[cap-talk] View or Transformation based access controll?
erights at gmail.com
Fri Jan 25 11:19:21 EST 2008
Within the ocap literature, we often refer to attenuation and
attenuators, like a read-only facet or a caretaker for revocability.
These often naturally generalize of transitive attenuators, by
applying the attenuation recursively to all capabilities fetched
through the original attenuator. The transitive form of read-only and
caretaker are sensory and membrane, respectively.
On Jan 25, 2008 5:46 AM, Rob Meijer <capibara at xs4all.nl> wrote:
> In my reader chapter ( http://polacanthus.net/review/chapter7.pdf ) I
> refer to 'view' or 'transformation' based access control as the form of
> access control where transformation of a hierarchy results in a view on
> this hierarchy on what the holder of the view needs no further
> permissions, while excluding the holder of the view from access to nodes
> in the original hierarchy not visible in the view. I was unable to find a
> proper naming for this in literature. It is possible that I am the first
> person who views transformation as a form of access control, but I feel
> rather uncomfortable making up names myself that have no value in
> excisting literature.
> Rob J Meijer
> cap-talk mailing list
> cap-talk at mail.eros-os.org
Text by me above is hereby placed in the public domain
More information about the cap-talk