[cap-talk] Need Challenge Problems (was: Confinement Confusion)
Mark S. Miller
markm at cs.jhu.edu
Tue Jul 18 23:00:49 EDT 2006
Toby Murray wrote:
> Also, the "confinement" term has also been used in the context of
> criticising unrestricted delegation. In this instance it has been used
> when talking about the "capability confinement problem" in
> http://www2.cs.uregina.ca/~pwlfong/Pub/esorics2006.pdf
I just skimmed that paper, "Discretionary Capability Confinement", by Philip
Fong. It seemed like he started out standing on some of the right feet, but
then he lost me. Do you understand this paper? Can you explain it? Anyone?
In particular, is his "Heros and Sidekicks" game an interesting challenge
problem for language-based security? Can someone state the problem so that we
could think about meeting the challenge using just pure object-capabilities,
without any of this fancier type machinery. Or so that we could understand why
his proposed type machinery helps? Thanks.
What other interesting challenge problems might we find in the literature of
the other access control schools? We'd like to gather together challenge
problems for comparing schools, in order to grow a "secure cooperation
shootout" wiki.
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the cap-talk
mailing list