[cap-talk] Announcing "Analysing Object-Capability Security" Paper and Authodox v. 0.2.0
Bill Frantz
frantz at pwpconsult.com
Thu May 29 18:06:32 CDT 2008
lists at notatla.org.uk on Thursday, May 29, 2008 wrote:
>> [The OCap model is totally Mark Miller's creation, btw. Hopefully he'll
>> chime in if I've messed up any of the above.]
>
>So that only dates from ~2006 and is totally different from the work
>in KeyKOS etc?
Yes, the OCap model is new. However the OCap model is an attempt to
build a model that allows one to reason about all capability
systems, including KeyKOS. It strips out some of the rights
controls that KeyKOS includes in its capabilities, and replaces
them with attenuating forwarders. By moving basic mechanism to
usage patterns, it makes the base system simpler, and easier to
reason about.
Cheers - Bill
---------------------------------------------------------------------------
Bill Frantz |"We used to quip that "password" is the most common
408-356-8506 | password. Now it's 'password1.' Who said users haven't
www.periwinkle.com | learned anything about security?" -- Bruce Schneier
More information about the cap-talk
mailing list