Talk:Object-capability model
Appearance
To do:
- Add etymology to introduction
- The name comes from recognition of the fact that "pure" object-oriented programming constitutes the capability-based security model.
- Touted advantages of objects (encapsulation, modularity) are precisely what we want for security (privilege separation, least privilege).
- Section: Advantages of object-capabilities
- No such thing as ambient authority (explain what that is)
- Only connectivity begets connectivity
- Show the Granovetter diagram!
- No fixed set of operations (read, write, etc.); everything is invocation
- Section: Combining designation and authority
- Solving Confused Deputy
- Section: Relationship to object-oriented programming
- references are called "pointers"
- Section: Relationship to capability-based security
- references are called "capabilities"
- the term "capability"
- object-capabilities versus password capabilities
- explain distinctions as in Capability Myths Demolished
- Possible section: relationship to lambda calculus?
— Ka-Ping Yee 08:26, 6 January 2007 (UTC)
A few additional tTopics
- Synergy (can + can opener => contents)
- sealers/unsealers
- other capability patterns
- factory pattern