[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: FW: Delegate
Clearly we need to differentiate between "small" integers and
infinity. I may want to allow delegation without knowledge of the
depth, or I may want to limit the depth. The problem isn't with the
MIS officer... The problem is with the person who certifies the MIS
manager's key... *THAT* person doesn't know the link length.
So, the outsider should give the MIS manager unlimited delegation
depth, but the MIS manager may limit further delegations to some small
number.
-derek
"Phillip M. Hallam-Baker" <hallam@ai.mit.edu> writes:
>
> The only problem with this model is that you don't necessarily know
> how long an internal chain-of-command is. This is similar to IP
> subnetting. For example, from outside MIT (which has net 18), there
> is a single "network", so someone from the outside could say "well,
> there is only one net-18 subnet, so I delegate with level one". But
> once you get past the router you find many /16 subnets. Oops! but
> wait, some of those /16 nets get split up even further, into /24 or
> even /28 networks!
>
> That is precisely why I would wish as a manager at the top
> of a corporation to stop unbounded delegation. Each link
> in the chain makes it harder to discover what is going on.
>
> As a security officer I would consider it very important to
> be able to control the number of phone calls required to
> discover what had happened. The depth of the tree has a major
> effect on the search time since each link may potentially
> involve contacting someone who is off sick, on holiday or
> absconded with the money.
>
>
> Phill
>
>
>
>
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
Home page: http://www.mit.edu:8001/people/warlord/home_page.html
warlord@MIT.EDU PP-ASEL N1NWH PGP key available
References: