Object-capability model
The object-capability model is a computer security model. A capability describes a transferable right to perform one (or more) operations on a given object. It can be obtained by the following combination: * An unforgeable reference (in the sense of object references or protected pointers) that can be sent in messages. * A message that specifies the operation to be performed. The security model relies on not being able to forge references. In the object-capability model, all computation is performed following the above rules.
- Comment
- enThe object-capability model is a computer security model. A capability describes a transferable right to perform one (or more) operations on a given object. It can be obtained by the following combination: * An unforgeable reference (in the sense of object references or protected pointers) that can be sent in messages. * A message that specifies the operation to be performed. The security model relies on not being able to forge references. In the object-capability model, all computation is performed following the above rules.
- Has abstract
- enThe object-capability model is a computer security model. A capability describes a transferable right to perform one (or more) operations on a given object. It can be obtained by the following combination: * An unforgeable reference (in the sense of object references or protected pointers) that can be sent in messages. * A message that specifies the operation to be performed. The security model relies on not being able to forge references. * Objects can interact only by sending messages on references. * A reference can be obtained by: 1. * Initial conditions: In the initial state of the computational world being described, object A may already have a reference to object B. 2. * Parenthood: If A creates B, at that moment A obtains the only reference to the newly created B. 3. * Endowment: If A creates B, B is born with that subset of A's references with which A chose to endow it. 4. * Introduction: If A has references to both B and C, A can send to B a message containing a reference to C. B can retain that reference for subsequent use. In the object-capability model, all computation is performed following the above rules. Advantages that motivate object-oriented programming, such as encapsulation or information hiding, modularity, and separation of concerns, correspond to security goals such as least privilege and privilege separation in capability-based programming. The object-capability model was first proposed by Jack Dennis and Earl C. Van Horn in 1966.
- Hypernym
- Model
- Is primary topic of
- Object-capability model
- Label
- enObject-capability model
- Link from a Wikipage to an external page
- wiki.erights.org/wiki/Emily
- www.monte-language.org/
- www.ponylang.org/
- rchain-community.github.io/
- web.archive.org/web/20070515041003/http:/caperl.links.org/
- www.info.ucl.ac.be/~pvr/oze.pdf
- Link from a Wikipage to another Wikipage
- Assignment (computer science)
- Caja (programming language)
- Capability-based addressing
- Capability-based security
- CapROS
- Category:Computer security models
- Computer security model
- Coyotos
- Criticism of JavaScript
- C Sharp (programming language)
- Design pattern
- Emerald (programming language)
- Extremely Reliable Operating System
- Fiasco (L4 clone)
- Hack (programming language)
- Information hiding
- Instance variable
- Integrity (operating system)
- Jack Dennis
- Java (programming language)
- Joe-E
- Joule (programming language)
- KeyKOS
- Modularity (programming)
- Newspeak (programming language)
- Object (computer science)
- OKL4
- Principle of least privilege
- Privilege separation
- Reflection (computer science)
- SeL4
- Separation of concerns
- Smart contracts
- Undeniable authority
- Valet parking
- Wyvern (programming language)
- SameAs
- 4sdt7
- m.027jmjb
- Object-capability model
- Q7075007
- Subject
- Category:Computer security models
- WasDerivedFrom
- Object-capability model?oldid=1104487366&ns=0
- WikiPageLength
- 8556
- Wikipage page ID
- 8784464
- Wikipage revision ID
- 1104487366
- WikiPageUsesTemplate
- Template:Dubious
- Template:Multiple issues
- Template:Object-capability security
- Template:Original research section
- Template:Primary sources
- Template:Refimprove
- Template:Reflist
- Template:Snd