One of the issues that we are working on for the 0.4 release of Chandler is what we call sharing -- the ability to share Chandler Items with other people. As soon as you start talking sharing, you need to start thinking about authentication and access control. Before I got to OSAF, there was some talk of doing this sort of thing by using capabilities, a technology that people have seen in an OS textbook but never really been exposed to. Fellow ASF member Ben Laurie is a big advocate of this approach. So as we started into sharing, I took some time to look through my (paper) copy of Henry Levy's Capability-Based Computer Systems which details the evolution of capability oriented systems. In these pages you encounter the Burroughs B5000, the MIT PDP-1, the CAL-TSS, the Plessey 250 and its descendent the Cambridge CAP. You'll also find the CMU Hydra and StarOS systems. The IBM System/38 (now known as the AS/400) appears as the only commercially successful capability based system (and most people don't really know about it). The last system described is the ill fated Intel iAPX 432. I was quite enamored of this system -- I think the original Intel databooks are still in a file cabinet in my parents house.

Even if you're not up for a tour of computer architecture, you'll benefit by looking at the first and last chapters to learn more about capabilities and the problems they are trying to solve. It's worth it. As time passes the knowledge of these systems' designers will slowly fade away, and the lessons they learned will be lost, dooming us to insecure C-based hardware forever.