[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: Delegate



Clearly we need to differentiate between "small" integers and
infinity.  I may want to allow delegation without knowledge of the
depth, or I may want to limit the depth.  The problem isn't with the
MIS officer... The problem is with the person who certifies the MIS
manager's key...  *THAT* person doesn't know the link length.

So, the outsider should give the MIS manager unlimited delegation
depth, but the MIS manager may limit further delegations to some small
number.

-derek

"Phillip M. Hallam-Baker" <hallam@ai.mit.edu> writes:

> 
> The only problem with this model is that you don't necessarily know
> how long an internal chain-of-command is.  This is similar to IP
> subnetting.  For example, from outside MIT (which has net 18), there
> is a single "network", so someone from the outside could say "well,
> there is only one net-18 subnet, so I delegate with level one".  But
> once you get past the router you find many /16 subnets.  Oops!  but
> wait, some of those /16 nets get split up even further, into /24 or
> even /28 networks!
> 
> That is precisely why I would wish as a manager at the top 
> of a corporation to stop unbounded delegation. Each link
> in the chain makes it harder to discover what is going on.
> 
> As a security officer I would consider it very important to
> be able to control the number of phone calls required to 
> discover what had happened. The depth of the tree has a major 
> effect on the search time since each link may potentially 
> involve contacting someone who is off sick, on holiday or
> absconded with the money.
> 
> 
> 	Phill
> 
> 
> 
> 

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board (SIPB)
    Home page: http://www.mit.edu:8001/people/warlord/home_page.html
       warlord@MIT.EDU    PP-ASEL     N1NWH    PGP key available

References: