The Structure of Authority: Why Security Is Not a Separable Concern

@inproceedings{Miller2004TheSO,
  title={The Structure of Authority: Why Security Is Not a Separable Concern},
  author={Mark S. Miller and Bill Tulloh and Jonathan S. Shapiro},
  booktitle={MOZ},
  year={2004}
}
Common programming practice grants excess authority for the sake of functionality; programming principles require least authority for the sake of security. If we practice our principles, we could have both security and functionality. Treating security as a separate concern has not succeeded in bridging the gap between principle and practice, because it operates without knowledge of what constitutes least authority. Only when requests are made – whether by humans acting through a user interface… CONTINUE READING
BETA

Citations

Publications citing this paper.
SHOWING 1-10 OF 22 CITATIONS

Similar Papers

Loading similar papers…