Weekly Notes for Week 22

There are no lectures this week, and there is a final tutorial session on Monday.

Tutorial Session Week 22

Please prepare for week 22 the following exercises:

(important) Capability lists are usually kept within the address space of the user. How does the system ensure that the user cannot modify the contents of the list?
The access-control matrix can be used to determine whether a process can switch from, say, domain A to domain B and enjoy the access privileges of domain B. Is this approach equivalent to including the access privileges of domain B in those of domain A?
What hardware features does a computer system need for efficient capability manipulation? Can these features be used for memory protection?
Discuss the strengths and weaknesses of implementing an access matrix using capabilities that are associated with domains.
(important) What is the need-to-know principle? Why is it important for a protection system to adhere to this principle?
Describe how the Java protection model would be compromised if a Java program were allowed to directly alter the annotations of its stack frame.
(important) How does the principle of least privilege aid in the creation of protection systems?

(important) Describe the three types of traditional hypervisors.
(important) Describe four virtualization-like execution environments, and explain how they differ from “true” virtualization.
(important) Why are VMMs unable to implement trap-and-emulate-based virtualization on some CPUs? Lacking the ability to trap and emulate, what method can a VMM use to implement virtualization?
(important) What hardware assistance for virtualization can be provided by modern CPUs?
(important) What is docker? What is a docker image? What is a docker container?
(important) What is a unikernel?