[cap-talk] models for security (was Re: Fwd: [cors] TAG request concerning CORS &Next Step(s))

[Raoul Duke]

On Thu, Jun 25, 2009 at 5:57 PM, Dave Chizmadia -
Gmail<davechiz at gmail.com> wrote:

> My own take is that "security is a pain" because it involves
> requirements and solutions that are usually some combination
> ...
> of thought to the issue of formalizing first principles of
> security as an ontology with derived vocabulary & metamodel
> (or domain specific language for non-OMG heathens :-))

i guess it is on the one hand stupendously naive of me, but on the
other hand sorta scientific, to wonder if one can come up with a model
of what security means and what non-secure means, and use that to help
design and build systems.

so i hope you can find time or $ to write your thoughts down (even
just a blog post).  :)

sincerely.