[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Auth]Authorization Certificates
From: |
Angelos D. Keromytis |
Subject: |
Re: [Auth]Authorization Certificates |
Date: |
Sat, 14 Jul 2001 17:54:00 -0400 |
> Another term for "Authorization Certificate" that is more common in the
> classic ecurity literature is "Capability".
> A Capability/Auth.Cert. is simply a reference to an object
> with bundled access rights to that object.
> Holding a authorization certificate is enough to authorize the holder
> to exercize the rights granted by the certificate/capability.
For authorization certificates, there's also PolicyMaker and KeyNote (see http:/
/www.cis.upenn.edu/~keynote) -- and I'd be very interested in seeing DotGNU go
in this direction.
-Angelos