[cap-talk] Butler Lampson does it again
ihab.awad at gmail.com
ihab.awad at gmail.com
Mon Dec 21 13:46:33 PST 2009
On Mon, Dec 21, 2009 at 1:29 PM, Karp, Alan H <alan.karp at hp.com> wrote:
> The November issue of CACM has an article by Butler Lampson titled "Usable
> Security: How to Get It" in which he concludes you can't. As with all his recent
> work he assumes a particular access control model which almost guarantees
> his conclusion.
Most interesting is his remark that "... ordinary people ... take
isolation for granted, and they don't think in terms of objects or
resources." Where to begin?
They take isolation for granted, so perhaps we should present them
with a system where that assumption is justifiable? Since he seems to
agree it's a desideratum anyway?
They don't think in terms of objects? With his "red" and "green"
computers, he has essentially reinvented the ocap model, at the
granularity of machines. According to him, users can understand these
"objects" -- or else his argument falls flat, right? So what's the
problem?
This is a waste of time.
Ihab
--
Ihab A.B. Awad, Palo Alto, CA
More information about the cap-talk
mailing list