This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Access Control Mechanisms in a Distributed, Persistent Memory System
October 2002 (vol. 13 no. 10)
pp. 1066-1083

Abstract—A distributed, persistent memory system is considered, which implements a form of segmentation with paging within the framework of the single-address-space paradigm of memory reference. A peculiar problem of a system of this type is the lack of protection of the private information items of any given process against unauthorized access attempts possibly performed by the other processes. We present a set of mechanisms able to enforce access control over the private virtual space areas. These mechanisms guarantee a degree of protection comparable to that typical of a multiple-address-space system, while preserving the advantages of ease of information sharing, typical of the single-address-space model. The resulting environment is evaluated from a number of salient viewpoints, including ease of distribution and revocation of access rights, strategies for virtual space reuse, and the storage requirements of the information for memory management.

[1] M. Anderson, R.D. Pose, and C.S. Wallace, “A Password-Capability System,” The Computer J., vol. 29, no. 1, pp. 1–8, Feb. 1986.
[2] C. Ansley and P. Ashton, “System Administration in a Single Address Space Operating System,” Proc. Fifth Int'l Workshop Object-Orientation in Operating Systems, pp. 166–170, Oct. 1996.
[3] J. Bacon, R. Hayton, S. Lai Lo, and K. Moody, “Extensible Access Control for a Hierarchy of Servers,” Operating Systems Rev., vol. 28, no. 3, pp. 4–15, July 1994.
[4] A. Bartoli, S.J. Mullender, and M. van der Valk, “Wide-Address Spaces—Exploring the Design Space,” Operating Systems Rev., vol. 27, no. 1, pp. 11–17, Jan. 1993.
[5] A. Bartoli, G. Dini, and L. Lopriore, “Single Address Space Implementation in Distributed Systems,” Concurrency: Practice and Experience, vol. 12, no. 4, pp. 251–280, Apr. 2000.
[6] A. Bartoli, G. Dini, and L. Lopriore, “Application-Controlled Memory Management in a Single Address Space Environment,” Int'l J. Software Tools for Technology Transfer, vol. 3, no. 2, pp. 235–245, May 2001.
[7] M. Cekleov and M. Dubois, “Virtual-Address Caches. Part 1: Problems and Solutions in Uniprocessors,” IEEE Micro, vol. 17, no. 5, pp. 64–71, Sept./Oct. 1997.
[8] J.S. Chase, H.M. Levy, E.D. Lazowska, and M. Baker-Harvey, “Lightweight Shared Objects in a 64-bit Operating System,” Proc. Conf. Object-Oriented Programming Systems, Languages, and Applications, pp. 397–413, Oct. 1992.
[9] J.S. Chase et al., "Sharing and Protection in a Single-Address-Space Operating System," ACM Trans. Computer Systems, ACM, Nov. 1994, pp. 271-307.
[10] R.P. Colwell, E.F. Gehringer, and E.D. Jensen, “Performance Effects of Architectural Complexity in the Intel 432,” ACM Trans. Computer Systems, vol. 6, no. 3, pp. 296–339, Aug. 1988.
[11] P. Corsini and L. Lopriore, “An Implementation of Storage Management in Capability Environments,” Software—Practice and Experience, vol. 25, no. 5, pp. 501–520, May 1995.
[12] G. Dini, G. Lettieri, and L. Lopriore, “Implementing a Distributed Single Address Space in the Presence of Failures,” Proc. Int'l Conf. Parallel and Distributed Processing Techniques and Applications, pp. 355–361, June 1999.
[13] G. Dini, G. Lettieri, and L. Lopriore, “An Overview of Ulisse, a Distributed, Single Address Space System,” Preprints of the Ninth Int'l Workshop Persistent Object Systems, pp. 189–201, Sept. 2000.
[14] G. Dini and L. Lopriore, “Sharing Objects in a Distributed, Single Address Space Environment,” Future Generation Computer Systems, vol. 17, no. 3, pp. 247–264, Dec. 2000.
[15] K. Elphinstone and G. Heiser, “Page Tables for 64-bit Computer Systems,” Proc. Fourth Australasian Computer Architecture Conf., Jan. 1999.
[16] K. Elphinstone, “Virtual Memory in a 64-bit Microkernel,” PhD thesis, School of Computer Science and Eng., The Univ. of New South Wales, Sydney, Australia, Aug. 1999.
[17] D.M. England, “Capability Concept Mechanisms and Structure in System 250,” Proc. Int'l Workshop Protection in Operating Systems, pp. 63–82, 1974.
