FAQ

Frequently Asked Questions

Basic Understanding

Q: Is this just notes of a projects description? I'd love to see something deployed.

A: You did already! We run all of the web site, the wiki, the forum my invoice handling and some custom applications. e.g., a virtual office on that system.

Q: So what you've got is a guaranteed-tamperproof wiki?

A: No, the wiki was just the first application ever written. What we've got here is a guaranteed-tamperproof virtual machine. Almost any programming language can be deployed on that machine and almost all applications can run on it. That virtual machine is in a way similar to the well known Java virtual machine. But the machine instructions are much more coarse grained, since the speed of light would make it infeasable to synchronise those fine grained low level instructions over a wide area network.

Q: I don't believe a few humans can design a system so tamperproof as to keep out the billions of other humans trying to tamper with it.

A: Tamperproofness has two aspects:

Logical tampering: Access control must be managed in such a way, that users can not impersonate each other under any circumstances. In other words, people must not appear in each others reliance set. This includes administrator accounts and digital restriction management. The Askemos system is the first one to demonstrate how to create such a system operationally.
Physical tampering: byzantine agreement can mitigate the effect. Your deployment strategy (host placement and ownership) defines the hardship of breaking the majority vote.

Q: What is a virtual machine at document level?

A: The CoreAPI page states the each process step is defined by a function transforming the current state of the place into the next state. That function is described using a document (like any other) in Askemos, which just has to adhere to a certain dtd. So much for the virtual machine: it's defined in terms of xml documents - at document level.

Q: How can I use Askemos?

A: Let's clear a difference: Askemos as such refers to a concept, the formal part of the InformationSpace. You are already part of it, if you can think in a formal way. But there is also a server software `askemos', which implements the concept more or less. You can use the latter a) on a single machine as i) a xml scripting environment ii) agent operating system or b) in a quorum as a distributed, intrustion resistent agent operating system mainly geared towards 'document/contract management' applications.

Q: The administrator was invented to easy computer operations, why is there none here.

A: Correct, but: The Askemos shall be able to span areas of accountability. An administrative super power doesn't fit the reality. Furthermore this "design flaw" is the reason of servers being hijacked (hacked) - it's usually considered very boring to hack user accounts. At the other hand the AskemosProtection system is very flexible. Each user can act as the administrator of several hierarchies of data.

Q: Is XSLT a sufficient language to stored procedures in an XML object data base? It is not a general-purpose programming language after all, and for real application it has to be mixed with Java/Basic/Scheme/you-name-it.

A: The trick is to separate dynamic and functional discription. XSLT / DSSSL does only the functional part, a tree transformation, which computes the output of a transition. And, actually, DSSSL, SXPath and some more ProgrammingLanguageScheme and SRFI's are available to make programming more fun.

The message system models the dynamics like PetriNet's. It creates transactions around such a tree transformation when a write message arrives at a place. for details see http://www.askemos.org:9080/overview/modelling.html . See also CoreAPI.

Q: Can you compare Askemos to other xml data bases?

A: A part of Askemos stores xml structures persitently, so much it's comparable, see XMLDataBases.

Q: How are transformations, I/O, concurrency etc. implemented in Askemos?

A: Please see the documentation link for implementation details.

Q: The graph like documentation is confusing, why is there no conventional documentation?

A: The docs are kept in WikiWiki alike but layered data bases, all links are computed at runtime. This feature leads to tight integration and mostly useful links, but it's also recognized that this gives too many links. Since december 2001 we try grouping of links and removed them from the core text in the hope to improve the situation. Please comment.

Basic Understanding - Distribution and Security

Q: How does Askemos relate to FreeNet?

A: If Askemos was a OperatingSystem for some hardware, FreeNet would be the hard disk.

Q: How is intellectual property protected in Askemos?

A: We have to distinguish here what is going to be protected. The anonymity data (make the information a secret) or the right to access (confidentiality) use or exploit the property. Askemos leaves the job to secure anonymity to other tools. Instead it keeps a strong point at correctness, reliability, fraud proof:

Relevant meta data is always kept along with the sensitive data. The system always knows who produced the data and how the information is to be protected and distributed. If the data was leaked due to insufficient protection of the underlying hardware or distribution channels, there is - as in real live - no way to get the ghost back into the bottle. But there is a trace to hold the truth up at the legal level.

Q: Does every node keep and process all the information available in the Askemos system? The sheer amount of data will outgrow all bounds!

A: No. The user most "somehow" trust a particular machine to process the information because only clear text information can be processed and during the processing it's vulnerable to breach of anonymity. Therefore only a subset of the data is available at each node.

Whether the physical machine actually keeps more data than the Askemos node at it can process is an entirely different question. It might also participate in a freenet network and hence store shares of other Askemos nodes in cryptographically protected form. But than again this is outside of the scope of Askemos itself.

Q: Is a user assigned a set of nodes of the Askemos network where all the information of said user is processed?

A: No. "Spatial privacy is often the best way to promoty physical privacy." Data is distributed the way the user trusts nodes. And users usually trust different parties with different information. A user might trust the doctor's and the spouse's computer with his/her health data but hide it from the employer, while the pay check is left with the employer and the tax consultant but better hidden from the doctor (...or was it the spouse in that case? ;-).

Q: Which (cryptographical) methods are deployed to protect privacy witin the Askemos system?

None. Cryptographical protection of privacy (anonymity) is intentionally left outside of the scope of Askemos. Askemos is supposed to be used in connection (linked against libraries) with the methods appropriate for the task at hand. Those will develop independant. Askemos is concerned with topics like availibility, liability and trustworthiness.

Application

Q: Why should I use the Askemos Server?

A: There are several good reasons. a) it seems to be the fastest free native xml data base b) you need a highly flexible mandatory access control system without super user to be hacked c) you want network topology for you objects d) you need to extentions to control other applications e) the full fledged alternative is not needed for you application f) you need an application, which needs voted computations (ByzantineAgreement; :Why should I not use the Askemos Server?

A: When current implementaion limits bite you. See TODO, BUGS and FIXME.

Q: Is this yet another web programming environment?

A: Not really. But it's well suited, cause we see the web as the terminals of today. Xml elements are published simillar as files are in web servers. The PHP page and XSLTMethodExamples give an idea how to use Askemos for web programming. BTW:it was originally designed to be distributed operating system.

Q: How do I program with Askemos? Are there examples?

A: Yes, there are. See example style sheets and the "stylelib" (from localhost or askemos.org). Further more see the app subdirectory of the distributuion tar ball. How to find out about avaiable functions.

Q: Is is possible to integrate with other (legacy) applications?

A: Yes, use the trusted code mechanism.

:Q: Whats the difference between {PHP, Perl, most other languages} and Askemos' XSLT / NameSpaceDSSSL for web scripting?

:A: In most languages the resulting document is constructed charachter by character from quoted strings of the programming language. This incures a lot of quoting and can produce invalid output. In contrast in Askemos, the result is created as a document tree from components of the input tree and syntax tree of the running programm. This safes typing, ungly code and ensures at least well formed results.

Q: Sometime the server dies for no good reason!

A: I'd say "nobody is perfect". Have you looked at your swap space? When it runs out of memory it simply dies currently (by end of 2000). A message like "write to .X pages failed." is reported to be left. But I did not see that myself.

Q: Sometimes, when a method reads another place, the other one is returned literally. It's read method is apperantly not executed.

A: This happens, whenever the "other" place resolves to be the same. In order to avoid an endless loop the plain data is returned.

Please note: this loop detection should, but doesn't yet, detect longer loops.