[cap-talk] More Heresey: ACLs not inherently bad
Marcus Brinkmann
marcus.brinkmann at ruhr-uni-bochum.de
Thu Oct 2 15:48:58 CDT 2008
At Thu, 2 Oct 2008 17:21:46 +0000,
"Karp, Alan H" <alan.karp at hp.com> wrote:
>
> Marcus Brinkmann wrote:
> >
> > This can be an advantage of capability systems if there is a
> > considerable interest in micro-managing the authority. My prediction
> > is that in many cases this is not interesting, and people will
> > continue to bag a large amount of authority in a single package and
> > delegate it as a whole. This becomes a disadvantage of capability
> > systems if it is hard to do the mass-delegation. Will it be hard? I
> > don't know. You can wave your hands and say that this could be added
> > on top of a capability system, but most people will be looking for
> > ready solutions, not for opportunities to build them, so these issues
> > have to be addressed in advance.
> >
> When managers give their login credentials to their assistants, they are giving them permission to view the manager's payroll statement, change beneficiaries on the manager's insurance policy, change the manager's withholding amounts, etc. That's a lot of power to give people who may resent how little they are paid for how hard they work. Would you want to give two weeks' notice to someone with that much power over you? My guess is managers would be a lot happier just delegating their manager rights.
Maybe it's just me, but I would pay them more. That is IMO a much
better security investment than paying for a technical solution which
is expensive, has a narrow focus, and will be obsolete in a couple of
years. In addition to give workers more money, it is also a good idea
to empower and engage them.
Of course, this strategy does not fill the pockets of security
researchers and the high tech industry, so there is at least one
disadvantage, I guess. Another would be that it favors long term
benefits over short term profits.
Thanks,
Marcus
More information about the cap-talk
mailing list