[cap-talk] What does the [defense?] security communityreally fear from capabilities?

ken at sipantic.net ken at sipantic.net
Sat Jul 14 05:23:32 EDT 2007

After working on the Plessey 250 through to 1976 it was clear to me that 

1. The power of capability architectures for security, privacy, and reliable
software was awe-inspiring.
2. Few understood this and no one was going to build another special purpose
CPU that could compete with the price point 808x etc.
3. Using Capabilities in distributed (microprocessor) architectures could
achieve the same level of architecture control - certainly for specific high
reliability applications.

Hence the next step was to move directly to finely distributed control based
on networked OS messaging, CPU encapsulation, and run-time message binding
for access control. The ITT 1240 was the direct result of the Plessey
experience and several of the Plessey team led the design of this first
highly distributed solution. 

Both the Plessey and ITT systems were commercial success and highly
profitable for the owners for Plessey in military communications and ITT in
public networks.

The way forward is the same today. Networked object-capability architecture
will show the way. Building secure, private and reliable networks is the
essential step. Everything else will follow in good time.
Kenneth Hamer-Hodges

-----Original Message-----
From: cap-talk-bounces at mail.eros-os.org
[mailto:cap-talk-bounces at mail.eros-os.org] On Behalf Of Jonathan S. Shapiro
Sent: Saturday, July 14, 2007 1:46 AM
To: General discussions concerning capability systems.
Subject: Re: [cap-talk] What does the [defense?] security communityreally
fear from capabilities?

On Fri, 2007-07-13 at 14:25 -0700, Jed Donnelley wrote:

> 1966: Dennis & Van Horn paper - MIT 
> 1967: PDP-1 Supervisor - MIT 
> 1967: Magic Number Machine - University of Chicago 
> 1968: CAL-TSS - Berkeley 
> 1969: System 250 - Plessey Corporation 
> 1970: CAP - Cambridge University 
> 1971: Project SUE - University of Toronto 
> 1971: Hydra - Carnegie Mellon 
> 1972: RATS - Lawrence Livermore 
> 1973: Actors - MIT 
> 1973: PSOS - SRI 
> 1975: StarOS - Carnegie Mellon 
> 1975: GNOSIS/KeyKOS - Tymshare 
> 1976: Monads - Monash University 
> 1978: System/38 - IBM 
> 1978: NLTSS - Lawrence Livermore 
> 1980: SWARD - IBM 
> 1980: PDP 11 operating system - University of Texas 
> 1981: Amoeba - Free University Amsterdam 
> 1982: iAPX 432 - Intel 
> 1982: Password-Capability System - Monash University 

Note: System/38 is more popularly known as AS/400.

This is an important list. Ask yourself which of these systems received
positive *mainstram* attention. The *only* one I know about is S/38.

Amoeba was not a protected capability system.

Cal/TSS was never finished.
Jonathan S. Shapiro, Ph.D.
Managing Director
The EROS Group, LLC

cap-talk mailing list
cap-talk at mail.eros-os.org

More information about the cap-talk mailing list