[cap-talk] A better reference for the "capabilities propagate too easily" argument
Mark Miller
erights at gmail.com
Tue Jul 31 12:12:26 EDT 2007
On 7/30/07, Jed Donnelley <capability at webstart.com> wrote:
> At 07:25 PM 7/30/2007, David Hopwood wrote:
> >No-one should care about that paper, and based on citations it appears that
> >hardly anyone does [*]. A much better paper to cite in this context is
> >Saltzer and Schroeder's "The Protection of Information in Computer Systems"
> >(1974, revised 1975), on-line at
> ><http://web.mit.edu/Saltzer/www/publications/protection/>.
Regarding the Horton paper as it will be published, this suggestion
arrived just a hair too late anyway. The final paper was already
submitted before this suggestion arrived. But the Hotsec call for
papers does explicitly state:
# [...] complete papers with polished results in well-explored
research areas are
# discouraged. [...] Note, however, that we expect that many position papers
# accepted for HotSec '07 will eventually morph into finished, full papers
# presented at future conferences.
so this won't be our last chance, even for the Horton paper itself.
> After that time (say 1987) I know of no designs initiated
> using capability access control until the attempt to
> revive some of the KeyKOS concepts in EROS. When did
> that work start? Late 1990s? Perhaps others can help
> me out with references to capability based design work
> that did start during this time period (1986 - 1996?)?
Eden (85) / Emerald (87)
W7 (95).
J-Kernel (99)
Ancestors of E: Vulcan, Agorics papers (86-88), Trusty Scheme at
Autodesk (90?). Joule (90-96?), Webmart (93?), Original-E (95-98).
I'm much less familiar with OS-based work, but what was happening at
Monash U during this interval?
What about Grasshopper and Chorus?
How does the history of SPKI / SDSI relate?
When did Client Utility start?
--
Text by me above is hereby placed in the public domain
Cheers,
--MarkM
More information about the cap-talk
mailing list