Secure Coding mailing list archives
Re: ACL (access control lists) generic design questions
From: "Peter G. Neumann" <neumann () csl sri com>
Date: Fri, 27 Feb 2004 00:12:30 +0000
William, I'll be very interested in your extensible ACL-style authorization. If you are serious about generalizing the ACL interpretations, you might think back not just to Multics (with directories and files having different interpretations of the ACL protection bits), but also to our Provably Secure Operating System (PSOS), in which each capability had an associated type and where the capabilities for each type had their own type-specific interpretation of the protection bits. PGN @inProceedings{DaleyNeumann, Author="R.C. Daley and P.G. Neumann", Title="A General-Purpose File System for Secondary Storage", Booktitle="{AFIPS} Conference Proceedings, Fall Joint Computer Conference", Publisher="Spartan Books", Year="1965", Month="November", Pages="213--229"} The 1973-1980 work on PSOS is summarized more recently in "PSOS Revisited": @InProceedings{NeumannFeiertag03, Author="P.G. Neumann and R.J. Feiertag", Title="{PSOS} Revisited", BookTitle="Proceedings of the 19th Annual Computer Security Applications Conference (ACSAC 2003), Classic Papers section", Organization="IEEE Computer Society", Address="Las Vegas, Nevada", Year="2003", Month="December", pages="208--216", NOTE="http://www.csl.sri.com/neumann/psos03.pdf."; }
Current thread:
- ACL (access control lists) generic design questions William Herrera (Feb 26)
- Re: ACL (access control lists) generic design questions Richard Moore (Feb 26)
- Re: ACL (access control lists) generic design questions Glenn and Mary Everhart (Feb 27)
- RE: ACL (access control lists) generic design questions Bill Eddins (Feb 27)
- RE: ACL (access control lists) generic design questions (oh, and Reply-To) Kim Gräsman (Mar 01)
- <Possible follow-ups>
- RE: ACL (access control lists) generic design questions Shea, Brian A (Feb 26)
- Re: ACL (access control lists) generic design questions Peter G. Neumann (Feb 26)