Jump to content

Talk:Object-capability model

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Ka-Ping Yee (talk | contribs) at 08:42, 6 January 2007. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

To do:

  • Add etymology to introduction
    • The name comes from recognition of the fact that "pure" object-oriented programming constitutes the capability-based security model.
    • Touted advantages of objects (encapsulation, modularity) are precisely what we want for security (privilege separation, least privilege).
  • Section: Advantages of object-capabilities
    • No such thing as ambient authority (explain what that is)
    • Only connectivity begets connectivity
    • Show the Granovetter diagram!
    • No fixed set of operations (read, write, etc.); everything is invocation
    • Section: Combining designation and authority
      • Solving Confused Deputy
  • Section: Relationship to object-oriented programming
    • references are called "pointers"
  • Section: Relationship to capability-based security
    • references are called "capabilities"
    • the term "capability"
    • object-capabilities versus password capabilities
    • explain distinctions as in Capability Myths Demolished
  • Possible section: relationship to lambda calculus?

Ka-Ping Yee 08:26, 6 January 2007 (UTC)[reply]