首页 > 试题广场 >

Discuss which of the follow in

[单选题]

Discuss which of the follow ing systems allow module designers to enforce the need-to-know principle. 


  • The MULTICS ringprotection scheme
  • Hydra's capabilities
  • JVM's stack-inspection scheme
添加回答
推荐
林呼头像 林呼
The ring protections scheme in MULTICS does not necessarily enforce the need-to-know principle.If an object must be accessible in a domain at ring level j but not acessible in a domain at ring level i,then we must have j< i. But this requirement means that every object accessible in level i must also be accessible in level j.
A similar problem arises in JVM's stack inspection scheme.When a sequence of calls are made within a doPrivileged code block,then all of the code fragments in the called procedure have the same access privileges as the original code block that performed the doPrivileged operation,thereby violating the need-to-know principle.
In Hydra,the rights amplification mechanism ensures that only the privileged code has access privileges to protected objects,and if this code were to invoke code in other modules,the objects could be exported to the other modules after lowering the access privileges to the exported objects.This mechanism provides fine-grained control over access rights and helps to guarantee that the need-to-know principle is satisfied.
发表于 2018-03-25 10:23:08 回复(1)
哈迪斯龙头像 哈迪斯龙
MULTICS中的环保护方案不一定强制执行需要知道的原则。如果一个对象必须在环级别j的域中可访问但在环级别i的域中不可访问,那么我们必须具有j <i。 但是这个要求意味着在级别i中可访问的每个对象也必须在级别j中可访问。

在JVM的堆栈检查方案中出现类似的问题。当在doPrivileged代码块内进行一系列调用时,被调用过程中的所有代码片段都具有与执行doPrivileged操作的原始代码块相同的访问权限,从而 违反了需要知道的原则。

在Hydra中,权限放大机制确保只有特权代码才具有对受保护对象的访问权限,如果此代码调用其他模块中的代码,则在降低对导出对象的访问权限后,可以将对象导出到其他模块 这种机制提供了对访问权限的细粒度控制,并有助于保证满足需要知道的原则。

发表于 2019-04-14 12:51:08 回复(0)
提交观点

问题信息

操作系统
上传者:林呼
难度:
2条回答 1106浏览

热门推荐

相关试题

扫一扫,把题目装进口袋

求职之前,先上牛客

扫描二维码,进入QQ群

扫描二维码,关注牛客公众号