Pose, R.: Semantics of the Password-Capability System. In: Proceedings of the IADIS International Conference, Applied Computing 2005, vol. 1, pp. 121–128 (2005)
Castro, M.D.: The Walnut Kernel: A Password-Capability Based Operating System. PhD thesis, Monash University (1996)
Wallace, C.S., Pose, R.D.: Charging in a secure environment. Security and Persistence, pp. 85–97. Springer, Heidelberg (1990)
Anderson, M., Wallace, C.S.: Some comments on the implementation of capabilities. The Australian Computer Journal 20, 122–130 (1988)
Anderson, M., Pose, R.D., Wallace, C.S.: A password-capability system. The Computer Journal 29, 1–8 (1986)
Heiser, G., Elphinstone, K., Vochteloo, J., Russell, S., Liedtke, J.: The Mungi single-address-space operating system. Software Practice and Experience 28, 901–928 (1998)
Vochteloo, J.: Design, Implementation and Performance of Protection in the Mungi Single-Address-Space Operating System. PhD thesis, University of NSW, Sydney 2052, Australia (1998)
Vochteloo, J., Elphinstone, K., Russell, S., Heiser, G.: Protection domain extensions in Mungi. In: Proceedings of the 5th IEEE International Workshop on Object Orientation in Operating Systems, Seattle, WA, USA (1996)
Vochteloo, J., Russell, S., Heiser, G.: Capability-based protection in the Mungi operating system. In: Proceedings of the 3rd IEEE International Workshop on Object Orientation in Operating Systems, Asheville, NC, USA (1993)
Chase, J.S., Baker-Harvey, M., Levy, H.M., Lazowska, E.D.: Opal: A single address space system for 64-bit architectures. In: Proceedings of the Third Workshop on Workstation Operating Systems, pp. 80–85. ACM Press, New York (1992)
Mossop, D., Pose, R.: Security models in the password-capability system. In: Proceedings of IEEE TenCon 2005, Melbourne, Australia (2005)
Mossop, D., Pose, R.: Covert channel analysis of the password-capability system. In: Srikanthan, T., Xue, J., Chang, C.-H. (eds.) ACSAC 2005. LNCS, vol. 3740, Springer, Heidelberg (2005)
Keedy, J.L., Espenlaub, K., Hellman, R., Pose, R.D.: SPEEDOS: How to achieve high security and understand it. In: Proceedings of CERT Conf. 2000, Omaha, Nebraska, USA (2000)
Espenlaub, K.: Design of the SPEEDOS Operating System Kernel. PhD thesis, The University of Ulm, Germany (2005)
Cohen, E., Jefferson, D.: Protection in the Hydra operating system. In: Proceedings of the Fifth ACM Symposium on Operating System Principles, pp. 141–160. ACM Press, New York (1975)
Lampson, B.W.: A note on the confinement problem. Communications of the ACM 16, 613–615 (1973)
Shapiro, J.S., Hardy, N.: EROS: A principle-driven operating system from the ground up. IEEE Software, 26–33 (January/February 2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mossop, D., Pose, R. (2006). Information Leakage and Capability Forgery in a Capability-Based Operating System Kernel. In: Meersman, R., Tari, Z., Herrero, P. (eds) On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops. OTM 2006. Lecture Notes in Computer Science, vol 4277. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11915034_75
Download citation
DOI: https://doi.org/10.1007/11915034_75
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-48269-7
Online ISBN: 978-3-540-48272-7
eBook Packages: Computer ScienceComputer Science (R0)