From: Nathan Dire (ndire_at_cs.washington.edu)
Date: Sun Jan 11 2004 - 22:50:49 PST
In "Programming Semantics for Multiprogrammed Computations", Dennis and Van
Horn outline the properties of multiprogrammed computer systems and present a
basic schema for studying them. At the time of the paper, I believe systems
were transitioning from batch processing to multiprogramming, so basic ideas
of multiprogrammed computation were just evolving.
The authors begin by defining five properties of multiprogrammed computer
systems. Next, the authors describe the basic abstract structures which
define their multiprogrammed system, such as segments and processes. The
paper then outlines the basic primitive operations that the authors have
defined to provide a basis for multiprogrammed computation.
There is much that is familiar in the authors' presentation of an MCS. All
five properties they outline remain relevent to current systems. The basic
abstract structures of segments, processes, and principals seem to have
remained intact. Many of the meta-instructions also remain quite familiar:
fork, quit, join, private, lock, and unlock.
The interesting idea in the paper is that of a C-list and the way in which it
is pervasive throughout the system. To reference an object in the system, it
must be explicitly listed as a capability. This extends from processes to
memory segments to procedures. The authors also provide an interface for
managing C-lists which allows detailed control of the rights of processes
within a computation.
The use of capabilities for protection and sharing seems quite compelling.
With respect to the historical context, it is surprising to note the early
existence of such a complete system for security. It seems that subsequent
systems were developed with much weaker systems for protection and sharing.
Perhaps the implementation of such a system resulted in too much complexity
and performance cost for the projects of the time.
One criticism of the paper might be the degree of abstraction. There doesn't
seem to be much consideration given to the usefulness of the meta-instruction
interface, and it seems that only passing references are made to real-world
systems.
This archive was generated by hypermail 2.1.6 : Sun Jan 11 2004 - 22:50:50 PST