Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!tut.cis.ohio-state.edu!ucbvax!LCS.MIT.EDU!sollins
From: sollins@LCS.MIT.EDU (Karen R. Sollins)
Newsgroups: comp.protocols.iso.dev-environ
Subject: How Serious are we about running quipu?
Message-ID: <9004112329.AA00725@dill.LCS.MIT.EDU>
Date: 11 Apr 90 23:29:13 GMT
References: <1990Apr11.025837.6749@metro.ucc.su.OZ.AU>
Sender: daemon@ucbvax.BERKELEY.EDU
Distribution: inet
Organization: The Internet
Lines: 24

We have suggested to MIT that Quipu be used in place of the simple
finger and forwarding service now provided.  The response was that this
could not be done until particular security problems were addressed
and the solutions demonstrated to be trustworthy.  MIT views its phone
book and lists of students and employees as private, and access to
them as an invasion of privacy.  The MIT phone book is only available
to the MIT community.  One can call and get a specific phone number
but not a list of them.  The same sort of policy must be available in
an electronic service.

Access control lists generally restrict access to individual data
items.  What we need to be able to do is restrict certain operations
on sets of data items.  In vague terms we need to be able to limit the
search operations or perhaps the results of a search to no more than a
small number of objects, such as perhaps 2 or 3 or maybe 5.

On the other hand, if we could demonstrate the viability of a security
mechanism to their satisfaction, acquiring the "phone book" would pose
no technical problem.  This does not address the question of keeping
the information up to date, but it could certainly be at least as up
to date as the telecommunications office that provides phone
assistance.

			Karen Sollins