[E-Lang] Java 2 "Security" (was: Re: WelcomeChrisSkalkaandScottSmith of Johns Hopkins)

Jonathan S. Shapiro shap@cs.jhu.edu
Thu, 01 Feb 2001 07:42:46 -0500


David Wagner wrote:
 
> Slightly more precisely, I think an ACL system is one where the
> access authorities are held with the object as opposed to being
> held by the subjects.

David:

At the risk of beating a dead horse, go read the [HRU] paper. The
question of where the state is stored is an irrelevancy, for all the
reasons you mention plus some others. The real issue is: "what are the
rules for updating the graph, and what evolutionary behavior in the
graph can happen as a result of these rules?"

Implementing the graph with inefficient storage doesn't change anything.

Jonathan