[cap-talk] Mandatory Policy
Karp, Alan H
alan.karp at hp.com
Thu Aug 2 11:38:36 EDT 2007
Shap wrote:
>
> I suspect that the answer goes back to namespaces and composition of
> policies. If policies do not compose, then it is not possible to
> frame/express them in a modular way. Under these conditions,
> subdivision
> of administrative authority becomes a very delicate matter.
> In the large
> view, there is no such thing as disjoint namespaces: two namespaces
> accessed by a common process are effectively joined for
> policy purposes.
>
I've always made "policy" the central concept, rather than "namespace".
Clearly, they're connected. You can't have a joint policy without a
joint namespace. In my view, the role of the administrator is to
provide means by which users can obey policies that control the use of
the resources they share with others.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list