[cap-talk] Bill Frantz HP challenge (was: Re: [Confused deputies in hybrid systems (was: Loss of control))
Jed Donnelley
jed at nersc.gov
Wed Feb 6 13:35:11 EST 2008
On 2/5/2008 3:11 PM, Karp, Alan H wrote:
> Bill Frantz wrote:
>> If we wanted to enforce this policy without using anything like the
>> firewall, just using capabilities, what would we do? We need to
>> construct some structure of capabilities to define what is outside
>> and what is inside.
>>
> The statement of the problem implies that there is a way to
> distinguish "inside" from "outside". Why not just put a
> membrane around "inside" and never accept an "inside"
> capability that came from "outside"?
I believe the problem is to translate from what can
distinguish "inside" from "outside" (e.g. the IP
address indicating it came from the VPN service)
into capability form that can then be used by the
service to filter the requests - allowing those
that should be allowed from outside and blocking
those that shouldn't be allowed from outside.
Hence the approach I suggested.
I guess we need to hear from BillF what he had
in mind...
--Jed http://www.webstart.com/jed/
More information about the cap-talk
mailing list