|
|
Line 1: |
Line 1: |
- | == Books and Theses == | + | == Documentation == |
| | | |
- | [http://web.comlab.ox.ac.uk/publications/publication3612-abstract.html Analysing the Security Properties of Object-Capability Patterns] by Toby Murray.
| + | === Books === |
| | | |
- | [http://soft.vub.ac.be/~tvcutsem/publications/assets/phd_tom_van_cutsem.pdf Ambient References: Object Designation in Mobile Ad Hoc Networks] by Tom Van Cutsem. | + | [[Image:Ewalnut-pink.gif]] |
| + | [[Walnut|'''''E''''' in a Walnut]] - This is a basic tutorial on the '''''E''''' language covering basic, distributed, and secure distributed programming. |
| | | |
- | [http://www.evoluware.eu/fsp_thesis.pdf Patterns of Safe Collaboration] by Fred Spiessens. | + | [http://www.erights.org/talks/thesis/index.html Robust Composition] - Towards a Unified Approach to Access Control and Concurrency Control. This is [[User:MarkM|Mark Miller]]'s PhD disseration, and it explains the rationale, philosophy, and goals of '''''E''''' and releated systems. |
| | | |
- | [http://mscheffler.files.wordpress.com/2008/07/diploma_mscheffler.pdf Object-Capability Security in Virtual Environments] by Martin Scheffler | + | [[Safe_Serialization_Under_Mutual_Suspicion]] (Wiki conversion in progress) |
| | | |
- | [[Image:EWalnut-small.gif]]
| + | === Tutorials === |
- | [[Walnut|'''''E''''' in a Walnut]] by Marc Stiegler - This is a basic tutorial on the '''''E''''' language covering basic, distributed, and secure distributed programming.
| + | |
| | | |
- | [http://www.erights.org/talks/thesis/index.html Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control] by Mark S. Miller. Explains the rationale, philosophy, and goals of '''''E''''' and related systems. | + | [http://www.erights.org/elang/intro/index.html Tutorials] - several short tutorials showing how to use '''''E'''''. |
| | | |
- | [[Safe Serialization Under Mutual Suspicion]] (Wiki conversion in progress) | + | [http://www.erights.org/elang/quick-ref.html Quick Reference Card] - Reminders of some useful patterns. |
| | | |
- | == Tutorials and References==
| + | [[FAQ]] |
- | <div id="Tutorials">
| + | |
- | * [http://www.erights.org/elang/intro/index.html Tutorials] — several short tutorials showing how to use '''''E'''''.
| + | |
- | * [[:Category:Reference material]] — reference material on this wiki.
| + | |
- | * [http://www.erights.org/elang/quick-ref.html Quick Reference Card] — Reminders of some useful patterns.
| + | |
- | * [http://www.erights.org/elang/grammar/index.html Language Reference]
| + | |
- | * [[FAQ]]
| + | |
- | * [[E Under Eclipse]]
| + | |
- | </div>
| + | |
| | | |
- | == Papers == | + | === Papers === |
| | | |
- | === Access Control ===
| + | [http://www.erights.org/elib/capability/ode/index.html Capability-based Financial Instruments] "An Ode to the Granovetter Diagram" - diagramming communication relationships. |
| | | |
- | [http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf Capability Myths Demolished] by Mark S. Miller, Ka-Ping Yee, and Jonathan Shapiro. What you may have learned in CS class is wrong.
| + | === Talks / Presentations === |
- | | + | |
- | [http://www.erights.org/elib/capability/ode/index.html Capability-based Financial Instruments] "An Ode to the [[wikipedia:Mark Granovetter|Granovetter]] Diagram" - diagramming communication relationships.
| + | |
- | | + | |
- | [http://web.comlab.ox.ac.uk/oucl/work/toby.murray/papers/AALPE.pdf Authority Analysis for Least Privilege Environments] by Toby Murray and Gavin Lowe.
| + | |
- | | + | |
- | [http://web.comlab.ox.ac.uk/oucl/work/toby.murray/papers/NDA.pdf Non-delegatable authorities in capability systems] by Toby Murray and Gavin Lowe. ([http://portal.acm.org/citation.cfm?id=1460561&dl=ACM&coll=GUIDE&CFID=16630833&CFTOKEN=92363674# ACM link])
| + | |
- | | + | |
- | [http://www.linuxjournal.com/article/10199 MinorFs] by Rob Meijer. The MinorFs user-space filesystems works with AppArmor to provide a flexible form of discretionary access control.
| + | |
- | | + | |
- | [http://waterken.sourceforge.net/web-key/ Mashing with Permission] by Tyler Close.
| + | |
- | | + | |
- | [http://www.hpl.hp.com/techreports/2009/HPL-2009-20.html ACLs don't] by Tyler Close.
| + | |
- | | + | |
- | [http://www.links.org/files/capabilities.pdf Access Control] by Ben Laurie.
| + | |
- | | + | |
- | [http://www.cs.berkeley.edu/~daw/papers/pure-ccs08.pdf Verifiable Functional Purity in Java] by Matthew Finifter, Adrian Mettler, Naveen Sastry, and David Wagner.
| + | |
- | | + | |
- | [http://www.cs.berkeley.edu/~daw/papers/joe-e-ndss10.pdf Joe-E: A Security-Oriented Subset of Java] by Adrian Mettler, David Wagner, and Tyler Close.
