[cap-talk] Capability levels (Meijer)

Jed at Webstart donnelley1 at webstart.com
Sat Aug 19 17:44:14 CDT 2006

At 10:48 PM 8/16/2006, Rob J Meijer wrote:

>...I think any
>attempt to define a 'generic' layering including hardware or network as
>layers is simply useless (next to being hard on the brain)

Hmmm.  To me the network, OS/IPC, and language "levels" are quite
clear.  I also believe their scoping levels are clear, but about that
I can appreciate the discussion.

Regarding the levels themselves:

network: At this level we're talking about independent machines
with some sort of OS on a network like an Ethernet or even the
Internet.  The capabilities are set up as a protocol at some
application level.  YURLs and widewords fit into this category.
So do the NLTSS and Amoeba and I expect some of the Monash
"password" capabilities.  At this level as at all levels there is one
operation on a capability, "invoke" that can pass in various parameters
(including at least one capability - delegation) and get parameters back
(again possibly another capability).

Operating system/IPC:  At this level we're assuming that there
is an operating system that runs "user"/application level processes
(e.g. as Unix and Windows do).  However, we're assuming the OS
does so using a capability model, e.g. like DVH, RATS, KeyKOS,
etc.  Processes have c-lists and can "invoke" capabilities in their
c-lists.  What happens of course depends on the capability invoked.
There is some means for processes to communicate (delegate)
capabilities through in invocation as noted with network capabilities

language: At this level capabilities are data structures defined
by a compiler and it's libraries.  Capabilities are "objects" in the
language and perhaps somewhat more.  The semantics of
capabilities at the language level are again like those at the
OS/IPC level and at the network level (namely a capability
can be "invoked", parameters passed in and back, including
some other capabilities), but the enforcement mechanism
between the active objects is done within code generated or
interpreted by the language and its libraries.

I have the least experience at the language level - none really.
If anybody can help with that description it would be appreciated.
My weakness in that area might be leading me to confusion
of the levels, so maybe it would help if I played with some
E examples to get a better idea how that level works to see
if my assumptions are on or off.  I have read the e "walnut" and
of course have been involved in many related discussions, but
without direct programming experience in E I may be way off.

--Jed http://www.webstart.com/jed/ 

More information about the cap-talk mailing list