The growth and popularity of loosely-coupled distributed systems such as the World Wide Web and the touting of Java-based systems as the solution to the issues of software maintenance, flexibility, and security are changing the research emphasis away from traditional single node operating system issues. Apparently, the view is that traditional OS issues are either solved problems or minor problems. By contrast, we believe that building such vast distributed systems upon the fragile infrastructure provided by today's operating systems is analogous to building castles on sand. In this paper we outline the supporting arguments for these views and describe an OS design that supports secure encapsulation of the foreign processes that will be increasingly prevalent in tomorrow's distributed systems.¹

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Ali-Reza Adl-Tabatabai , Geoff Langdale , Steven Lucco , Robert Wahbe, Efficient and language-independent mobile programs, Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation, p.127-136, May 21-24, 1996, Philadelphia, Pennsylvania, United States
	2	S. M. Bellovin and M. Merritt. Limitations of the Kerberos Authentication System. In Proc. of the Winter 1991 USENIX Conference, pages 253-267, 1991.
	3	A. Chankhunthod, P. B. Danzig, C, Neerdaels, M. E Schwartz, and K. J. Worrell. A Hierarchical Intemet Object Cache. In Proc. of the USENIX 1996 Technical Conference, pages 153-163, Jan. 1996.
	4	D. R. Cheriton and K. J. Duda. A Caching Model of Operating System Kernel Functionality. In Proc. of the First Symp. on Operating Systems Design and Implementation, pages 179-193. USENIX Association, Nov. 1994.
	5	D. Dean , Felten , Wallach, Java Security: From HotJava to Netscape and Beyond, Proceedings of the 1996 IEEE Symposium on Security and Privacy, p.190, May 06-08, 1996
	6	B. Ford and M. Hibler. Fluke: Flexible/J-kernel Environment-- Application Programming Interface Reference (draft). 121 pp. University of Utah. Available as ftp://mancos.cs.utah.edu/papers/sa-flukeref.ps.gz and http://www.cs.utah.edu/projects/- flux/fluke/html/sa-flukeref/(HTML format), 1996.
	7	Bryan Ford , Mike Hibler , Jay Lepreau, Using annotated interface definitions to optimize RPC, Proceedings of the fifteenth ACM symposium on Operating systems principles, p.232, December 03-06, 1995, Copper Mountain, Colorado, United States
	8	B. Ford, M. Hibler, J. Lepreau, P. Tullmann, G. Back, S. Goel, and S. Clawson. Microkemels Meet Recursive Virtual Machines. Technical Report UUCS-96-004, University of Utah, May 1996.
	9	B. Ford and S. R. Susarla. Flexible Multi-Policy Scheduling based on CPU Inheritance. Technical Report UUCS-96-005, University of Utah, May 1996.
	10	Aniruddha Gokhale , Douglas C. Schmidt, Measuring the performance of communication middleware on high-speed networks, Conference proceedings on Applications, technologies, architectures, and protocols for computer communications, p.306-317, August 28-30, 1996, Palo Alto, California, United States
	11	R. P. Goldberg, Architecture of virtual machines, Proceedings of the workshop on virtual computer systems, p.74-112, March 26-27, 1973, Cambridge, Massachusetts, United States  [doi>10.1145/800122.803950]
	12	J. Gosling and H. McGilton. TheJavaLanguageEnvironment: A White Paper. Technicalreport, Sun Microsystems Computer Company, 1996. Available as http://java.sun.com/doc/language_environment.
	13	Norman Hardy, KeyKOS architecture, ACM SIGOPS Operating Systems Review, v.19 n.4, p.8-25, October 1985  [doi>10.1145/858336.858337]
	14	M. B. Jones , P. J. Leach , R. P. Draves , J. S. ,. Iii Barrera, Modular real-time resource management in the Rialto operating system, Proceedings of the Fifth Workshop on Hot Topics in Operating Systems (HotOS-V), p.12, May 04-05, 1995
	15	Hugh C. Lauer , David Wyeth, A recursive virtual machine architecture, Proceedings of the workshop on virtual computer systems, p.113-116, March 26-27, 1973, Cambridge, Massachusetts, United States  [doi>10.1145/800122.803951]
	16	J. Liedtke, On micro-kernel construction, Proceedings of the fifteenth ACM symposium on Operating systems principles, p.237-250, December 03-06, 1995, Copper Mountain, Colorado, United States
	17	J. Markoff. AT&T Plans to Offer Intemet Over a $500 Wireless Phone. New York Tunes. July 12, 1996.
	18	Jeffrey C. Mogul, The case for persistent-connection HTTP, Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication, p.299-313, August 28-September 01, 1995, Cambridge, Massachusetts, United States
	19	J. C. Mogul. Operating Systems Support for Busy Intemet Services. In Proc. Fifth Workshop on Hot Topics in Operating Systems, May 1995.
	20	Jeffrey C. Mogul, Hinted caching in the web, Proceedings of the 7th workshop on ACM SIGOPS European workshop: Systems support for worldwide applications, September 09-11, 1996, Connemara, Ireland  [doi>10.1145/504450.504470]
	21	David Mosberger , Larry L. Peterson, Making Paths Explicit in the Scout Operating System, University of Arizona, Tucson, AZ, 1996
	22	G. J. Popek and C. Kline. Verifiable Secure Operating Systems Software. In AFIPS Conf. Proc., June 1973.
	23	D. L Schmidt, T. Harrison, and E. AI-Shaer. Object-Oriented Components for High-Speed Networking Programming. In Proc. of the USENIX Conference Object-Oriented Technologies, June 1995.
	24	D. Wagner, I. Goldberg, and R. Thomas. A Secure Environment for Untrusted Helper Applications. In Proc. of the 6th USENIX Unix Security Symposium, 1996.
	25	M. V Wilkes, The Cambridge CAP computer and its operating system (Operating and programming systems series), North-Holland, 1979
	26	F. Yellin. Low Level Security in Java. In Proc. 4th int'l Worm WMe Web Conference, pages 369-379, Dec. 1995.