[cap-talk] Concening entry "ambient authority" in Wikipedia

Dave Chizmadia - Gmail davechiz at gmail.com
Fri Jun 5 08:40:13 EDT 2009 

Could I suggest the following wordy, but precise defintion? ...

    "The term 'Ambient Authority' refers to an access control 
    design pattern in which one Actor (the Initiator) is not 
    required to explicitly designate the specific authority by 
    which it requests an action by another Actor (the Target). 
    Ambient Authority is (nearly?) inevitable in systems where 
    the access control check is made at the Target by evaluating 
    access control rules over ACI (Access Control Information) 
    provided by the Initiator (or on behalf of the Initiator by 
    its access control infrastructure). In such cases the 
    specific authority required for an action is inferred from 
    the ACI, rather than being explicitly designated. Ambient 
    Authority is possible in systems where the Initiator must 
    present a token authorizing a requested action if the Inter-
    Actor Communication system provides a "helper" facility that 
    automatically looks through the list of Initiator 
    authorization tokens to find the one that will allow the 
    action requested by the Initiator."

-DMC

> -----Original Message-----
> From: cap-talk-bounces at mail.eros-os.org 
> [mailto:cap-talk-bounces at mail.eros-os.org] On Behalf Of Rob Meijer
> Sent: Friday, June 05, 2009 6:42 AM
> To: General discussions concerning capability systems.
> Subject: Re: [cap-talk] Concening entry "ambient authority" 
> in Wikipedia
> 
> 
> On Fri, June 5, 2009 12:07, Toby Murray wrote:
> > On Fri, 2009-06-05 at 11:13 +0200, Matej Kosik wrote:
> >> Fellows,
> >>
> >> I have some doubts concerning the article "ambient authority" in
> >> Wikipedia.
> >
> > So do I. However, I'm not sure how it should be changed. Ambient
> > authority is never clearly defined in any of the capability 
> literature.
> >
> > I can come with two definitions for "ambient authority".
> >
> > 1. A program's ambient authority is the subset of its 
> authority that it
> > shares with all other programs in the computer system 
> within which it
> > resides.
> > 2. A program's ambient authority is the subset of its 
> authority that it
> > can exercise without having to present any form of 
> credential, such as a
> > capability, password, certificate etc.
> >
> 
> I would try to avoid using any specific level of granularity in such a
> definition. The use of a term such as 'program' implies a 
> specific level
> of granularity and may be useful in an example, but is harmful in a
> definition IMO. Just try to come up with an example at 
> multiple levels of
> granularity
> (networks?,machines?,users,programs,processes,classes,objects,
> methods?)
> and if from that you can create a definition that fits all 
> examples, than
> you likely have a useful definition.
> 
> Rob.
> 
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
>

More information about the cap-talk mailing list