3 Parts of Security

Jonathan S. Shapiro shap@eros-os.org
Mon, 1 May 2000 01:25:08 -0400

I also want to add that most of the people in the community that pays
attention to Common Criteria type security uses the term "principal" to
refer to users. They instead tend to use the term "subject", and in this
context they generally do so in reference to a program.

Butler Lampson and a bunch of other people have done various logics for
authorization and delegation that use exactly this model.