[cap-talk] capability networks compared with ACL networks?
John Carlson
john.carlson3 at sbcglobal.net
Thu Feb 5 23:41:51 EST 2009
I just finished reading:
http://conferences.sigcomm.org/hotnets/2005/papers/argyraki.pdf
That was the first time I have heard of a DoC (Denial of Capability)
attack.
The gist of it is that you send enough capability requests to prevent
others from
sending capability requests. I guess the question remains how often
you need
to send a capability request. Is this typical something that happens
a lot in
capability networks? I would think that the capabilities might be
stored for long
term use on clients. What is the practice?
John
On Feb 5, 2009, at 9:01 PM, John Carlson wrote:
>>
>> One thing that bothers me about his essay is that it only addresses
>> file
>> access. IMHO, file access is a relatively narrow and uninteresting
>> part of
>> the access control problem. More important is access control for
>> active
>> entities, call them servers, daemons, databases etc. These include
>> things
>> such as CVS, MySQL, Apache etc. etc. Perhaps he will discuss them
>> when he
>> discusses the setuid bit. It still seems likely to me that the
>> result will
>> be a separate form of access control for active entities, with
>> different
>> syntax and semantics. Oh well.
>
> Don't forget access to network ports--perhaps a mixture between a
> file and an active entity.
> In particular, I am thinking of bind, where a port is bound to an
> active entity. I only know
> Berkeley and Unix sockets, ideas from other networks would be
> interesting.
>
> Maybe everything should be thought of as a port--some place where
> active entities service and get serviced, and
> where active entities rest.
> Or perhaps you prefer socket--where things hook up to get the
> current flowing.
>
> Are there any ideas from the OSI model which have been forgotten?
>
> John
More information about the cap-talk
mailing list