Rounding Pointers – Type Safe Capabilities with C++ Meta Programming

[Nytro]

Rounding Pointers – Type Safe Capabilities with C++ Meta Programming

Alexander Warg, Adam Lackorzynski

Technische Universität Dresden

Department of Computer Science

Operating Systems Group

{warg,adam}@os.inf.tu-dresden.de

ABSTRACT

Recent trends in secure operating systems indicate that an

object-capability system is the security model with pre-

eminent characteristics and practicality. Unlike traditional

operating systems, which use a single global name space,

object-capability systems name objects per protection do-

main. This allows a ne-grained isolation of the domains

and follows the principle of least authority.

Programming in such an environment diers considerably

from traditional programming models. The ne-grained ac-

cess to functionality requires a programming environment

that supports the programmer when using a capability sys-

tem. In this paper, we present an object-oriented framework

that uses the C++ programming language to oer a frame-

work for building and using operating-system components

and applications.

Download:

http://www.sigops.org/sosp/sosp11/workshops/plos/03-warg.pdf