

Store
Devices Microsoft Surface PCs & tablets Xbox Virtual reality Accessories Windows
phone Microsoft Band Software Office Windows Additional software Apps All apps
Windows apps Windows phone apps Games Xbox One games Xbox 360 games PC
games Windows games Windows phone games Entertainment All Entertainment
Movies & TV Music Business & Education Business Store Education Store Developer
Sale Back-to-school essentials Sale Products
Software & services Windows Office Free downloads & security Internet Explorer
Microsoft Edge Skype OneNote OneDrive Microsoft Health MSN Bing Microsoft
Groove Microsoft Movies & TV Devices & Xbox All Microsoft devices Microsoft
Surface All Windows PCs & tablets PC accessories Xbox & games Microsoft Band
Microsoft Lumia All Windows phones Microsoft HoloLens For business Cloud
Platform Microsoft Azure Microsoft Dynamics Windows for business Office for
business Skype for business Surface for business Enterprise solutions Small business
solutions Find a solutions provider Volume Licensing For developers & IT pros
Develop Windows apps Microsoft Azure MSDN TechNet Visual Studio For students
& educators Office for students OneNote in classroom Shop PCs & tablets perfect
for students Microsoft in Education Support
Sign in


Research Research
o Research Home
o Research areas
 Algorithms
 Artificial intelligence and machine learning
 Computer systems and networking
 Computer vision
 Data visualization, analytics, and platform
 Ecology and environment
 Economics
 Graphics and multimedia
 Hardware, devices, and quantum computing
 Human-centered computing
 Mathematics







o
o
o
o
o



Medical, health, and genomics
Natural language processing and speech
Programming languages and software engineering
Search and information retrieval
Security, privacy, and cryptography
Social Sciences
Technology for emerging markets
Products & Downloads
Programs & Events
 Academic Programs
 Events & Conferences
People
Careers
About
 About
 Microsoft Research blog
 Asia Lab
 Cambridge Lab
 India Lab
 New England Lab
 New York City Lab
 Redmond Lab
 Applied Sciences Lab
Research areas
o Algorithms
o Artificial intelligence and machine learning
o Computer systems and networking
o Computer vision
o Data visualization, analytics, and platform
o Ecology and environment
o Economics
o Graphics and multimedia
o Hardware, devices, and quantum computing
o Human-centered computing
o Mathematics
o Medical, health, and genomics
o Natural language processing and speech
o Programming languages and software engineering
o Search and information retrieval
o Security, privacy, and cryptography
o Social Sciences
o Technology for emerging markets
Products & Downloads
Programs & Events
o Academic Programs
o



Events & Conferences
People
Careers
About
o About
o Microsoft Research blog
o Asia Lab
o Cambridge Lab
o India Lab
o New England Lab
o New York City Lab
o Redmond Lab
o Applied Sciences Lab
Practical Principles for Computer Security
January 1, 2007

Download Document

Authors

Butler Lampson
Published In

NATO Security through Science Series - D: Information and Communication Security, Software
System Reliability and Security
Book Title
Software System Reliability and Security
Journal
NATO Security through Science Series - D: Information and Communication Security
Publisher
IOS Press
Copyright © IOS Press

Abstract
Abstract
The standard model for computer security is access control: deciding whether or not to accept a
request from a source to do an operation on an object. Determining the source of a request is
called authentication; deciding whether to accept it is called authorization.
In a system with many parts, especially when they are managed by different authorities,
determining the source of a request is not simple. The authorization policy is probably something
like “members of the Alpha project team may read and write the files in the /projects/alpha
directory―. The direct information that the object has about the source of the request is usually
that it was signed by some cryptographic key. These lectures are about bridging the gap between
the key and the project team.
The key ideas are principals, a relation between principals called “speaks for―, a logic for
reasoning about what resources a principal can speak for, and rules for abstracting from the bits
exchanged among interacting parties to logical formulas. These ideas provide a way to reason
formally about delegation, names, groups, computer systems, applications, and authorization
policy.
Follow Microsoft Research


Follow @MSFTResearch

Share this page


Tweet

Learn

Windows

Office

Skype

Outlook

OneDrive

MSN
Devices

Microsoft Surface

Xbox

PC and laptops

Microsoft Lumia

Microsoft Band

Microsoft HoloLens
Microsoft Store

View account

Order tracking

Retail store locations

Returns

Sales & support
Downloads

Download Center

Windows downloads

Windows 10 Apps

Office Apps

Microsoft Lumia Apps

Internet Explorer
Values

Diversity and inclusion

Accessibility

Environment

Microsoft Philanthropies

Corporate Social Responsibility

Privacy at Microsoft
Company

Careers

About Microsoft

Company news

Investors

Research

Site map

English (United States)

Contact us

Privacy & cookies

Terms of use

Trademarks

About our ads

© 2016 Microsoft
​