[cap-talk] OCap interoperation via SQL-like languages.

John Carlson john.carlson3 at sbcglobal.net
Tue May 20 23:24:27 CDT 2008 

On May 19, 2008, at 12:48 AM, Jed Donnelley wrote:

> operations (invocations) on a "process" capability:
>
> a. "Read", address; > data;
> b. "Write", address, data; > ;
>   (read and write the memory of the process)
> c. "Take", index; > ; capability
> d. "Give", index; capability > ;
>   (read and write the c-list of the process)
> e. "Find", index, count; capability > result, index;
>   (essentially an EQ for capabilities in a process's c-list)
> f. "Start"; > ;
> g. "Stop"; > ;

Here are the operations above boiled down into CRUD

"Read" is select data from process_capability where address = :address
"Write"" is update process_capability set data = :data where address  
= :address
"Take" is select capability from process_capability where index  
= :index;  delete from process_capability where index = :index
"Give" is update process_capability set capability = :capability where  
index = :index
"Find" is select index from process_capability where  index >=  :index  
and index < :index + :count and capability = :capability (returning  
NULL means no results)
"Stop" is update process_capability set running = false;
"Start" is update process_capability set running = true;

The :'s indicate bind variables (input)

Thus the attributes of the process_capability are:
data (many chunks)
addresses
capabilities
indices
running (boolean flag)

I am not saying this is a relational model by using a SQL-like  
language.  It could be JPQL, OQL or another language.  I am just  
pointing out that operations on capabilities can be boiled down into  
select, update, delete (and insert as you also need a  
process_capability factory  if you count creating the  
process_capability).

Obviously, you don't want people writing arbitrary SQL against your  
capabilities.  That's why you protect the SQL inside methods, and only  
allow people to specify the parameters.  If you do want to share the  
SQL, you need to "sign" it, so when it comes back, you know that the  
SQL hasn't changed (only the parameters).  When I say "share" I mean  
share across the network.

I think that "Take" need to be implemented inside a transaction  
(unless I misunderstand the meaning).

Is it still taking time for people to grok that capabilities are just  
CRUD all over again?

Does capability theory have the concept of a this or self capability?   
Are there any cases where you don't want an object to know it's  
capability?

John

More information about the cap-talk mailing list