[cap-talk] The transitive access problem
Toby Murray
toby.murray at comlab.ox.ac.uk
Thu Aug 2 07:33:23 EDT 2007
The following might also be useful.
ftp://ftp.comlab.ox.ac.uk/pub/Documents/techreports/RR-03-19.ps
"Architectures for Secure Delegation within Grids"
Phillipa J. Broadfoot and Gavin Lowe
On Wed, 2007-08-01 at 23:36 +0000, Karp, Alan H wrote:
> David Chizmadia wrote:
> >
> > While trying to find an online copy of the paper, I also ran
> > across the following Grid computing paper that appears to be a good
> > reference for your purposes:
> >
> > http://legion.virginia.edu/papers/delegation.pdf
> >
> Ah, yes. I remember it ... I've read this paper, but I thought its
> mechanisms were a mess. There is one interesting sentence in Related
> Work, "There are numerous ways in which to address delegation with
> attribute certificates: using a generic attribute certificate as a
> capability (similar to Legion's bearer credential),". In the
> discussion of Legion bearer credentials, they list a bunch of ways of
> delegating a subset of your rights. They include by method and by class
> but not by the object instance. Is it any wonder they can't come up
> with a usable scheme?
>
> ________________________
> Alan Karp
> Principal Scientist
> Virus Safe Computing Initiative
> Hewlett-Packard Laboratories
> 1501 Page Mill Road
> Palo Alto, CA 94304
> (650) 857-3967, fax (650) 857-7029
> https://ecardfile.com/id/Alan_Karp
> http://www.hpl.hp.com/personal/Alan_Karp
>
>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
More information about the cap-talk
mailing list