- From: Alvin Starr <alvin@eyepoint.com>
- Date: Tue, 7 Mar 1995 17:29:56 -0500
- To: riddle@is.rice.edu
- Cc: www-talk@www10.w3.org
At the cost of entering the fray here is my $.02(or about $.03 CDN and going up) > Another base worth looking at, if only for comparative purposes, would > be General Magic's Telescript. I haven't been able to find any > technical descriptions of Telescript, but it appears to have been If I had my choice of languages to use for remote execution I would pick TURING. TURING is a full and simple to use programming language that has a number of features would make it ideally suited to use as an agent scripting language. 1) Turing has a formal and provable semantics(this includes IO) and claims to meet the US DOD criteria as a TRUSTED language. 2) both compilers and interpreters exist for Turing. 3) Turing supports `faithful execution`; this means that either a program is executed according to the language semantics or else it is halted with a message describing the nature of the failure. > written with just this sort of problem in mind and (if its backers have > their way) may before too long have an installed platform base of a few > million users. If it catches on, some sort of WWW-Telescript > interoperability will be very desirable. (Pointers to more information > on Telescript would be appreciated. The best reference I've found to > date is Wired 2.04 p. 102.) > > However, the assumption that it is possible to create a safe > interpreted environment for intelligent agents troubles me. The issue > is not just one of prohibiting agents from making arbitrary system > calls. Isn't it the case that any non-trivial application requires > access to data which are in some way sensitive, and that sensitive data > by definition would be vulnerable to misuse by a malicious agent? > (This is most obvious in the case of agents with write access, but > potentially true even if agents have only read access.) My point is > that if my data are sensitive, I will want to retain control of the > *algorithms* used to access them. Or am I missing something? I would argue that the agent is not as important as who's agent is it. If you give a person access to your system then what is wrong with giving their agent the same access. In this way all of the standard security rules that apply to normal users should apply to their agents. The main issue that I can see is that a reliable way to verify who this agent belongs to, needs to be developed. A second issue would be insuring that the language/protocol that is used by agents is reliable and verifiable. What ever ends up becoming a standard for allowing agent execution it should be reliable and stringently checked. If the current trend in software development is used then the internet worm and other virus incidents will pale in comparison to what will happen. -- Alvin Starr || voice: (905)513-6717 Eyepoint Inc. || fax: (905)513-6718 alvin@eyepoint.com ||
Received on Tuesday, 7 March 1995 17:30:21 UTC