Share on Facebook Tweet on Twitter Share on LinkedIn Share by email
Authorizing Applications in Singularity

Ted Wobber, Aydan Yumerefendi, Martín Abadi, Andrew Birrell, and Daniel R. Simon


We describe a new design for authorization in operating systems in which applications are first-class entities. In this design, principals reflect application identities. Access control lists are patterns that recognize principals. We present a security model that embodies this design in an experimental operating system, and we describe the implementation of our design and its performance in the context of this operating system.


Publication typeInproceedings
Published inProceedings of the 2007 Eurosys Conference
AddressLisbon, Portugal
PublisherAssociation for Computing Machinery, Inc.
> Publications > Authorizing Applications in Singularity