Here's an interested article about Object Capability Systems, which they call ocaps from LBNL. They argue that the need to have a user to blame is one of the reasons that drove the adoption of the ACL security model. They then go on to introduce Horton, a system to help merge the best features of ACL and Capabilities models.
I don't understand the rest of it, for now, it's way over my head. I now understand a bit more about the ACL vs Capabilities history, and that's enough for me.
Subscribe to:
Post Comments (Atom)
1 comment:
The LBNL report actually corresponds to a pre-publication draft of the conference paper. A better link is http://www.usenix.org/events/hotsec07/tech/full_papers/miller/miller.pdf
Post a Comment