OverviewAbstract

About

The software "askemos" is an incorruptible and intrusion resistant agent oriented operating system. It forms the basic infrastructure (TCB) required for the project Askemos. The AskemosDesign defines an autonomous, virtual machine on document level, which works synchronous among distributed, independant components (companies, departments etc.).

Data Structure

A set of frames ist persistently stored in a software transactional memory. One slot, the body, contains an arbitrary data unit (there is no exact definition what the units are, but XML document are prefered). The system maintains meta data about the body in the other slots of the frame. We call such an object a place in Askemos.

Autonomy of Places, Presentation and Manipulation

At the places live autonomous objects or agents. One of the meta data slots of a place is a so called action, which is the code executed by the agent. (From a OO point of view, body + bodies'meta + action = object.) This action is (essentially) the only function, which can modify the slots of the place.

The read operation (MVC terminology: View) delivers the data at the place, possibly transformed by a function (side effect free!). A write operation (MVC terminology Controller) changes all data slots at the place in one transaction using the result(s) of another function.

It helps to understand that a place comparable to stream as described in SICP? (Abel, Sussmann). The head of the stream compares to the actual state of the agent (the data currently stored in the slots of the place), while a transaction - advancing the agent to it's next state - stores the result of the tail operation at the same place. Instead of the "head" and "tail" operations there are two kind of operations, a read and a write type.

Context and Topology

Each place has a set of mappings from names to OID's (strong links). That way it can keep connections and address those other places symbolically.

An operation can send out messages (partially restricted at types) to all places it can address (absolute or symbolically). Read operations can be performed as calls, that is, the sender can wait (at any time) for the operation to complete and use the result. Write operations are always send out asynchronous (read operations can be as well) at the end of a successful transaction. Besides being a technical requirement, this is an important design decision.

Rights

One dimension, or axis, of information are the rights which are accociated with a place.

The default protection system is a simple access control list. But the mechanism can easily model very complicated cases.

Distribution and Reliability

Operations of the Askemos distributed virtual machine are synchronized using byzantine agreement over the majority of a quorum. Therefore Askemos can cope with malicious components of it's own; it should be pretty hard to stop it working.

There are only a few requirements for the storage system. It's expected, that most distributed file systems and data bases can be utilized.

Sugar and Fashion

One action defines XSLT documents (implemented as server extension). Their program and data are just one style sheet (possibly distributed over multiple places). If a XSLT document wants to change state, it must recreate itself with state elements replaced.

Different data base adaptors have different strength. And distributed object data bases can not beat the performance of specialized relational data bases when searching large relational tables while they are superior at less structured data. Relational data bases are accessed by XSQL.