Using Sparse Capabilities in a Distributed Operating System

Andrew S. Tanenbaum, Sape J. Mullender, Robbert van Renesse

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    83 Citations (Scopus)
    20 Downloads (Pure)


    Most distributed operating systems constructed to date have lacked a unifying mechanism for naming and protection. In this paper we discuss a system, Amoeba, that uses capabilities for naming and protecting objects. In contrast to traditional, centralized operating systems, in which capabilities are managed by the operating system kernel, in Amoeba all the capabilities are managed directly by user code. To prevent tampering, the capabilities are protected cryptographically. The paper describes a variety of the issues involved, and gives four different ways of dealing with the access rights.
    Original languageEnglish
    Title of host publicationProceedings of the 6th International Conference on Distributed Computing Systems 1986
    Place of PublicationLos Alamitos, CA
    PublisherIEEE Computer Society
    Number of pages6
    Publication statusPublished - May 1986
    Event6th International Conference on Distributed Computing Systems, ICDCS 1986 - Cambridge, United States
    Duration: 19 May 198623 May 1986
    Conference number: 6


    Conference6th International Conference on Distributed Computing Systems, ICDCS 1986
    Abbreviated titleICDCS
    Country/TerritoryUnited States

    Cite this