Introduction, administrivia, overview
- What kind of computer is the Web?
- Very large scale (single round trip to the opposite side
of the globe at the speed of light takes .13
- Inherently dynamic and unreliable
- Multiple administrative domains, willing to grant each other
various sorts of privileges
- Different parts owned by different people
- What kind of programming language has the Web as its run-time
- must directly address
- modularization mechanisms and consistency checking badly
needed, but static checking
impossible: parts of "global programs" will always be
running while others are under development
conventional static analysis technology (type systems, etc.)
not directly applicable
- Goals of the course:
- To survey the "landscape" of issues and current
technologies in web programming
- To get some reasonably serious hands-on programming experience
with distributed and mobile applications
- To identify and discuss emerging research issues
- The course title... languages for programming the web
vs. architectures for web programming vs. web
An API (or "software architecture") is a programming-language feature
A full-scale language distills several such features as simple
linguistic mechanisms and combines them in a coherent way.
- Many of the technologies that we'll discuss involve some sort of
mobile code. The following categories give a very rough idea
of the varieties of code mobility:
Both know-how and resources at remote location, activated by local
thread of control (e.g. X windows)
- Remote evaluation:
Resources at remote location, know-how is shipped over from local
controlling thread (e.g. rsh)
- Code on demand:
Resources are local, code is remote; code is requested and
shipped back from remote to local host, where it is executed
(e.g. Java applets)
- Mobile agent:
Not only know-how but the agent's thread of control itself
travels through the network from node to node (e.g. data mining
agents, network managers)
- Outline of topics for lectures
- Reading for Wednesday:
Introduction to Java programming
- Administrivia: course enrollment limits...
- Overview of Java
- Most of you probably know more Java than I do, and besides it's
boring to hear about new languages from scratch, so I'm going to
stick to high-level points.
- I'll just try to summarize the essential design decisions,
James Gosling and Henry McGilton,
The Java Language Environment: A White Paper.
- The rest of the class will be spent discussing Project 1.
- N.B. The amount of documentation that I've included in the files
in the handout directory should not be taken as a guide! A
little more would make the code easier to read...
The Java Virtual Machine
Room change: from now on, we'll be meeting in
LH101, not LH019.
- Decide when first assignment is due (probably Wednesday)
- Reminder: on Wednesday we'll be choosing project groups for the
remainder of the semester; now is the time to get an idea of
who you'd like to work with. (If you don't know, don't worry
-- we'll make sure everyone gets assigned to a group.)
- This lecture continues last week's introduction to Java with
discussion of some more advanced aspects of the language.
- The Java Virtual Machine
- Basic security features
- Further reading (for those interested -- not required)
Applets; the Abstract Windowing Toolkit
[Lecture given by
- Applet programming
- The Abstract Windowing Toolkit (AWT).
(Note that we'll describe the new event handling model included in Jave
1.1, since this is the one that you'll find documented in the on-line
API guide; if you look in other books, you'll find mostly descriptions
of how things worked in the old Java 1.0.)
- The Serializable interface.
- Form project groups.
- Project 2 starts today.
More on the AWT; security in Java
- Administrivia: Class roster
- Continuation of last Wednesday's material on the AWT
- AWT protocols (flow of control in an applet)
- Basic Java security mechanisms
- Security managers
- Class loaders
- Start discussion of Vijay Saraswat's paper
Java is not Typesafe
(The sample java code that I showed in class is available here.)
- Reading for Wednesday:
"Jave is not Typesafe"
- Continuation of Monday's lecture.
[Lecture given by
- Java's Remote Method Invocation facilities.
- Reading list:
[Lecture given by
- Discussion of Luca Cardelli's language Obliq.
- Project 3 starts today.
To get started, look at our sample "Hello"
example, a variant of the one in the online Tutorial.
Obliq (continued); distributed GC
[Lecture given by
- Finish discussion of Obliq
- Overview of the distributed garbage collection algorithm used in both
DECSRC's Network Objects implementation and Java RMI.
