[cap-talk] Definition of Authentication on wiki.erights.org
Matej Kosik
kosik at fiit.stuba.sk
Fri Sep 11 04:05:57 PDT 2009
Rob Meijer wrote:
> On Fri, September 11, 2009 07:48, Matej Kosik wrote:
>> Rob Meijer wrote:
>>> On Tue, September 8, 2009 10:48, Matej Kosik wrote:
>>>> Rob Meijer wrote:
>>>>> I fail to see any concrete difference between subjects and principles
>>>>> in
>>>>> that your definition of a principle seems to align with what I would
>>>>> consider a subject.
>>>> The term `subject' already has one meaning. There is no confusion. For
>>>> our context, I have tried to recapture it here:
>>>>
>>>> http://wiki.erights.org/wiki/Subject%2C_object%2C_operation_and_permission
>>> I fully agree with this definition here, sounds much like how
>>> David-Sarah
>>> describes a principle though.
>>>
>>>> If you run a Linux machine, you are a principal (or in fact several
>>>> principals). The processes that run on your behalf are subjects. Files
>>>> are objects. There are few principals here but quite many subjects.
>>> So if I understand correctly, principles only exist at a very course
>>> granularity, and it is just the granularity that determines if an active
>>> object is a subject or a principle?
>> This will be a dumb question: why do you use word `principle' when I
>> used `principal' ?
>
> The reason for that is that I tend to make worse spelling mistakes in
> English with a spell checker than without one :-(
>
>> For me, the difference between the two terms:
>> - subject
>> - principal
>> is simple. It does not make sense to try to authenticate subjects but it
>> makes sense to authenticate principals.
>>
>> Although I would not reject immediately an idea that `principals' are
>> special case of `subjects'.
>>
>> Does this make sense to you?
>
> So principals are the special case of subjects for what authentication
> makes sense? Wouldn't this be the same subset as the special case of
> subjects for what access control makes sense on an individual basis plus
> the special case of subjects for what accountability makes sense?
I am not sure about this. There are entities which I regard as
`principals' (and I may be interested to authenticate artifact produced
by them) even though they are not part of access-control system.
For example, if you have an advisor and (s)he gives you an advice. This
advisor does not have to be part of any access-control scheme you care
about, so advisor is not a subject in this sense:
http://wiki.erights.org/wiki/Subject%2C_object%2C_operation_and_permission
However, since you may be interested in authenticating advices you get
(whether it is your advisor you trust or some other).
In those cases where your decision cannot be automated, there is not a
theoretical possibility to turn principal to subject (by giving it
appropriate authority to act on your behalf). Either
- because automation is not possible since actions require human
intelligence.
- or you want them do yourself (read the recommended article, change
plans with respect to wheather forecast, going to the recommended
concert, spend a holiday in a recommended place, etc)
So I think I was wrong when I said that principals are always special
cases of subjects. Sometimes yes, otherwise no.
<snip>
--
Matej Kosik
More information about the cap-talk
mailing list