[cap-talk] Ambient authority, authentication and authorization
Karp, Alan H
alan.karp at hp.com
Mon Jan 22 17:26:13 CST 2007
Jed wrote:
>
> I agree. It may not always be a bad idea to provide a bundled
> group of permissions in an ABAC system.
My point was that it is possible to end up with essentially ambient
authorities even with ABAC. For example, submitting all your
authorization certificates with each request. That's bad, but not as
bad as IBAC.
_________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp/
More information about the cap-talk
mailing list