EROS, the Extremely Reliable Operating System, addresses the issues of reliability and security by combining by three ideas from earlier systems: capabilities and a persistent single-level store. Capabilities unify object naming with access control. Persistence extends this naming and access control uniformly across the memory hierarchy; main memory is viewed simply as a cache of the single-level store. The combination simplifies application design, allows programs to observe the "principle of least privilege," and enables active objects to be constructed securely. EROS is built on a simple object model that is easy to implement and understand.
EROS is a new operating system originally implemented at the University of Pennsylvania. The project has now migrated to Johns Hopkins University. EROS merges some very old ideas in operating systems with some newer ideas about performance and resource management. The result is a small, secure, real-time operating system that provides orthogonal persistence.
EROS is a pure capability system. A capability uniquely identifies an object and a set of access rights. Processes holding a capability can perform the operations permitted by those access rights on the named object. Holding a capability is a necessary and sufficient condition for accessing the associated object with the authority granted by that capability.
0 comments: on "Extremely Reliable Operating System (EROS)"
Post a Comment