An authorization mechanism for unix-based cooperative environments

摘要

The extension to the UNIX protection mechanisms proposed in this paper aims at supporting controlled resource sharing and more flexible and fine-grained discretionary protection in UNIX-based cooperative work environments, such as collaborative software development environments (SDEs).In these environments, the project members need to share programs, data and tools on a temporary basis and according to their roles in the project. Run-time updatable decentralized authorization allows the group to implement separate work areas administered by different project responsibles.The proposed system is based on tools for specifying the cooperative SDE protection policies at the level of project members. Decentralized authorization is achieved through the authorizer role.System tools, integrated in the UNIX kernel, implement the run-time access checking.The protection system architecture and a prototype, based on a UNIX-like kernel restructuring approach, are described.