[cap-talk] "Same" key
Bill Frantz
frantz at pwpconsult.com
Wed Feb 7 01:23:52 CST 2007
markm at cs.jhu.edu (Mark S. Miller) on Tuesday, February 6, 2007 wrote:
>I agree. We should use the terminology connecting out field to that of
>object-oriented programming, since that's the "object" we mean by
>"object-capability model". I don't think Bill was suggesting otherwise. Bill?
I grew up with the OS terminology, which makes sense in an OS context.
I don't really care which terminology we end up using, but being an old
man, and having used the OS words for the last 25 or 30 years, I may
slip back into using them should we decide that the language words are
the best ones to use. Please just gently remind me when I slip up.
>Regarding the KeyKOS literature, I'm confused about what they mean by
>"object". The KeySAFE paper in particular is careful to distinguish "TCSEC
>object" from "KeyKOS object" and to always use the prefixed form for the
>latter. Can any of the KeyKOS crowd/community clarify what the KeyKOS
>literature meant by "object"? Is the KeySAFE paper consistent with your usage
>elsewhere?
"KeyKOS object" almost certainly means domains and kernel constructs
built to look like domains. Because the TCSEC people used "object" to
mean something that was subject to security labeling, the KeySAFE paper
used "TCSEC object" for those objects. It should be noted that the
KeySAFE system clearly envisioned the existence of many KeyKOS domains
that would be held entirely within a single security compartment, and
therefore would not need an individual security label. That is why the
paper is careful to keep the two concepts distinct.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | I like the farmers' market | Periwinkle
(408)356-8506 | because I can get fruits and | 16345 Englewood Ave
www.pwpconsult.com | vegetables without stickers. | Los Gatos, CA 95032
More information about the cap-talk
mailing list