Web site: www.cs.cornell.edu/slk/
Origin: USA
Category: Server
Desktop environment: CLI
Architecture: unknown
Based on: Independent
Wikipedia:
Media: Install
The last version | Released: 1998 (?)
SLK (The Safe Language Kernel) – the project is developing an operating system infrastructure for extensible systems, such as customizable internet servers and application specific gateways. The primary goal of SLK is to allow users to upload custom extensions onto servers in the network in a secure yet flexible manner.
Goals:
– internet service providers can allow users to serve more than static documents,
– it creates a software market for server plug-ins which can be installed without requiring the system administrator to fully trust the new product,
– distributed services can spread/migrate in the network in response to usage or network state, and
– mobile users can load proxy services into “nearby” servers, for example, to transform data in the network as appropriate for their displays and network connection speeds.
SLK relies on the properties of type-safe languages in order to enforce protection boundaries between applications and the OS itself which means that all code can run in a single address space and at a single hardware privilege level. The first version of SLK is heavily Java based but a significant part of our research effort lies in understanding how to host multiple languages. For example, we plan to integrate ML into the family of languages supported by SLK.
The most fundamental difference between the Secure Language Kernel (SLK) and a traditional operating system is the fact that the entire system runs in a single address space and at a single hardware protection level. There is no memory management hardware that prevents one application from accessing another’s memory and there is no hardware privilege mode differentiating instructions executed in the kernel from those executed in an application. Instead, all protection is enforced by the language system. Languages used under SLK must be type safe and the compiler must provide enough information to the run-time system to allow protection boundaries to be enforced.
