[cap-talk] SCOLL : A Language for Safe Capability Based Collaboration

Mark Miller markm at cs.jhu.edu
Tue Jul 19 18:26:02 EDT 2005


Yves Jaradin wrote:
> SCOLL : A Language for Safe Capability Based Collaboration 

This is very exciting! Some quick comments:


In the introductory material, you use the terms "mandatory" and
"discretionary" several times. What do you think these terms mean? As used by
the computer security literature, I don't think they mean anything coherent.
If you agree, then you should drop these terms from the paper.

Btw, if we use Saltzer & Schroeder's definition of "discretionary":

> Our discussion [...] rested on an unstated assumption: the principal that
> creates a file or other object in a computer system has unquestioned authority
> to authorize access to it by other principals. [...] We may characterize this
> control pattern as discretionary.

but substitute "subject" for "principal", then object-capabilities are clearly
*not* discretionary. I think your paper implies that they are.



What's the "LP Calculus"? It's mentioned for the first time on p7 with no
citation:

> The SCOLL language is a subset of the LP calculus extended with search.


-- 
Text by me above is hereby placed in the public domain

     Cheers,
     --MarkM



More information about the cap-talk mailing list