[18] E.F. Gehringer, Capability Architectures and Small Objects. Ann Arbor, Michigan: UMI Research Press, 1982.
[19] V.D. Gligor, “Review and Revocation of Access Privileges Distributed through Capabilities,” IEEE Trans. Software Eng., vol. 5, no. 6, pp. 575–586, Nov. 1979.
[20] D. Hagimont, J. Mossiére, X. Rousset de Pina, and F. Saunier, “Hidden Software Capabilities,” Proc. 16th Int'l Conf. Distributed Computing Systems, pp. 282–289, May 1996.
[21] G. Heiser, K. Elphinstone, S. Russell, and J. Vochteloo, “Mungi: A Distributed Single Address-Space Operating System,” Proc. 17th Australasian Computer Science Conf., pp. 271–280, Jan. 1994.
[22] G. Heiser, K. Elphinstone, J. Vochteloo, S. Russell, and J. Liedtke, “The Mungi Single-Address-Space Operating System,” Software—Practice and Experience, vol. 28, no. 9, pp. 901–928, July 1998.
[23] T. Horel and G. Lauterbach, “UltraSPARC-III: Designing Third-Generation 64-Bit Performance,” IEEE Micro, vol. 19, no. 3, pp. 73–85, May/June 1999.
[24] J. Huck and J. Hays, “Architectural Support for Translation Table Management in Large Address Space Machines,” Proc. 20th Ann. Int'l Symp. Computer Architecture, pp. 39–50, May 1993.
[25] Intel Corp., $\big. Intel \;{\hbox{\rlap{R}\kern -2 pt{\hbox{$\bigcirc$}}}}\bigr.$$\big. Itanium^{\rm{TM}}\bigr.$Architecture Software Developer's Manual Vol. 2 rev. 2.0: System Architecture. Available athttp://developer.intel.com/design/itanium/ manualsindex.htm, 2002.
[26] B. Jacob and T. Mudge, “Software-Managed Address Translation,” Proc. Third Int'l Symp. High Performance Computer Architecture, pp. 156–167, Feb. 1997.
[27] B. Jacob and T. Mudge, “Virtual Memory: Issues of Implementation,” Computer, vol. 31, no. 6, pp. 33–43, June 1998.
[28] B.L. Jacob and T.N. Mudge, “A Look at Several Memory Management Units, TLB-Refill Mechanisms, and Page Table Organizations,” Proc. Eight Int'l Conf. Architectural Support for Programming Languages and Operating Systems, pp. 295-306, Oct. 1998.
[29] R.E. Kessler, “The Alpha 21264 Microprocessor,” IEEE Micro, vol. 19, no. 2, pp. 24–36, Mar./Apr. 1999.
[30] E.J. Koldinger, J.S. Chase, and S.J. Eggers, “Architectural Support for Single Address Space Operating Systems,” Proc. Fifth Int'l Conf. Architectural Support for Programming Languages and Operating Systems, pp. 175-186, Oct. 1992.
[31] D. Kotz and P. Crow, “The Expected Lifetime of“Single-Address-Space”Operating Systems,” Proc. 1994 ACM SIGMETRICS Conf. Measurement and Modeling of Computer Systems, pp. 161-170, May 1994.
[32] H.M. Levy, Capability-Based Computer Systems. Bedford, Mass.: Digital Press, 1984.
[33] J. Liedtke and K. Elphinstone, “Guarded Page Tables on Mips R4600 or an Exercise in Architecture-Dependent Microoptimization,” Operating Systems Rev., vol. 30, no. 1, pp. 4–15, Jan. 1996.
[34] J. Liedtke, “Toward Real Microkernels,” Comm. ACM, vol. 39, no. 9, pp. 70–77, Sept. 1996.
[35] L. Lopriore, “Design and Implementation,” Language Architectures and Programming Environments, T. Ichikawa and H. Tsubotani, eds., Singapore: World Scientific, pp. 32–71, 1992.
[36] L. Lopriore, “Object and Process Migration in a Single-Address-Space Distributed System,” Microprocessors and Microsystems, vol. 23, no. 10, pp. 587–595, Mar. 2000.
[37] B.R. Millard, P. Dasgupta, S. Rao, and R. Kuramkote, “Run-Time Support and Storage Management for Memory-Mapped Persistent Objects,” Proc. 13th Int'l Conf. Distributed Computing Systems, pp. 508–515, May 1993.
