[cap-talk] Is "Authority" Subjective?

Jonathan S. Shapiro shap at eros-os.com
Fri Jun 22 09:37:51 EDT 2007 

Toby:

I'm not familiar with CSP, but I think that your question derives from
an oversimplified model.

If I understand your CSP model (remember: I don't know CSP), it is
describing a DFA. There are four system states as follows:

  S1: a1 -> S2
      b -> STOP
  S2: a2 -> S3
  S3: b -> STOP
  STOP: <>

What you have here is actually an operational semantics where each
operation is preconditioned on the system being in the correct state.

The problem with your question is that Alice and Bob cannot, by
definition, be distinct subjects, because their actions are updating the
same system state variable.

For contrast, if you look at the SW model, you will see that there is
really only one system state. All actions are possible at all times, but
only if the subject satisfies the required preconditions. In that model,
the notion of "subject" is captured by the relation between processes
and caps.


shap
  

On Fri, 2007-06-22 at 12:23 +0100, Toby Murray wrote:
> Hi cap-talk,
> 
> I've hit an interesting issue during my work on the formal
> characterisation of authority. I've come to wonder whether the
> definition of "authority" is actually a bit subjective and
> intuition-dependent. I'm hoping this list can confirm or falsify this
> hypothesis. 
> 
> Suppose we have a system represented as the following CSP process (don't
> worry if you don't know CSP, I'll explain what's going on)
> 
> P = a1 -> a2 -> b -> STOP [] 
>     b -> STOP
> 
> Initially the system can perform either of the actions a1 or b. If it
> performs an a1, the only choice for the following action is a2, after
> which the only thing it can do is perform b. In both cases, after
> performing b, the system halts.
> 
> Now suppose that actions a1 and a2 are performed by some object Alice
> and b is performed by another object Bob. Does Alice have authority to
> cause Bob to perform b?
> 
> I can't decide -- I keep dithering between the following two arguments.
> I suspect that in different circumstances, both are valid. But I might
> be wrong -- I'm hoping you can help me decide whether one of them is
> definitely more valid than the other.
> 
> Argument 1: Before Alice acts, Bob can perform b -- the system won't
> refuse it. After Alice finishes acting, Bob can perform b -- the system
> won't refuse it. With and without Alice acting, Bob can still perform b.
> Hence, Alice doesn't cause Bob to perform b and hence, has no authority
> to do so. 
> 
> Argument 2: If Alice performs a1, she can cause Bob to perform b by
> performing a2. In fact, if she refuses to perform a2, the system
> deadlocks and Bob will never perform b. Hence, by performing a2, Alice
> causes Bob to perform b. Hence, Alice does have authority to cause Bob
> to perform b.
> 
> Does either (or perhaps, another) of these arguments appear more valid
> to anyone than the other? Do you believe that we should consider that
> Alice has authority to cause Bob to perform b?
> 
> Thanks heaps in advance for any responses, they're much appreciated.
> 
> Cheers
> 
> Toby
> 
> 
> 
> 
> 
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk

More information about the cap-talk mailing list