[cap-talk] erights wiki : ambient authority
David-Sarah Hopwood
david-sarah at jacaranda.org
Sun Jun 14 19:15:48 EDT 2009
Matej Kosik wrote:
> I have still doubts concerning the article:
> http://wiki.erights.org/wiki/Ambient_authority
>
> What is relationship between:
> - ambient authority systems
> - systems where protection is made by ACLs.
> Aren't they defined in the same way?
No, not at all. Saying that a system uses ambient authority does not
specify *how* it decides whether a request should be acted on; it only
specifies that the request designates objects by name, and that it does
not require the requesting subject to choose which of its held permissions
should be used in that request.
ACLs are one possible mechanism for deciding whether a request should be
acted on in an ambient authority system. There may be other such mechanisms.
(Stack inspection is one, although the practical systems that use it are
hybrids that also use ACLs and capability-like references.)
The fact that very little of the possible access control design space
has actually been effectively explored in popular systems, shouldn't
limit us to considering just that explored space when defining terminology.
--
David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com
More information about the cap-talk
mailing list