[cap-talk] POLA and decomposition:sum of functionality*authority but how about the dynamics?
Jed Donnelley
jed at nersc.gov
Thu Sep 20 14:54:29 EDT 2007
On 9/20/2007 3:49 AM, Rob Meijer wrote:
...
> 3) : Each subsystem should based on its own functionality be
> confinable to least privilege p[i].
> 4) : As a quantifier of risk the subsystems poses you can take the
> product of the privileges the sumsystem requires and the
> complexity c[i] of the subsystem implementation.
> r[i] = c[i]*p[i]
For your 'complexity' measures are you assuming 0 <= c[i] <= 1?
If c[i] is allowed to go to infinity then even with fixed p[i]s
that would make r[i] -> infinity - which makes no sense to me.
--Jed http://www.webstart.com/jed/
More information about the cap-talk
mailing list