- It's a month into the course - time to review some of the ground
we've covered and talk a little about how the course is going.
- Assignment: Please send me (by Oct 5) an email with a
short (couple of paragraphs) evaluation of how the course is going for
Specification of file synchronization; service combinators
- Reminder: send me comments on the course
- Project 4 will be announced later
- We'll spend part of the lecture discussing a draft specification of the file synchronization
- In the remaining time, we'll begin discussing Cardelli and
Davies's idea of service combinators; we'll continue this on
- Discussion: In what sense are Obliq and Java RMI "Web Programming
Languages"? What is a web language, anyway?
- Presentation of Service Combinators paper
- We'll begin by finishing off last week's discussion of Service
- Next, we'll look at Milner, Parrow, and Walker's
pi-calculus, a widely used foundational calculus for
message-based concurrency. This will lay groundwork for the other,
more experimental, foundational calculi that we'll consider after
- If there's time left, we'll start on the join-calculus, an
extension of (a variant of) the pi-calculus with primitives for
location, process migration, and failure detection.
The two papers on the join calculus are complementary, but, for our
purposes, neither is ideal. The Tutorial is quite easy reading, but
it describes a full-scale distributed programming language (with the
"pure" theoretical join-calculus at its core), which can obscure the
basic ideas with too much detail. The Calculus of mobile
agents paper, on the other hand, is written for a rather
theoretical audience and may be hard going for a newcomer to the
area. Use both to get a sense of what model of distributed
programming is being proposed here.
- Continued discussion of the join calculus.
- Distributed features of the join calculus; the DRCHAM
(distributed reflexive chemical abstract machine) formalism.
- Continued discussion of the ambient calculus...
- Digression: type systems for concurrent calculi...
what would a type system for ambients look like??
- Research question:
can the ambient calculus with communication be encoded in the pure
Review; migratory applications
- Discussion of projects 5 and 6.
- In-class exercise (20 minutes):
- Where have we been?
- What topics have we covered? (Quick outline.)
- What major questions have been raised?
- What important (or interesting) questions have not yet
- What is the relation between the practical systems we have seen
seen and used (RMI, Obliq, Telescript) and the foundational
calculi we've discussed (pi-calculus, join-calculus, ambient
- Mobile agent frameworks can be classified according to what
- Just data (traditional RPC)
- Data and code (RMI, Odyssey)
- Data, code, and control state (Telescript, Obliq)
- Data, code, and multiple thread states (join-calculus, Ambit)
Migratory applications; Aglets
- Having seen the basics of TeleScript in last Wednesday's lecture,
we'll start thinking more closely now about actual applications of
mobile agent technology.
- Our first topic is a nice paper by Bharat and Cardelli
introducing and developing the idea of migratory agents - mobile
agents that "take their user-interfaces with them" when they migrate.
- Next, we'll survey the basic mechanisms of IBM's Aglets
mobile programming framework, which we'll use in Project 5.
- Project 5 will be announced later
- You may also want to get started thinking about Project 6, the details of which are left to
Aglet security; proof-carrying code
- Briefly discussion of Karjoth, Lange, and Oshima's security model
for Aglets. (This paper is fairly high level, so there is not that
much to say in detail.)
- Longer impromptu discussion of Proof-Carrying Code and its
potential applications in mobile agents.
- Two main topics for the rest of the semester:
- applications for mobile agents
- Protect whom from whom?
- Standard threats:
- resource exhaustion
- aspects of security
- securing underlying transport mechanisms
- higher-level issues:
- authentication protocols
- policy description
- Plans for the next little while:
- PLAN language (today)
- authentication and policymaking
- Today's class will be devoted to discussion of the PLAN overview
- Continuing with the general topic of security, we will begin
discussion of Abadi and Gordon's "Calculus of secret agents."
Spi calculus; secrecy by typing
Low-level calculi for distribution and migration; review
B629: Languages for Programming the Web