Jump to content

Talk:Object-capability model

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Dean Tribble (talk | contribs) at 18:42, 6 January 2007 (A few additional tTopics). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

(diff) ← Previous revision | Latest revision (diff) | Newer revision → (diff)

To do:

Add etymology to introduction
- The name comes from recognition of the fact that "pure" object-oriented programming constitutes the capability-based security model.
- Touted advantages of objects (encapsulation, modularity) are precisely what we want for security (privilege separation, least privilege).

Section: Advantages of object-capabilities
- No such thing as ambient authority (explain what that is)
- Only connectivity begets connectivity
- Show the Granovetter diagram!
- No fixed set of operations (read, write, etc.); everything is invocation
- Section: Combining designation and authority
  - Solving Confused Deputy

Section: Relationship to object-oriented programming
- references are called "pointers"

Section: Relationship to capability-based security
- references are called "capabilities"
- the term "capability"
- object-capabilities versus password capabilities
- explain distinctions as in Capability Myths Demolished

Possible section: relationship to lambda calculus?

— Ka-Ping Yee 08:26, 6 January 2007 (UTC)[reply]

A few additional tTopics

Synergy (can + can opener => contents)
sealers/unsealers
other capability patterns
- factory pattern

Retrieved from "https://en.wikipedia.org/w/index.php?title=Talk:Object-capability_model&oldid=98916050"

Hidden category:

Talk pages with comments before the first section