| + | |
- | | + | |
- | [http://www.cs.berkeley.edu/~daw/papers/capsules-www10.pdf Fine-Grained Privilege Separation for Web Applications] by Akshay Krishnamurthy, Adrian Mettler, and David Wagner.
| + | |
- | | + | |
- | [http://www.cs.berkeley.edu/~amettler/joeetypes-plas10.pdf Class Properties for Security Review in an Object-Capability Subset of Java] (Short Paper) by Adrian Mettler and David Wagner.
| + | |
- | | + | |
- | === Concurrency Control ===
| + | |
- | | + | |
- | [http://www.erights.org/talks/promises/paper/tgc05.pdf Concurrency Among Strangers: Programming in '''''E''''' as Plan Coordination] - by Mark S. Miller, E. Dean Tribble, Jonathan Shapiro. Explains '''''E''''''s concurrency control & distributed computing model.
| + | |
- | | + | |
- | [http://www.hpl.hp.com/techreports/2009/HPL-2009-78.html Causeway: A message-oriented distributed debugger] by Terry Stanley, Tyler Close, and Mark S. Miller.
| + | |
- | | + | |
- | === User Interface ===
| + | |
- | | + | |
- | [http://www.hpl.hp.com/techreports/2009/HPL-2009-53.html Not One Click for Security] by Alan Karp, Marc Stiegler, and Tyler Close. Describes how the ScoopFS (secure cooperative file sharing) UI design avoids ever presenting the user any interaction whose only purpose is security.
| + | |
- | | + | |
- | [http://people.ischool.berkeley.edu/~ping/sid/ User Interaction Design for Secure Systems] by Ka-Ping Yee.
| + | |
- | | + | |
- | [http://www.hpl.hp.com/techreports/2009/HPL-2009-169.html Rich Sharing for the Web] by Marc Stiegler. What properties must computer-based human-to-human sharing mechanisms need to support, so that people don't just send email attachments instead?
| + | |
- | | + | |
- | == Talks and Presentations ==
| + | |
- | | + | |
- | [https://sites.google.com/site/ladameeting/preparing-for-the-workshop/ladapapers/lada-js.pdf Two Phase Commit Among Strangers: Secure Distributed Escrow Exchange in 44 lines of JavaScript] by Mark S. Miller
| + | |
- | | + | |
- | [http://www.youtube.com/watch?v=eL5o4PFuxTY The Lazy Programmer's Guide to Secure Computing] by Marc Stiegler
| + | |
- | | + | |
- | Part 1: [http://www.youtube.com/watch?v=w9hHHvhZ_HY Secure Distributed Programming with Object-capabilities in JavaScript] by Mark S. Miller ([http://soft.vub.ac.be/events/mobicrant_talks/talk1_ocaps_js.pdf slides])
| + | |
- | | + | |
- | Part 2: [http://www.youtube.com/watch?v=oBqeDYETXME Bringing Object-orientation to Security Programming] by Mark S. Miller ([http://soft.vub.ac.be/events/mobicrant_talks/talk2_OO_security.pdf slides])
| + | |
- | | + | |
- | Object Capabilities and Isolation of Untrusted Web Applications ([http://www.youtube.com/watch?v=WBIVqOu5Atg Part 1]) ([http://www.youtube.com/watch?v=P8vy_Oxq-hI Part 2]) ([http://www.youtube.com/watch?v=-1D3AIlAe2o Part 3]) by Sergio Maffeis
| + | |
- | | + | |
- | [http://sites.google.com/site/io/secure-collaboration---how-web-applications-can-share-and-still-be-paranoid Secure Collaboration - How Web Applications can Share and Still Be Paranoid] by Mike Samuel
| + | |
- | | + | |
- | [http://www.hpi.uni-potsdam.de/hirschfeld/dls/dls-07/program/ Tradeoffs in Retrofitting Security: An Experience Report] by Mark S. Miller
| + | |
- | | + | |
- | [http://youtube.com/watch?v=apVt7vhBqj0 Google TechTalk: Caja] by Mike Samuel
| + | |
- | | + | |
- | [http://www.youtube.com/watch?v=gGw09RZjQf8 The Lively Kernel] by Dan Ingalls
| + | |
- | | + | |
- | [http://www.youtube.com/watch?v=EGX2I31OhBE Object-Capabilities for Security] by David Wagner
| + | |
- | ([http://www.cs.berkeley.edu/~daw/talks/TRUST07.pdf slides from an earlier version of this talk])
| + | |
- | | + | |
- | [http://www.youtube.com/watch?v=V13wmj88Zx8 Gears and the Mashup Problem] by Douglas Crockford
| + | |
- | | + | |
- | [http://www.youtube.com/watch?v=vrbmMPlCp3U Desktops to Donuts: Object-Caps Across Scales] by Marc Stiegler
| + | |
- | | + | |
- | [http://www.youtube.com/watch?v=8aedCggam4s Core Patterns for Web Permissions] by Tyler Close
| + | |
- | | + | |
- | [http://www.youtube.com/watch?v=oE3x_gM3YFU Paradigm Regained: Abstraction Mechanisms for Access Control] by Mark Miller
| + | |
- | | + | |
- | [http://www.youtube.com/watch?v=UH66YrzT-_M The Virus Safe Computing Initiative at HP Labs] by Alan Karp
| + | |
- | | + | |
- | == Important emails ==
| + | |
- | | + | |
- | [http://www.eros-os.org/pipermail/cap-talk/2006-August/005534.html On the Spread of the Capability Approach] by Bill Tulloh
| + | |