[cap-talk] View or Transformation based access controll?

Jonathan Smith jms at cis.upenn.edu
Fri Jan 25 09:42:21 EST 2008


There are some ideas on module thinning that have been tried out in  
Caml that sound
conceptually related to this idea - see maybe
pauillac.inria.fr/~rouaix/mmm/papers/Overview.html
We used this to great effect in a project to build a safe
programmable router, see maybe
www.cs.umd.edu/~waa/pubs/saneimp-jcn.pdf
-JMS


On Jan 25, 2008, at 8:46 AM, Rob Meijer wrote:

> In my reader chapter ( http://polacanthus.net/review/chapter7.pdf ) I
> refer to 'view' or 'transformation' based access control as the form  
> of
> access control where transformation of a hierarchy results in a view  
> on
> this hierarchy on what the holder of the view needs no further
> permissions, while excluding the holder of the view from access to  
> nodes
> in the original hierarchy not visible in the view. I was unable to  
> find a
> proper naming for this in literature. It is possible that I am the  
> first
> person who views transformation as a form of access control, but I  
> feel
> rather  uncomfortable making up names myself that have no value in
> excisting literature.
>
> T.I.A.
>
> Rob J Meijer
>
>
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk

Jonathan M. Smith,  Olga and Alberico
Pompa Professor, University of Pennsylvania,
T: 215.898.9509, E: jms at cis.upenn.edu





More information about the cap-talk mailing list