Path: utzoo!attcan!uunet!deimos.cis.ksu.edu!ux1.cso.uiuc.edu!ux1.cso.uiuc.edu!m.cs.uiuc.edu!gillies
From: gillies@m.cs.uiuc.edu
Newsgroups: comp.arch
Subject: Re: Capabilities and Object Oriente
Message-ID: <3300126@m.cs.uiuc.edu>
Date: 11 Apr 90 16:37:11 GMT
Lines: 28
Nf-ID: #R:<9004091928.aa26181@PARIS.ICS.UC:-38:m.cs.uiuc.edu:3300126:000:1191
Nf-From: m.cs.uiuc.edu!gillies    Apr 10 17:15:00 1990


"Capability-Based Computer Systems" by digital press (1984).

In my opinion, this is the best books on protection design anywhere.
It contains case studies of 6 or 8 systems, and only by reading the
case studies can you understand the issues and problems in
capability-system design.  Much of the information is unavailable
elsewhere.

"The Eden System: A Technical Review", IEEE Soft-Eng, 198(2?3?4?)

When last I looked, Eden was one of the few distributed systems with
protection.  I believe protection in a coherent distributed system is
still a research topic.  The Eden system uses very rudimentary
capabilities, but at least they thought in these terms when designing
the system.

------

My favorite capability system is Plessy/250.  It was a dedicated
phone-switching controller, but its simple design made it able to
implement protected subsystems efficiently and recursively in
hardware, something no other capability-based computer could do.  Its
only competitor in this sense was (ACL + capability) Multics system.

In other words, the OS and user programs relied on the same hardware
mechanism to perform a subsystem ENTER primitive, and no software
intervention was necessary.