The rights system is the heart of Askemos.
We will reason here about one of the two basic axioms.
As always with axioms, the reasoning can't be done "inside" the
system (otherwise we would try to violate Gödel's completeness
The first section gives a brief summary of this reasoning, which is
expanded in AskemosBackground.
The second section introduces a formal (set theoretic) notion of
rights, and a formal criterion to sort rights systems into corruptible
Then we argue that "traditional" capability theory is a special case
of the Askemos rights system and derive some practical consequences
to show the utility.
The principle of inalienable rights
There is a set of rights associated which each individual.
(Here an individual might be a person or even a thing).
It is impossible (illegal) to transfer the whole set of rights
of one individual to other individuals.
It is immediately clear to human understanding,
that there are inalienable rights.
At the end of the day nobody can lie to his/her own consciousness. It
always tells you the truth even though you might yourself lie to
others. Telling you the truth is the very right of your own
consciousness and you can't sign that right off at all.
Therefore the idea of inalienable rights irrevocably exists in any
In AskemosBackground we will trace back the insight of this
anthropological fact in various cultures to proof it being a common
ground of mankind, independent of political and cultural
For instance Rousseau reasons
"The Social Contract Or Principles Of Political Right" (RousseauSocialContract)
about the construction of self preserving systems of rights.
The principle of the inalienable right and a very basic set theory
is the design principle behind the protection handling system of
No further assumptions
which could introduce cultural or historical dependencies
These rules have not yet been translated into web pages.
Please see the section "distributed authority" in the
for a concise, formal description.
(TODO the rule set in the paper should start with the definition
of the element/set relationship.
This is a stylistic mistake, it doesn't change anything.)
The general protection system of Askemos overcomes deficiencies of
traditional protection systems as found in operating systems at the market
Basically all those protection systems are based on a super power, which
can overrule everything, like a king.
These hierarchical systems where historically followed
by democracies in history, which rely on the logical inversion of the super
power, the public right. A public right is mathematically spoken a system
invariant. There exists no individual power, which can overrule the public
At the other hand an administrative power is often needed for
efficiency and it is provided as well, just restricted to
a domain rooted in the administrator user.
The protection system layed out here
is structured as a set of hierarchies,
which can sign their parts off among each other.
A distributed system, where each point of operation is assumed to
fail with some probability, requires a protection mechanism which is based on
a system invariant. As a welcomed side effect it is impossible to overtake the
system in the "traditional" style, where individuals can break into the
administrative account of systems and destroy or steal all data.
Capability based schemes
(see for instance
) are sort of a special case of the Askemos protection system.
A capability is usually an opaque bit pattern,
which are undivisible objects.
This leave those systems with the problem of the transfer.
To transfer indivisible rights between objects a higher right is
required, which eventually contradicts the axiom of the existence on
Except for this transfer problem,
which is solved by the replacement of opaque bit patterns
through sets, that is divisible objects, all rules apply.
The public right or common code and the taboo
To facilitate communication (i.e., to get any trusted contact
between two individuals started first time), a special right is
needed, which all individuals do have.
But there is a difference between the public right and the right of
the individual. The individual has the right to change it's mind at
any time. The public right can not. Therefore the set of rights the
- which represents the public right - has
is represented by the difference
of this very places (so called "full") right
and it's counterpart: the right of the individual.
Within Askemos programs, these two rights are the only well known
rights. The function
public-oid yields the OID
representing the public right, while
yields the symbol for "private".
At any Askemos installation the place with the public oid shows the
rules of use under which the
participates in the Askemos.
It is always a constant object, or in the context of
program execution, it is used as the symbol for "constant".
The counterpart, the
right of the individual
is the taboo. It is never possible to access that object.
- there is a separate value space for rights
- robust against known attacks (with possible exemption for denial of
- it's impossible to extend rights or derive rights from other values
- work like humans beings assign capabilities among each other
- Detailed design notes.