Re: XML protocol security from Constantine Plotnikov on 2000-05-17 (xml-dist-app@w3.org from May 2000)

From: Constantine Plotnikov <cap@mail.novosoft.ru>
Date: Wed, 17 May 2000 20:23:18 +0700
To: xml-dist-app@w3.org
Message-ID: <39229D46.FAE0E8DC@mail.novosoft.ru>

I think that security is out of scope of XML RPC layer.
It is layer on top of it. Like SSL is a layer above
TCP or other stream protocol. 

Because such layers was not fixed yet. I think that we are 
in unique situation that can allow us to promote other security 
models. I found capabilty based security very interesting
model. It is quite unlike ACL model and I think that it suit
web more becuse it will work better in decentralized web. 
More information is available at:

http://www.skyhunter.com/marcs/capabilityIntro/index.html
http://www.caplet.com/security/taxonomy/index.html

Basically I think that there should be following logical 
layers:
1. (Secure) Transport Layer (examples: TCP+SSL, https, ...)
2. Messaging layer (XML-RPC)
3. Secure Distributed Object Model 

The diffculty with ACL is that they make proofs in layer 3 
quite difficult. Sandbox model is an variant of it.

The difficulty with capability based secutrity is that this 
model do not have ready to use simple paradigms of 
administration. At least I have not found it. I have some
ideas but have not yet tested them. Capability based security
is very natural model for mediating services.

Constantine

Received on Wednesday, 17 May 2000 09:20:21 UTC