[cap-talk] Confused Deputies in Capability Systems - not

Karp, Alan H alan.karp at hp.com
Thu Mar 5 11:47:06 EST 2009


Marcus Brinkmann wrote:
> 
> Capabilities can only survive in an isolated, homogeneous environment. I
> think that this is a serious limitation, which in my opinion severely
> restricts the applicability of capability theory.
>
We were able to interface legacy applications with a capability system in e-speak (the one that used SPKI certificates as capabilities).  Our most impressive example was with the purchase order component of SAP.  Making it work through e-speak added fine-grained access control and some interesting management abilities.  Earlier, we did something similar for simpler legacy applications with the Client Utility (c-list) version.  In both, we were able to move back and forth between the legacy and capability systems.

________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp




More information about the cap-talk mailing list