Skip to main content
Open Access Publications from the University of California

A protection model and its implementation in a data flow system


A protection model is presented for a general-purpose computing system based on keys attached as ‘seals’ and ‘signatures’ to values exchanged among processes. A key attached to a value as a ‘seal’ does not prevent that value from being propagated to any place within the system; rather, it guarantees that the value and any information derived from it cannot leave the system unless the same key is presented. A key attached to a value as a ‘signature’ is used by a process to verify the origin of the received data. Solutions to problems from the areas of interprocess communication and proprietary services are given.

Main Content
Current View