If you read:
If Laurie comes to the party, I will too.
in a hand-written note from your friend, you take it in one way, but if you read it in a cartoon about your friend, it's completely different. Only in the first case would you be genuinely dissapointed if Laurie came to the party and your friend didn't.
In network protocols, the difference can lead to anything from software glitches to major security problems. Though the security considerations sections of the specifications of web protocols such as HTTP admonish designers to consider known risks, the HTTP protocol itself puts no constraints on which return codes and what content web servers choose for their responses; the difference is outside its formal scope. A formal system that does capture the difference is ABLP logic, which was designed to model trust and authority in distributed systems [TOPLAS93] [SRC91].
We suggest that an architectural constraint layered on top of HTTP and ABLP logic contributes to anarchic scalability of linked data applications and points out challenges in securing mashup applications.
| Author: | Dan Connolly |
|---|---|
| Contact: | http://www.w3.org/People/Connolly/ |
| Status: | Work in Progress |
| Date: | $Date: 2009/12/22 16:19:08 $ |
| Version: | $Revision: 1.27 $ |
TODO: use .. examples mechanism in each section.
Stuff I hope to get to in due course:
| [TOPLAS93] | M. Abadi, M. Burrows, B. Lampson and G. Plotkin, A Calculus for Access Control in Distributed Systems, TOPLAS 1993 |
| [SRC91] | SRC-RR-70 A calculus for access control in distributed systems. - Abadi, Martin; Burrows, M.; Lampson, B.; Plotkin, G. |