Overview of CapROS: Architecture and Benefits
CapROS is a new operating system that merges some very old
ideas about capabilities with some newer ideas about
performance and resource management. The result is a small,
secure, real-time operating system that provides orthogonal
An overview of the CapROS system is not yet available.
In the meantime, the following publications, describing systems
with a very similar architecture, will be of use in learning about
the design and use of CapROS.
J. S. Shapiro, N. Hardy,
EROS: A Principle-Driven Operating System from the Ground Up,
IEEE Software, Jan/Feb 2002.
Describes the principles that gave rise to the EROS and CapROS system
J. S. Shapiro, Jonathan M. Smith, and David J. Farber,
EROS: A Fast Capability System,
17th ACM Symposium on Operating Systems Research,
Operating Systems Review, 34(5):170-185, Dec. 1999
A good description of the architecture of EROS. The CapROS architecture
is mostly similar. (Performance data are not applicable to CapROS.)
Mark S. Miller and Jonathan S. Shapiro,
Paradigm Regained: Abstraction Mechanisms for Access Control,
Proc. 8th Asian Computing Science Conference, Mumbai India, Dec. 2003
Describes why capabilities offer a stronger security model than
commonly-used access control mechanisms, and refutes some
criticisms of the capability model.
Mark S. Miller, Bill Tulloh, and Jonathan S. Shapiro,
The Structure of Authority: Why Security is Not a Separable Concern,
Proc. 2nd International Conference on Multiparadigm Programming
in Mozard/OZ, Charleroi Belgium, Oct. 2004
Explains how capabilities support the Principle of Least Authority.
W. Frantz, N. Hardy, J. Jonekait, and C. Landau,
GNOSIS - A prototype Operating System for the 1990's,
Proc. SHARE 52 I, March 1979, pp 3-17
Somewhat dated, but describes some benefits of capabilities that
still apply today.
Copyright 2009 by Strawberry Development Group. All rights reserved.
For terms of redistribution, see the GNU General Public License