There are two ways of looking at Access Control. One is easy, with a
direct relation to the resources being managed. The other is advanced,
but like putty in the hands of administrators; moreover, it is highly
efficient. Efficiency matters; it allows us to enforce access control
everywhere, with no experienced discomfort. We derive the efficient
model from the one that is easy to use.
Our work on Identity is ultimately for controlling access to
online services. We now introduce our thoughts on Access Control.
The whole story is complex, but an analogy to the phone system can
help to explain it.
The essential game of Realm Crossover is one of juggling
realms as part of identities. This brings us a number
of "support levels" that we could describe. This forms an
interesting perspective on the growing path of the
Many of us rely on "cloud" storage services. They
enable us to access the same files from everywhere,
but they are fairly dumb and leave all the thinking
to people. ARPA2 Reservoir is different, in that it
supports metadata, automation and integration in your
OpenPGP is a powerful technology for signing and encryption, because it
does not imply a stiffling key infrastructure. Instead, it uses a
Web Of Trust that is flexible... and complicating for new users. We now
introduce an approach to securely use OpenPGP without even that.