[cap-talk] Reinterpreting POLA - "Authority Must Not Exceed Trust"
ihab.awad at gmail.com
ihab.awad at gmail.com
Mon Sep 17 17:42:30 EDT 2007
On 9/17/07, Toby Murray <toby.murray at comlab.ox.ac.uk> wrote:
> Given some means to calculate the authority A_o of each object, o, in a
> system, and given the authority we're willing to trust each object to
> wield, A_o', the system is insecure if for some o, A_o \superset A_o'
Going with your terminology, it is insecure *with respect to* A_o',
not in some general sense. Thus implying that there may be serveral
opinions on what A_o' should be, and thus several ideas about how
secure the system is.
Ihab
--
Ihab A.B. Awad, Palo Alto, CA
More information about the cap-talk
mailing list