The Capability Concept and its Ilk
There is a cluster of concepts that have attracted “capability” to describe them.
There may be some useful ones as well as the original and I will explore some of these variants.
Historically a capability was a hardware or software construct that named and conveyed authority to access some resource known to the hardware or software system.
Software capability systems have had a hardware flavor in the sense that their function was much like hardware could have provided.
Most of the Keykos kernel could have slipped easily into microcode.
Henry Levy, in his book Capability-Based Computer Systems, treats the history of hardware based systems back to the 1959 Rice Code-word computer.
Here are a few characteristics of capabilities that might be independent:
- Holder can invoke the capability.
- Holder can pass on the capability.
- Bits are concealed from holder.
- Knowing bits does not suffice to pass or invoke.
- Capability identifies a unique object.
- Capability conveys authority to object.
- Capability is only way to send message.
- Capability is only way to have any effect.
- The capability to an object is necessary and sufficient to access the object.
- Capability is only way to “sense the world”.
- A program passes or invokes a capability only by explicitly identifying
it.
(Each program has its own name space for capabilities.)