[cap-talk] What's "Discretionary Security" (was: Another "core" principle, capability communication)
Karp, Alan H
alan.karp at hp.com
Tue Jan 2 10:42:20 CST 2007
Jed wrote:
> When it comes down to it, the essence of "mandatory" access
> control seems to be that a subject with a permission must
> not be allowed to grant that permission to another subject.
> In that sense it is antithetical to the object-capability
> paradigm and to the reality of the issue of communicating
> conspirators.
>
> To me it's really nonsense. I hope somebody can provide even
> a modicum of meaning in it for me at some point.
>
You can think of the caretaker pattern as an example of
non-discretionary control, at least with my definition of the term.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list