[cap-talk] Concening entry "ambient authority" in Wikipedia

[Rob Meijer]

On Fri, June 5, 2009 14:40, Dave Chizmadia - Gmail wrote:
> Could I suggest the following wordy, but precise defintion? ...
>
>     "The term 'Ambient Authority' refers to an access control
>     design pattern in which one Actor (the Initiator) is not
>     required to explicitly designate the specific authority by
>     which it requests an action by another Actor (the Target).
>     Ambient Authority is (nearly?) inevitable in systems where
>     the access control check is made at the Target by evaluating
>     access control rules over ACI (Access Control Information)
>     provided by the Initiator (or on behalf of the Initiator by
>     its access control infrastructure). In such cases the
>     specific authority required for an action is inferred from
>     the ACI, rather than being explicitly designated. Ambient
>     Authority is possible in systems where the Initiator must
>     present a token authorizing a requested action if the Inter-
>     Actor Communication system provides a "helper" facility that
>     automatically looks through the list of Initiator
>     authorization tokens to find the one that will allow the
>     action requested by the Initiator."
>
> -DMC

I like to compare the user based filesystem access control at the process
level of granularity to an equivalent patern at the class/object level of
granularity.

1) A UNIX process has ambient authority to a filesystem as a result of, and
   limited, by the user id that the process runs under. This authority is
   implicitly shared with UNIX process running under the same user id.
2) An object A has ambient authority to an (static member) object B as a
   result of, and limited by the fact, that the object is an instance of a
   particular class C. This authority is implicitly shared with other
   objects of the class C.

I thus feel the implicit sharing of 1/2 is much more relevant to a
definition than the ACI component of 1.

Rob