Ouch. Hmm. Aside from primary sources like http://blog.gmane.org/gmane.comp.capabilities.general/day=20150112 and the occasional presentation on POLA best practices, it seems that "membrane/pore" as a security design pattern is woefully underdiscussed. What it means to *this researcher* is, the "membrane" describes the boundary controlling access to the access-controlled resource (the wet side) from the untrusted world (the dry side), and a "pore" is a mechanism provided by the membrane for allowing specific operations on the resource. In the nomenclature of C++, pores are public methods. On Fri, Feb 20, 2015 at 8:09 AM, Anders Rundgren < anders.rundgren.net@gmail.com> wrote: > On 2015-02-19 20:53, David Nicol wrote: > >> >> On Thu, Feb 19, 2015 at 9:16 AM, Anders Rundgren < >> anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>> >> wrote: >> >> http://webpki.org/papers/web2native-bridge.pdf >> >> >> Looks like a fine candidate for rewriting using "membrane/pore" language >> > > Whow! I have no idea what that means and I couldn't find it using Google > either. So anyway all I was saying was, I am aware of this powerful metaphor, membrane/pore, that could be well used to analyze the problem discussed in that paper. The rest of the thought was, by generalizing into a message-passing idiom, a lot of implementation details about what is native and what is not start seeming trivial. GOOD MORNING!!!!!
Received on Friday, 20 February 2015 15:46:09 UTC