[Cryptography] Do capabilities work? Do ACLs work?
Bill Frantz
frantz at pwpconsult.com
Tue Feb 10 16:05:36 EST 2015
On 2/10/15 at 4:52 AM, iang at iang.org (ianG) wrote:
>In a more developed sense, my software has lots of caps running
>around, but servers that serve those caps also look at who's
>asking. E.g., when Bob looks at Alice's photo, the server only
>grants it if Bob is in Alice's A list.
It is probably better to look at who is asking only when
producing the audit trail. Otherwise you won't be able to handle
the situation I mentioned earlier in this thread:
For an example of the flexibility we need in our policies,
consider a real-world situation (from:
<http://www.hpl.hp.com/techreports/2009/HPL-2009-169.pdf>):
Alice, in a race to her next meeting, turns thunder-struck to Bob
and says, "Bob, I just remembered I need to get my daughter
Carol’s car to Dave’s repair shop. I’ve got to go to this
meeting. Can you take Carol’s car over there?"
Good audit trails provide security in many non-computer
situations. They can work with computers as well.
Cheers - Bill
---------------------------------------------------------------------------
Bill Frantz | Re: Computer reliability, performance, and security:
408-356-8506 | The guy who *is* wearing a parachute is
*not* the
www.pwpconsult.com | first to reach the ground. - Terence Kelly
More information about the cryptography
mailing list