QuoteRef: dennPJ_1980

topics > all references > ThesaHelp: references c-d

references c-d
error safe systems
operating system kernel
message queues for communication
data flow machines
concurrency control by monitors
critical regions
data flow languages
proving concurrent programs
data-driven design
uniform reference to data
virtual memory
examples of file systems
security by access rights
security by capabilities
file system
security leaks and weaknesses
security by secure domains
interprocess communication


Denning, P.J., Buzen, J.P., Dennis, J.B., Gaines, R.S., Brinch-Hansen, P., Lynch, W.C., Organick, E.I., "Operating systems ", pp. 665-729 , in Arden, B.W. (ed.), What can be Automated? , Cambridge Massachusetts, MIT Press , l980 . Google

671 ;;Quote: many operating systems will crash and require a complete restart; often due to incorrect coordination of concurrent activity; better now
677 ;;Quote: avoid timing-dependent behavior if all processes are data driven by messages received from one sender and processed in order
677 ;;Quote: if resources are consumable, then deadlock avoidance is intractable; algorithms exist for reusable resources
677 ;;Quote: can avoid deadlocks by eliminating circular waits with ordered resources
677 ;;Quote: can avoid deadlocks with a hierarchical process organization; subordinates must reply and can't fill up queues
678 ;;Quote: can avoid deadlocks with a data-driven network; every message includes work to be done, a process must reduce the work remaining
679 ;;Quote: a monitor manages a resource with mutual-exclusion; users simply execute allocate and release procedures
679 ;;Quote: a data-driven program is like a data-flow network with processing elements and data queues
680 ;;Quote: data-driven programs simplify correctness proofs, use data streams instead of elements; queuing-network analysis, and microcomputer networks
690 ;;Quote: Multics treats files as segments in virtual memory; avoids file copies and overlay management, needs 'attach' mechanism
690 ;;Quote: Multics automatically attaches files to a computation on first reference; need explicit 'attach' to emphasize its high cost
693 ;;Quote: the access matrix model concerns a set of uniquely named objects and an access domain for each process
694 ;;Quote: an entry in the access control matrix gives a list of permissions for processes in domain d to an object x; a bit vector access code
694 ;;Quote: permissions for changing the access control matrix are included in the matrix; e.g., add process to a domain and change permissions
695 ;;Quote: a process may pass a subset of its permissions to other domains if it has 'copy' permission
695 ;;Quote: a capability is the unique name of an object plus an associated access code; each domain has a list of capabilities
695 ;;Quote: principle of least privilege--capabilities allow a procedure to only have the privileges it needs; highly fault-tolerant
695 ;;Quote: can associate an access list with each object that gives access codes for each domain; widely used for file systems
695 ;;Quote: capabilities are more efficient for exercising permissions but access lists are better for managing permissions; should have a mix of methods
696 ;;Quote: capabilities are good for managing access-control information; only a few procedures have these capabilities
698 ;;Quote: can circumvent a security system by out-of-channel signaling, e.g., by toggling use of a file
699 ;;Quote: a flow relation is a partial order on security classes; e.g., military security from highest to lowest
700 ;;Quote: can use statistical methods to violate security of access-control systems
710 ;;Quote: a queuing network can predict device utilization and throughput to 5% error

Related Topics up

ThesaHelp: references c-d (337 items)
Topic: bugs (65 items)
Topic: error safe systems (75 items)
Topic: concurrency (33 items)
Topic: operating system kernel (67 items)
Topic: message queues for communication (36 items)
Topic: deadlocks (21 items)
Topic: data flow machines (14 items)
Topic: concurrency control by monitors (24 items)
Topic: critical regions (58 items)
Topic: data flow languages (33 items)
Topic: proving concurrent programs (37 items)
Topic: data-driven design (41 items)
Topic: uniform reference to data (34 items)
Topic: virtual memory (32 items)
Topic: examples of file systems (44 items)
Topic: security by access rights (36 items)
Topic: security by capabilities (65 items)
Group: file system   (9 topics, 285 quotes)
Topic: security leaks and weaknesses (56 items)
Topic: security by secure domains (42 items)
Topic: interprocess communication (29 items)
Topic: simulation (35 items)

Collected barberCB 4/82 operating systems
Copyright © 2002-2008 by C. Bradford Barber. All rights reserved.
Thesa is a trademark of C. Bradford Barber.