Documentation
From Erights
(→Papers) |
(→Papers) |
||
Line 35: | Line 35: | ||
[http://www.linuxjournal.com/article/10199 MinorFs] by Rob Meijer. The MinorFs user-space filesystems works with AppArmor to provide a flexible form of discretionary access control. | [http://www.linuxjournal.com/article/10199 MinorFs] by Rob Meijer. The MinorFs user-space filesystems works with AppArmor to provide a flexible form of discretionary access control. | ||
+ | |||
+ | [http://www.hpl.hp.com/techreports/2009/HPL-2009-53.html Not One Click for Security] by Alan Karp, Marc Stiegler, and Tyler Close. Describes how the ScoopFS (secure cooperative file sharing) UI design avoids ever presenting the user any interaction whose only purpose is security. | ||
+ | |||
+ | [http://www.hpl.hp.com/techreports/2009/HPL-2009-78.html Causeway: A message-oriented distributed debugger] by Terry Stanley, Tyler Close, and Mark S. Miller. | ||
+ | |||
+ | [http://waterken.sourceforge.net/web-key/ Mashing with Permission] by Tyler Close. | ||
+ | |||
+ | [http://people.ischool.berkeley.edu/~ping/sid/ User Interaction Design for Secure Systems] by Ka-Ping Yee. | ||
== Drafts == | == Drafts == |
Revision as of 03:24, 27 April 2009
Contents |
Books and Theses
Patterns of Safe Collaboration
Object-Capability Security in Virtual Environments
E in a Walnut - This is a basic tutorial on the E language covering basic, distributed, and secure distributed programming.
Robust Composition - Towards a Unified Approach to Access Control and Concurrency Control. This is Mark Miller's PhD disseration, and it explains the rationale, philosophy, and goals of E and related systems.
Safe Serialization Under Mutual Suspicion (Wiki conversion in progress)
Tutorials
Tutorials - several short tutorials showing how to use E.
Quick Reference Card - Reminders of some useful patterns.
Papers
Capability-based Financial Instruments "An Ode to the Granovetter Diagram" - diagramming communication relationships.
Paradigm Regained: Abstraction Mechanisms for Access Control by Mark S. Miller and Jonathan S. Shapiro.
Concurrency Among Strangers: Programming in E as Plan Coordination - by Mark S. Miller, E. Dean Tribble, Jonathan Shapiro. Explains E's concurrency control & distributed computing model.
Authority Analysis for Least Privilege Environments by Toby Murray and Gavin Lowe.
Non-delegatable authorities in capability systems by Toby Murray and Gavin Lowe. (ACM link)
MinorFs by Rob Meijer. The MinorFs user-space filesystems works with AppArmor to provide a flexible form of discretionary access control.
Not One Click for Security by Alan Karp, Marc Stiegler, and Tyler Close. Describes how the ScoopFS (secure cooperative file sharing) UI design avoids ever presenting the user any interaction whose only purpose is security.
Causeway: A message-oriented distributed debugger by Terry Stanley, Tyler Close, and Mark S. Miller.
Mashing with Permission by Tyler Close.
User Interaction Design for Secure Systems by Ka-Ping Yee.
Drafts
Causeway: A message-oriented distributed debugger by Terry Stanley, E. Dean Tribble, and Mark S. Miller.
Talks and Presentations
Secure Collaboration - How Web Applications can Share and Still Be Paranoid by Mike Samuel
Tradeoffs in Retrofitting Security: An Experience Report by Mark Miller
Google TechTalk: Caja by Mike Samuel
The Lively Kernel by Dan Ingalls
Object-Capabilities for Security by David Wagner (slides from an earlier version of this talk)
Gears and the Mashup Problem by Douglas Crockford
Desktops to Donuts: Object-Caps Across Scales by Marc Stiegler
Core Patterns for Web Permissions by Tyler Close
Paradigm Regained: Abstraction Mechanisms for Access Control by Mark Miller
The Virus Safe Computing Initiative at HP Labs by Alan Karp
Important emails
On the Spread of the Capability Approach by Bill Tulloh