[langsec-discuss] composability

Jeffrey Goldberg jeffrey at goldmark.org
Mon Jan 11 16:49:07 UTC 2016


> On 2016-01-10, at 7:20 PM, Nils Dagsson Moskopp <nils at dieweltistgarnichtso.net> wrote:
> 
> Dan Kaminsky <dan at doxpara.com> writes:
> 
>> Security is at least partially compassable. […]
> 
> Nevertheless, systems become quite complex as people add layer upon
> layer, which can invalidate assumptions about the security of single
> layers.

Both of these are fully correct. Sometimes we get nice clean
composition and other times we do not.

But taking a lesson from linguistics, it is often possible (though
it takes work) to develop richer semantics of the units to make
things that initially look incomposable to be composable.

First consider the infamous Ham Sandwich Theorem.

Premise 1: Nothing is better than eternal happiness.
Premise 2: A ham sandwich is better than nothing.
Premise 3: “Better than” is transitive.

Therefore: A ham sandwich is better than eternal happiness.

The most obvious “solution” to this joke is to say that the
“nothing” in P1 means something different than the “nothing”
in P2. But that feels unsatisfactory. It’s not as if we
have a pair of homonyms “nothing”.

I won’t explain the compositional theory, but just refer to
Richard Montague’s 1972 Proper Treatment of Quantification[1], which
showed the power of what came to be known of Montague Grammar and
convinced linguists that compositionality wasn’t impossible for
natural language semantics.

In it, quantifiers (such as “every”, etc) have consistent
meanings and the rules for building up the meaning of a phrase
or sentence from its parts follow a very simple composition rule.

Now whether or not it is worth at this time attempting to produce
a compositional semantics for security properties is debatable. My
only point is that just because it superficially seem impossible
(or wrong) doesn’t mean that it is.

Cheers,

-j

[1]:

@incollection{
year={1973},
isbn={978-90-277-0233-3},
booktitle={Approaches to Natural Language},
volume={49},
series={Synthese Library},
editor={Hintikka, K.J.J. and Moravcsik, J.M.E. and Suppes, P.},
doi={10.1007/978-94-010-2506-5_10},
title={The Proper Treatment of Quantification in Ordinary English},
url={http://dx.doi.org/10.1007/978-94-010-2506-5_10},
publisher={Springer Netherlands},
author={Montague, Richard},
pages={221-242},
}

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 235 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20160111/457c9f10/attachment.sig>


More information about the langsec-discuss mailing list