Capabilities and Access Control Lists
Within computer systems, two security models capable of enforcing privilege separation are access control lists (ACLs) and capability-based security. The semantics of ACLs have been proven to be insecure in many situations, for example, the confused deputy problem. It has also been shown that the promise of ACLs of giving access to an object to only one person can never be guaranteed in practice. Both of these problems are resolved by capabilities. This does not mean practical flaws exist in all ACL-based systems, but only that the designers of certain utilities must take responsibility to ensure that they do not introduce flaws.
Capabilities have been mostly restricted to research operating systems and commercial OSs still use ACLs. Capabilities can, however, also be implemented at the language level, leading to a style of programming that is essentially a refinement of standard object-oriented design. An open source project in the area is the E language.
The most secure computers are those not connected to the Internet and shielded from any interference. In the real world, the most secure systems are operating systems where security is not an add-on.
Read more about this topic: Computer Security
Famous quotes containing the words capabilities, access, control and/or lists:
“I maintain that I have been a Negro three times—a Negro baby, a Negro girl and a Negro woman. Still, if you have received no clear cut impression of what the Negro in America is like, then you are in the same place with me. There is no The Negro here. Our lives are so diversified, internal attitudes so varied, appearances and capabilities so different, that there is no possible classification so catholic that it will cover us all, except My people! My people!”
—Zora Neale Hurston (1891–1960)
“The Hacker Ethic: Access to computers—and anything which might teach you something about the way the world works—should be unlimited and total.
Always yield to the Hands-On Imperative!
All information should be free.
Mistrust authority—promote decentralization.
Hackers should be judged by their hacking, not bogus criteria such as degrees, age, race, or position.
You can create art and beauty on a computer.
Computers can change your life for the better.”
—Steven Levy, U.S. writer. Hackers, ch. 2, “The Hacker Ethic,” pp. 27-33, Anchor Press, Doubleday (1984)
“If someone does something we disapprove of, we regard him as bad if we believe we can deter him from persisting in his conduct, but we regard him as mad if we believe we cannot. In either case, the crucial issue is our control of the other: the more we lose control over him, and the more he assumes control over himself, the more, in case of conflict, we are likely to consider him mad rather than just bad.”
—Thomas Szasz (b. 1920)
“Most of our platitudes notwithstanding, self-deception remains the most difficult deception. The tricks that work on others count for nothing in that very well-lit back alley where one keeps assignations with oneself: no winning smiles will do here, no prettily drawn lists of good intentions.”
—Joan Didion (b. 1934)