[cap-talk] the prize
Karp, Alan H
alan.karp at hp.com
Thu Oct 21 11:23:53 EDT 2004
Charles Landau wrote:
>
> I think you're attempting to broaden the scope of the discussion
> beyond what was intended. We are discussing mathematical models of
> security mechanisms that have application to computers. In a
> mathematical model, one can limit risk to exactly zero, and that's
> what we should aim for.
>
I don't see how the risk can be zero. If Alice gives Bob a capability,
there is always a chance that Bob will abuse that capability in some
way. There is also the possibility that Carol will abuse the capability
by subverting Bob's machine. These are among the risks that Alice must
be willing to accept to gain the benefit of giving Bob the capability.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Alan H Karp.vcf
Type: text/x-vcard
Size: 792 bytes
Desc: Alan H Karp.vcf
Url : http://www.eros-os.org/pipermail/cap-talk/attachments/20041021/f0abc6fa/AlanHKarp-0001.vcf
More information about the cap-talk
mailing list