Capabilities Dictionary

This dictionary of capabilities terminology will be used to explain the historical and modern language of the CapabilitySecurityModel.

Also see <http://www.cap-lore.com/CapTheory/Glossary.html>.

Capability
A reference to an object, that both designates the object and authorizes access to it. A capability is identical to an object reference in ObjectOrientedProgramming, an actor name in the ActorsModel, or a closure in the LambdaCalculus (with local state), if and only if certain deviations from pure object, actor, or lambda calculus computation are prohibited - only if the objects are not provided with causal access to the world outside themselves by other means.

Object
...

Resource
Another term for object (used more often for ObjectCapabilityOperatingSystems).

Object graph
See LocalizedGraphModel?

Designator
CapabilityDesignator

C-list
CapabilityList

Authority
Says what effects programs may actually eventually cause, using both present and future permissions and the actual behaviors of other programs. Calculating this is almost always intractable, and so it must be analysed in terms of approximations that are guaranteed to include all actual authority.

Message send
A primitive operation in the ObjectCapabilityModel, in which a sender object transmits a message to a target object. Depending on the system (in particular its concurrency model), there may be more than one kind of message send -- for example in EeLanguage there are "immediate" and "eventual" sends.

Message
An object representing the request transmitted in a message send. When the target object receives the message, it is accessible to the target as a new acquaintance. In some systems messages must have a particular form (e.g. operation name and list of arguments); in others they can be an arbitrary object.

Sender
The object that sends a message.

Target [or receiver]
The object to which a message is sent.

Reply
...

Method
A piece of code that defines the behaviour of an object in response to a subset of possible messages (for example, messages with a given operation name).

Acquaintance
See LawsOfLocality?.

Confinement
...

DVH
DennisAndVanHorn

Lampson's access matrix
...

Facet
See FacetPattern.

Attenuation
Another term for FacetPattern.

Caretaker
See CaretakerPattern.

HRU
HarrisonRuzzoAndUllman

WallBanging?
Transmitting information from the inside to the outside of a Lampson confinement boundary by use of CovertChannel?s.

Synergy
A phenomenon where a program that holds two (or more, but usually two) capabilities can do something by bringing these capabilities together, that it cannot do with them separately. <http://www.cap-lore.com/CapTheory/Synergy.html>

CategoryJargon

EditText of this page (last edited June 10, 2014) or FindPage with title or text search