[cap-talk] the value of non-delegatable authority? one-way?
Bill Frantz
frantz at pwpconsult.com
Mon Jan 14 23:44:29 EST 2008
capability at webstart.com (Jed Donnelley) on Monday, January 14, 2008 wrote:
>Just as one
>can make a use once capability (simply - not requiring
>a special use of the return capability) from a base
>that allows multiple use capabilities, one can make
>a one-way communication mechanism out of a base that
>permits two-way communication - e.g. as Bill Frantz
>did with the KeyKOS classification monitor (my term
>just guessed now, sorry if I got the name wrong Bill).
>http://www.agorics.com/Library/KeyKos/securityInKeyKOS.html
Really, a bunch of other people also deserve credit for these ideas.
Certainly Norm Hardy, Susan Rajunas, Jay Jonakait, Alan Bomberger,
and Charlie Landau immediately come to mind.
Cheers - Bill
---------------------------------------------------------------------------
Bill Frantz |"We used to quip that "password" is the most common
408-356-8506 | password. Now it's 'password1.' Who said users haven't
www.periwinkle.com | learned anything about security?" -- Bruce Schneier
More information about the cap-talk
mailing list