[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: another take on hackers and painters




> The difference between this work and Matthew's is, I believe, that 
> Matthew is interested in providing not just the API of the operating 
> system, but also the protections between processes. His research goal 
> is to figure out how to provide those protections, but still allowing 
> multiple processes to share data directly, without having to use 
> something like RPC or RMI.

Coincidentally, I was reading "A Security Kernel Based on the Lambda-Calculus 
(1996)" by Jonathan Rees yesterday.

http://citeseer.nj.nec.com/rees96security.html

It includes interface to hardware (including controlling robots) and strong 
protection properties including capability-confinement.  The "sharing of data" 
part is just about as direct and intuitive as a Scheme-head could ever wish -- 
it is by having variables in a shared scope, or by passing variables as 
arguments to function invocation.

--Z