[cap-talk] Definition of Authentication on wiki.erights.org

Karp, Alan H alan.karp at hp.com
Fri Sep 4 12:36:58 EDT 2009 

Matej Kosik wrote:

> - authentication of documents
>   (determining the principal that issued them)

I may not know the principal who issued a document, but I still may be interested in authenticating it, e.g., an Egyptian papyrus.

> - authentication of coins and bank notes
>   (you want to be sure that they were issued by the central bank
>    rather then printed by random person with a printer)

But I could equally well be interested only in authenticating their gold content.

> Capabilities would made it too easy to buy and sell votes.

Many localities in the US allow people to vote by mail.  Voters get anonymous paper ballots and envelopes that they sign when returning the ballots.  An unsealed, signed envelope and a blank ballot constitute a capability to cast a vote.  I guess these localities have decided that the risk of vote buying is acceptable.
> 
> I disagree. If a soldier (or a war machine) gets a command, it is very
> relevant who issued that command.
>
Not at all.  It is quite likely that the soldier never heard of the captain who issued the order.  The soldier honors an order because of how he got it, either from a person he knows or over a channel he trusts.
> 
> Another example: If I get a scientific article, it is very relevant who
> wrote it and what credibility given person has. I do not want to waste
> my time to read the whole internet to find credible information.

Which makes it very hard for new entrants to a field to get heard.  It's a real problem and one motivation for double blind refereeing.  It's also the reason I oppose unrefereed publication.  It is more likely that you will read a refereed article because it was published in a place where you previously found articles worth reading.  In that case, you don't recognize the author, and you don't know who refereed the article, but you trust the publisher who probably never read the article.
> 
> Another example: You have a piece of software. We already know how to
> follow POLA and POLA may be enforced over that software which is good
> but it is always interesting (if a given software does not work as
> expected) to determine its genuinity. You can blame vendor only for
> genuine software not for fakes.
>
An example of authentication that doesn't involve identity.  For example, if someone you trust gives you the hash code of the software, you can authenticate it without knowing who wrote it.

All that being said, authentication is a key step in the access control process.  At some point, you need to decide whether or not to grant a right.  Sometimes, that decision depends on some property of the subject or object you're dealing with, an authentication.

________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp

More information about the cap-talk mailing list