[E-Lang] Java 2 "Security" (was: Re: WelcomeChrisSkalkaandScottSmith of Johns Hopkins)

Tyler Close tclose@oilspace.com
Thu, 1 Feb 2001 16:32:30 -0000

David Wagner wrote:
> Tyler Close wrote:
> >Writing interesting collaborative
> >software is about creating much more interesting authority
> flows. One
> >of the simpler ones is the "once-only" authority. Carol is
> authorized
> >to use Bob once, but after that use the authority goes away.
> One way to provide this level of functionality, in either a
> capability
> system or an ACL system, is to use "proxies".  We write a
> daemon that
> will run in the background; when it receives a request, it
> will forward
> that request to Bob and then self-destruct.  The daemon can
> incorporate
> an access control mechanism to make sure that only Carol can invoke
> the daemon (and we can use either an ACL or a capability to
> enforce this).

Interesting. In my response to Jonathan, I claimed that breaking up
authority over the access table either results in the creation of
capabilities, or a system in which everything is done twice (once to
authorize it, once to do it). You are essentially reiterating that

It was my previous belief that you were going to somehow try to
express this behaviour in the ACL itself.