[38] K. Murray, T. Wilkinson, P. Osmon, A. Saulsbury, and T. Stiemerling, “Design and Implementation of an Object-Orientated 64-Bit Single Address Space Microkernel,” Proc. USENIX Symp. Microkernels and Other Kernel Architectures, pp. 31–43, Sept. 1993.
[39] K. Murray, T. Wilkinson, T. Stiemerling, and P. Kelly, “Angel: Resource Unification in a 64-Bit Microkernel,” Proc. 27th Hawaii Int'l Conf. System Sciences, pp. 106–115, Jan. 1994.
[40] E.I. Organick, A Programmer's View of the Intel 432 System. New York: McGraw-Hill, 1983.
[41] M. Reitenspieß, “An Architecture Supporting Security and Persistent Object Storage,” Proc. Int'l Workshop Computer Architectures to Support Security and Persistance of Information, pp. 202–214, May 1990.
[42] J. Rosenberg, J.L. Keedy, and D. Abramson, “Addressing Mechanisms for Large Virtual Memories,” The Computer J., vol. 35, no. 4, pp. 369–375, 1992.
[43] J. Rosenberg, A. Dearle, D. Hulse, A. Lindström, and S. Norris, “Operating System Support for Persistant and Recoverable Computations,” Comm. ACM, vol. 39, no. 9, pp. 62–69, Sept. 1996.
[44] S. Russell, A. Skea, K. Elphinstone, G. Heiser, K. Burston, I. Gorton, and G. Hellestrand, “Distribution + Persistence = Global Virtual Memory,” Proc. Second Int'l Workshop Object Orientation in Operating Systems, pp. 96–99, Sept. 1992.
[45] A. Skousen and D. Miller, “Using a Single Address Space Operating System for Distributed Computing and High Performance,” Proc. 18th IEEE Int'l Performance, Computing, and Communications Conf., pp. 8–14, Feb. 1999.
[46] A. Skousen and D. Miller, “The Sombrero Single Address Space Operating System Prototype: A Testbed for Evaluating Distributed Persistent System Concepts and Implementation,” Proc. 2000 Int'l Conf. Parallel and Distributed Processing Techniques and Applications, June 2000.
[47] F.G. Soltis and P. Conte, Inside the AS/400: Featuring the AS/400E Series, second ed. Loveland, Colo.: Duke Press, 1997.
[48] D.R. Stinson, Cryptography: Theory and Practice. Boca Raton, Fla.: CRC Press, 1995.
[49] B. Stroustrup, The C++ Programming Language Special Edition. Reading, Mass.: Addison-Wesley, 2000.
[50] M. Talluri, M.D. Hill, and Y.A. Khalidi, “A New Page Table for 64-Bit Address Spaces,” Proc. 15th ACM Symp. Operating Systems Principles, pp. 215–231, Dec. 1995.
[51] P.J. Teller,"Translation-Lookaside Buffer Consistency," Computer, June 1990, pp. 26-36.
[52] R. Uhlig, D. Nagle, T. Stanley, T. Mudge, S. Sechrest, and R. Brown, “Design Tradeoffs for Software-Managed TLBs,” ACM Trans. Computer Systems, vol. 12, no. 3, pp. 175–205, Aug. 1994.
[53] J. Vochteloo, S. Russell, and G. Heiser, “Capability-Based Protection in the Mungi Operating System,” Proc. Third Int'l Workshop Object Orientation in Operating Systems, pp. 108–115, Dec. 1993.
[54] M.V. Wilkes and R.M. Needham, The Cambridge CAP Computer and Its Operating System. New York: North Holland, 1979.
[55] K.C. Yeager, “The MIPS R10000 Superscalar Microprocessor,” IEEE Micro, vol. 16, no. 2, pp. 28–40, Apr. 1996.
[56] M. Young, A. Tevanian, R. Rashid, D. Golub, J. Eppinger, J. Chew, W. Bolosky, D. Black, and R. Baron, “The Duality of Memory and Communication in the Implementation of a Multiprocessor Operating System,” Proc. 11th ACM Symp. Operating Systems Principles, pp. 63-76, Nov. 1987.

Index Terms:
Access control, distributed system, memory management, persistent system, protection, single address space.
Citation:
Lanfranco Lopriore, "Access Control Mechanisms in a Distributed, Persistent Memory System," IEEE Transactions on Parallel and Distributed Systems, vol. 13, no. 10, pp. 1066-1083, Oct. 2002, doi:10.1109/TPDS.2002.1041883
Usage of this product signifies your acceptance of the Terms of Use.