Skip to content | Change text size

WalNUT Password Capability System Research Project


The WalNUT (Wallace's Non UTopian kernel) Password Capability System is a secure operating system design, which employs password capability techniques to control access to objects within the system. The project is a further evolution of the Password-Capability based Secure Distributed Operating System project, commenced in 1982. Previous projects included the addition of a stdio libraries, a compiler port, a network protocol stack design, a shell design and other miscellaneous topics. Future topics could include a revised network protocol stack, a port of the current gcc compiler, addition of fully POSIX compliant I/O libraries, porting to other hardware platforms, a CORBA like remote object mechanism. Prospective research students should consult Dr Carlo Kopp.

Password-Capability based Secure Distributed Operating System

The Monash Multiprocessor and its Password-Capability System originated in 1982 led by Prof. Chris Wallace with Mark Anderson and Ronald Pose. The aims were to create an environment in which data and other resources could be shared in a controlled manner without regard to their physical locations. The platform was to be a shared-memory multiprocessor, but the system was intended to be distributed across the world, sharing a global, persistent virtual memory. Access to objects (files) in this virtual memory was mediated by Capabilities. By 1990 the system was in operation. A partial port of 4.2BSD Unix was produced. A second generation system (Walnut) was implemented on an IBM PC in the mid-1990s by Maurice Castro and Chris Wallace.  Glen Pringle implemented a console manager, GLui, and nameserver  library/mechanism. Subsequently, Carlo Kopp implemented a POSIX stdio library and stream IPC mechanisms. Ronald Pose proposed a novel architecture in which such a system could be extended into a massively parallel machine. It was planned to implement a third generation system on a modern 64-bit RISC platform. Funding and resources are being sought. Systems of this kind are of great interest in that they deal with the weaknesses that make current systems vulnerable to viruses and SPAM.

Above, below: Multiprocessor demonstrator system located in the Bldg 26/142 laboratory, early 1990s. Not visible is the VAX 750 I/O Processor system, located in the adjacent machine room - a bundle of cables connected these systems through the dividing wall, under the false floor. The Multiprocessor boards shared a backplane using an ECL (Emitter Coupled Logic) low impedance high speed interface bus.


Pose R.D., The Monash Multiprocessor, its Password-Capability System, and its Evolution into a Massively Parallel System [PPT]

A long seminar presentation giving a detailed summary of the Monash Multiprocessor and its Password-Capability System. Also included are further developments of both the hardware architecture and the operating system.

Pose R.D., Password-Capabilities: Their Evolution From the Password-Capability System into Walnut and Beyond [PPT]

ACSAC-2001 Conference Powerpoint presentation.

Pose R.D., Semantics of the Password-Capability System [PPT]

AC-2005 Conference Powerpoint presentation.

Castro, Maurice D., The Walnut Kernel, [Website].

Personal webpage containing an overview, history, and key documents covering the WalNUT kernel, which was the subject of Dr Castro's PhD thesis.

Research Publications / Theses [1986 - Present]

Castro M. D., Pose R. D., Kopp C., Password-Capabilities and the Walnut Kernel, The Computer Journal, Vol 51, No. 5, 2008 (PDF)

Mossop D. G., Security and the password-capability system, Ph.D. Thesis, Monash University, Melbourne, Australia, 2007

Mossop D. G., Pose R. D., Information leakage and capability forgery in a capability-based operating system kernel, Lecture Notes in Computer Science, vol 4277, Springer-Verlag, Berlin Germany, pp. 517-526.

Mossop D G , Pose R D, Security analysis and extensions of a capability-based type manager, Proceedings of the Mexican Conference on Informatics Security 2006 (MCIS 2006), 13 November 2006 to 17 November 2006, IEEE Computer Society, Mexico City Mexico, pp. 1-8.

Mossop D.G. and R Pose R.D., Covert Channel Analysis of the Password-Capability System, in T Srikanthan, J Xue and Chip-Hong Chang (eds), Lecture Notes in Computer Science, [Proceedings of the 10th Asia-Pacific Advances in Computer Systems Architecture Conference (ACSAC 2005), 24-26 October 2005, Singapore], Springer-Verlag, Berlin, Germany, ISSN: 0302-9743 & ISBN: 3-540-29643-3, 978-3-540-29643-0, Vol 3740, pp 655-668.

Mossop D.G. and Pose R.D., Security Models in the Password-Capability System, Proceedings of the 2005 IEEE Region 10 Conference (TENCON 2005), Melbourne, VIC, Australia, 21-24 November 2005, IEEE Press, Melbourne, VIC, Australia, ISBN: 0-7803-9312-0, 6pp.

Pose R.D. and Mossop D.G., Security Analysis of a Capability-Based Operating System, in G Pye and M Warren (eds), Conference Proceedings of the 6th Australian Information Warfare & Security Conference (IWAR 2005), Geelong, VIC, Australia, School of Information Systems, Deakin University, Geelong, VIC, Australia, ISBN: 1 74156 028 4, pp 131-139.

