[cap-talk] Fourth ABAC, prevention of delegation

Norman Hardy norm at cap-lore.com
Mon Jul 31 21:06:58 CDT 2006 

On Jul 31, 2006, at 6:20 PM, Jed at Webstart wrote:

> At 01:24 PM 7/31/2006, Norman Hardy wrote:
>> Marc says at <http://video.google.com/videoplay?
>> docid=-7961423532989255419#1h6m10s> that delegation cannot be
>> prevented and goes on to note that delegation is the cornerstone of
>> civilization.
>> I agree that delegation is the cornerstone of civilization.
>> Delegation can be prevented but at the cost of not getting your job
>> done.
>
> I believe Marc was referring to the communicating conspirators case.
> That is, where communication is possible delegation cannot be  
> prevented.
> He made his statement following his statement that there is no  
> technology
> available to prevent copying and forwarding of data when  
> communication is
> allowed.

Perhaps I took it out of context but Marc seemed to be summing up at  
the end for the entire gamut of capability schemes.
I agree that without confinement one trusts the program provider.

> I won't say more about this as it's extensively covered elsewhere  
> on this
> list.  Is this a confusion on what was intended or on some base  
> technology
> topic?  Do you believe it is possible to block delegation even when
> full bidirectional communication is possible?  Any discussion along  
> those
> lines it seems to me should go into the conspiring communicators  
> thread.
>
> Of course one can block delegation with confinement - as all
> communication is blocked.
>
>> More important is that with confinement, one can delegate a task to
>> 1000 programs, without delegating the secrets within the task to the
>> respective programmer providers.
>> This sort of delegation is immensely practical.
>
> yes.
>
>> Even our favorite solitaire in cap-desk is unable to remit the poor
>> play of the user to the program author.
>
> yes.
>
> --Jed http://www.webstart.com/jed/
>
>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk

More information about the cap-talk mailing list