[cap-talk] object-oriented-security.org

Matej Kosik kosik at fiit.stuba.sk
Sun Mar 14 00:54:56 PST 2010


Kenton Varda wrote:
> OK, I don't know Ocaml so it's hard for me to debate about it.  However,
> I see OO as a design technique, not a language feature.  Some languages
> have features that are explicitly intended to assist in OO design, but
> you can use OO design in any language.  And my argument is that anyone
> using capabilities in any language is really using OO design.  But since
> I haven't actually seen how capabilities are used in Ocaml, I admit that
> I can't back up the argument in that context.

In one book authors define object oriented programming as one which
supports:
- encapsulation
- polymorphism
- inheritance
The last two (polymorphism and inheritance) are useful (if you are
comfortable also with this way of thinking) but not related to security.
The first term --- encapsulation --- is related to security but it is
stated imprecisely. Mark Miller's rules, I've cited previously, refine
this notion and this refinement is actually relevant.

This refinement is available in some object-oriented languages as well
as in some non-object-oriented languages. Thus, the proposal to replace
the term "object-capability security"

(where we interpret the term "object" according to this definition
http://wiki.erights.org/wiki/Subject%2C_object%2C_operation_and_permission
)

with "object-oriented security" I do not consider as a best idea.


More information about the cap-talk mailing list