"Operating System Structures to Support Security and Reliable Software", herein called "the paper", is by Theodore A. Linden, Institute for Computer Science and Technology, National Bureau of Standards, Washington D.C. 20234. Published in ACM Computing Surveys, Volume 8, Number 4, December 1976, pp. 409-445.

This paper is a high-density survey of some of the issues that motivate Gnosis. It gives a framework in which systems such as Gnosis can be described. The paper induces many architectural attributes of an operating from the requirements and by abstraction from modern operating systems. Since this structure is very much like Gnosis it invites comparisons in the areas wherein Gnosis differs.

Section 6.2 of the paper observes that these systems have only interpretive access to shared data if the hardware lacks the capability features. In Gnosis, however, we use the standard 370 hardware {which has not hitherto been called capability hardware} but we have direct access to shared data. The data, not a copy of it, is in your memory. Shared data is modified at the instant the store instruction is finished.

Section 6.3 discusses some of the issues covered in (p3,tags) of this manual. It might be difficult to design stacks like those described in the paper from pages and nodes but the Gnosis kernel doesn't provide stacks. See (p1,gates) for what Gnosis does here. Putting stacks in the kernel puts storage allocation in the kernel which is counter to early design decisions.

Section 7.4 paragraph 3 suggests that perhaps there should be some enforcement of a policy that capabilities that are held for "relative long periods of time" be kept only in directories.

Section 12 {the conclusion} is very perceptive, but we disagree with the statement that new "basic addressing mechanisms" are needed. Putting the function of about 16K of kernel code in microcode, without changing the external specifications of the kernel, would provide the performance requisite for the desired ends.