Mossop D. G. and Pose R. D., Semantics of the Password-Capability System, IADIS International Conference Applied Computing, 22-25 February 2005. Algarve, Portugal (PDF)

Gunawan S., Resource Charging in Ad-hoc Networks by Password Capabilities, B.C.S. Hons Thesis, Monash University, Melbourne, Australia, 2003 (Website)

Smith S. E., An Improved Object Store for the Walnut Kernel, B.C.S. Hons Thesis, Monash University, Melbourne, Australia, 2003 (Website)

Harris R. J., Compiler Integration on the Walnut System, B.C.S. Hons Thesis, Monash University, Melbourne, Australia, 2001

R. D. Pose, Password-capabilities: Their Evolution from the Password-Capability System into Walnut and Beyond, in G. Heiser (ed), Proceedings of the 6th Australasian Computer Systems Architecture Conference (ACSAC 2001), Australian Computer Science Communications, Vol 23, No 4, Gold Coast, QLD, 29-30 January 2001, IEEE Computer Society Press, CA, USA, ISBN: 0-7695-0954-1 & ISSN: 1530-0927, pp 105-113, 2001.

V. J. Fazio and R. D. Pose, Distributed Route Initialization Algorithms for the Monash Secure RISC Multiprocessor, in the Proceedings of the Thirtieth Annual Hawaii International Conference on System Sciences, IEEE Computer Society Press, Los Alamitos CA USA, 24-33, 10pp, 1997.

Kopp C., An I/O and Stream Inter-Process Communications Library for a Password Capability System, M.Sc. Thesis, Monash University, Melbourne, Australia, 1997 (PDF)

R. D. Pose, J. Wells and V. J. Fazio, Self-Tuning Paradigm for a Distributed Multiprocessor System with Flexible Interconnection Topology, Computer Architecture '96 Selected Papers of the 1st Australasian Conference, Springer-Verlag Singapore Pte Ltd, Singapore, 183-196, 14pp, 1996 (PDF)

Castro M. D., The Walnut Kernel: A Password-Capability Based Operating System, Ph.D. Thesis, Monash University, Melbourne, Australia, 1996 (PDF).

Castro, Maurice, Pringle, Glen, Wallace, Chris, The Walnut Kernel: Program Implementation Under the Walnut Kernel, Technical Report, 95/230, Department of Computer Science, Monash University, Also released by SERC, CITRI as Technical Report SERC-0011, 8, 1995 (PDF).

V. J. Fazio, R. D. Pose and J.R. Wells, Monash Secure RISC Multiprocessor: Performance Simulation in R. Kotagiri (ed) Australian Computer Science Communications, Eighteenth Annual Computer Science Conf (ACSC'95) Glenelg, South Australia, 17: 1, 161-5, 1995.

Pringle G., Walnut User System Documentation, Draft Technical Report, Department of Computer Science, Monash University, December 6, 1995 (PDF)

Castro M. D., The Walnut Kernel: User level programmer's guide, (Technical report 95/222) Dept Computer Science, Monash University, Melbourne, 54pp, 1995. Technical report CS 95/222 (HTML, PDF).

R.D. Pose, V. Fazio and J.R. Wells, An Incrementally Scalable Multiprocessor Interconnection Network with Flexible Topology and Low-Cost Distributed Switching, IEEE Computer Society Technical Committee on Computer Architecture Newsletter, Special Issue on Interconnection Networks for High-Performance Computing Systems 31-6, 1994 (PDF)

M. D. Castro and R.D. Pose, The Monash Secure RISC Multiprocessor: Multiple Processors Without a Global Clock in G. Gupta (ed) Australian Computer Science Communications, Seventeenth Annual Computer Science Conf (ACSC-17) Christchurch, New Zealand, 16, 1, 453-59, 1994

Pose R.D., Porting Unix to the Password-Capability System, submitted to the First International Workshop on Architectural and Operating Support for Persistence, 1993.

Chew C.E., An InterBus Connection for a Capability Based Multiprocessor, Ph.D. Thesis, Monash University, Melbourne, Australia, 1992

Chew C.E. and Wallace C.S., An inter-bus connection for a capability based multiprocessor, Proc. Fourteenth Australian Computer Science Conf. Sydney, Australian Computer Science Communications 13, 1, 30/1-10, 1991.

R.D. Pose, A Capability-Based Tightly-Coupled Multiprocessor, Ph.D. Thesis, Monash University, Melbourne, Australia, 1991 (PDF)

C.S. Wallace and R.D. Pose, Charging in a Secure Environment, in J. Rosenburg and J.L. Keedy (eds) Security and Persistence, Bremen 1990 Springer-Verlag, London, 85-87, 1990 (PDF)

Chew C.E. and Wallace C.S., An Inter-Bus connection for a capability based multiprocessor, Technical report 90/140 Dept Computer Science, Monash University, Melbourne, 1990. Technical report CS 90/140.

Cathro D., An I/O Subsystem for a Multiprocessor, M.Sc. Thesis, Monash University, Melbourne, Australia, 1988

Anderson M., A Password Capability System, Ph.D. Thesis, Monash University, Melbourne, Australia, 1987

M. Anderson, R.D. Pose and C.S. Wallace, A Password-Capability System, The Computer Journal, Vol 29, No. 1, pp. 1-8, 1986 (PDF)

Professor Chris Wallace

Chris Wallace (computer scientist) @ Wikipedia (HTML)

Professor Chris Wallace @ CORE (HTML)

Christopher S. Wallace publications by David Dowe (HTML)

Speculations and Explorations with Chris Wallace by Carlo Kopp (HTML)

WalNUT Internals

(Diagrams Dr C. Kopp - 1997 MSc Thesis)

WalNUT Testbed and Development System

Above: Walnut development system and i486 testbed (centre) in Bldg 75, cca 2005, note the DEC 5000 Alphas in storage; below: Sutekh, the i486 development platform running FreeBSD 1.1.5 (C. Kopp).