[cap-talk] Horton at HotSec '07: How broadly object/capability?
Jonathan S. Shapiro
shap at eros-os.com
Wed Jul 11 13:02:32 EDT 2007
On Wed, 2007-07-11 at 17:22 +0100, David Hopwood wrote:
> > I chose to focus particular attention on this document:
> >
> > Traditional Capability-Based Systems: An Analysis of
> > Their Ability to Meet the Trusted Computer Security
> > Evaluation Criteria
>
> I have to say that I think you are drastically overestimating the
> effect that papers such as this one had on the history of adoption
> of security mechanisms.
While I agree in general, in this particular case the paper was
influential. First, it was widely circulated and known among the US
authors of the Common Criteria and the Federal Criteria. It was also
well known among the people at NSA who were viewed as thought leaders on
secure systems. I've had it cited to me as a conclusive report by senior
technical people who really ought to know better.
Second, IDA's main purpose is to identify forward-looking research
directions for US Federal research funding. If IDA came out with a
credible report stating that a given direction wasn't interesting (and
this one, given the authors, was certainly considered credible), you may
safely assume that the report had a negative influence on research
funding. This in turn had a negative impact on investigation and
teaching of this technology area, which in turn had a significant role
in marginalizing the ideas in the eyes of mainstream academic computer
scientists and their students.
> We cannot blame anyone outside the capabilities community for our
> collective failure to produce a capability OS that is complete enough
> to run even a few basic demonstration apps on a PC.
I agree. Also, we shouldn't spend time trying to rebut the report. The
right way to do that is with a followup report from IDA, and I think I
may know where to plant that idea.
But to the extent that this report framed an environment in which
capability research was disregarded as irrelevant, and to the extent
that research funding is important to the long-term success of these
ideas, this particular report is well worth knowing about.
--
Jonathan S. Shapiro, Ph.D.
Managing Director
The EROS Group, LLC
More information about the cap-talk
mailing list