This Article 
 Bibliographic References 
 Add to: 
Using Split Capabilities for Access Control
January/February 2003 (vol. 20 no. 1)
pp. 42-49

The split-capabilities method offers improved scalability and revocation of privileges in controlling access to resources. Early releases of Hewlett-Packard?s e-speak product used this method to secure the system from a variety of common attacks. Split capabilities have the advantages of traditional capabilities without their limitations. The basic idea is to divide the capability into two parts: a handle to the resource being accessed and a handle to a separate resource representing the access rights being requested. Although such separation of name from authority is potentially problematic, this system brings these two elements together in the resource?s computing infrastructure.

Alan H. Karp, Rajiv Gupta, Guillermo J. Rozas, Arindam Banerji, "Using Split Capabilities for Access Control," IEEE Software, vol. 20, no. 1, pp. 42-49, Jan.-Feb. 2003, doi:10.1109/MS.2003.1159028
Usage of this product signifies your acceptance of the Terms of Use.