Documentation
From Erights
(→Books and Theses) |
|||
| Line 1: | Line 1: | ||
| + | == Tutorials and References== | ||
| + | |||
| + | [http://habitatchronicles.com/2017/05/what-are-capabilities/ What are Capabilities] by Chip Morningstar | ||
| + | |||
| + | [http://www.erights.org/elang/intro/index.html Tutorials] — several short tutorials showing how to use '''''E'''''. | ||
| + | |||
| + | [[:Category:Reference material]] — reference material on this wiki. | ||
| + | |||
| + | [http://www.erights.org/elang/quick-ref.html Quick Reference Card] — Reminders of some useful patterns. | ||
| + | |||
| + | [http://www.erights.org/elang/grammar/index.html Language Reference] | ||
| + | |||
| + | [[FAQ]] | ||
| + | |||
| + | |||
== Books and Theses == | == Books and Theses == | ||
| Line 21: | Line 36: | ||
[[Safe Serialization Under Mutual Suspicion]] (Wiki conversion in progress) | [[Safe Serialization Under Mutual Suspicion]] (Wiki conversion in progress) | ||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
| - | |||
== Papers == | == Papers == | ||
| Line 65: | Line 69: | ||
=== Access Control === | === Access Control === | ||
| - | [http:// | + | [http://srl.cs.jhu.edu/pubs/SRL2003-02.pdf Capability Myths Demolished] by Mark S. Miller, Ka-Ping Yee, and Jonathan Shapiro. What you may have learned in CS class is wrong. |
| - | [http:// | + | [http://www.hpl.hp.com/techreports/2009/HPL-2009-20.html ACLs don't] by Tyler Close. |
[http://eprint.iacr.org/2012/524.pdf Tahoe – The Least-Authority Filesystem] by Zooko Wilcox-O'Hearn and Brian Warner. | [http://eprint.iacr.org/2012/524.pdf Tahoe – The Least-Authority Filesystem] by Zooko Wilcox-O'Hearn and Brian Warner. | ||
[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.99.4327&rep=rep1&type=pdf Taming of Pict] by Matej Košík. See also [http://www2.fiit.stuba.sk/~kosik/doc/tamed-pict--standard-library.pdf Standard Library of Tamed Pict Programming Language]. | [http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.99.4327&rep=rep1&type=pdf Taming of Pict] by Matej Košík. See also [http://www2.fiit.stuba.sk/~kosik/doc/tamed-pict--standard-library.pdf Standard Library of Tamed Pict Programming Language]. | ||
| - | |||
| - | |||
[http://web.comlab.ox.ac.uk/oucl/work/toby.murray/papers/NDA.pdf Non-delegatable authorities in capability systems] by Toby Murray and Gavin Lowe. ([http://portal.acm.org/citation.cfm?id=1460561&dl=ACM&coll=GUIDE&CFID=16630833&CFTOKEN=92363674# ACM link]) | [http://web.comlab.ox.ac.uk/oucl/work/toby.murray/papers/NDA.pdf Non-delegatable authorities in capability systems] by Toby Murray and Gavin Lowe. ([http://portal.acm.org/citation.cfm?id=1460561&dl=ACM&coll=GUIDE&CFID=16630833&CFTOKEN=92363674# ACM link]) | ||
[http://www.linuxjournal.com/article/10199 MinorFs] by Rob Meijer. The MinorFs user-space filesystems works with AppArmor to provide a flexible form of discretionary access control. | [http://www.linuxjournal.com/article/10199 MinorFs] by Rob Meijer. The MinorFs user-space filesystems works with AppArmor to provide a flexible form of discretionary access control. | ||
| - | |||
| - | |||
[http://www.links.org/files/capabilities.pdf Access Control] by Ben Laurie. | [http://www.links.org/files/capabilities.pdf Access Control] by Ben Laurie. | ||
| Line 120: | Line 120: | ||
[http://www.michaelcovel.com/2014/06/16/ep-248-mark-miller-interview-with-michael-covel-on-trend-following-radio-jun-17-2014/ Interview with Mark S. Miller] - about Smart Contracts, Prediction, Singularities, and more. | [http://www.michaelcovel.com/2014/06/16/ep-248-mark-miller-interview-with-michael-covel-on-trend-following-radio-jun-17-2014/ Interview with Mark S. Miller] - about Smart Contracts, Prediction, Singularities, and more. | ||
| - | |||
| - | |||
| - | |||
| - | |||
[http://www.youtube.com/watch?v=eL5o4PFuxTY The Lazy Programmer's Guide to Secure Computing] by Marc Stiegler | [http://www.youtube.com/watch?v=eL5o4PFuxTY The Lazy Programmer's Guide to Secure Computing] by Marc Stiegler | ||
| Line 130: | Line 126: | ||
Part 2: [http://www.youtube.com/watch?v=oBqeDYETXME Bringing Object-orientation to Security Programming] by Mark S. Miller ([http://soft.vub.ac.be/events/mobicrant_talks/talk2_OO_security.pdf slides]) | Part 2: [http://www.youtube.com/watch?v=oBqeDYETXME Bringing Object-orientation to Security Programming] by Mark S. Miller ([http://soft.vub.ac.be/events/mobicrant_talks/talk2_OO_security.pdf slides]) | ||
| + | |||
| + | [http://www.youtube.com/watch?v=EGX2I31OhBE Object-Capabilities for Security] by David Wagner | ||
| + | ([http://www.cs.berkeley.edu/~daw/talks/TRUST07.pdf slides from an earlier version of this talk]) | ||
| + | |||
| + | [http://www.youtube.com/watch?v=8aedCggam4s Core Patterns for Web Permissions] by Tyler Close | ||
Object Capabilities and Isolation of Untrusted Web Applications ([http://www.youtube.com/watch?v=WBIVqOu5Atg Part 1]) ([http://www.youtube.com/watch?v=P8vy_Oxq-hI Part 2]) ([http://www.youtube.com/watch?v=-1D3AIlAe2o Part 3]) by Sergio Maffeis | Object Capabilities and Isolation of Untrusted Web Applications ([http://www.youtube.com/watch?v=WBIVqOu5Atg Part 1]) ([http://www.youtube.com/watch?v=P8vy_Oxq-hI Part 2]) ([http://www.youtube.com/watch?v=-1D3AIlAe2o Part 3]) by Sergio Maffeis | ||
[http://sites.google.com/site/io/secure-collaboration---how-web-applications-can-share-and-still-be-paranoid Secure Collaboration - How Web Applications can Share and Still Be Paranoid] by Mike Samuel | [http://sites.google.com/site/io/secure-collaboration---how-web-applications-can-share-and-still-be-paranoid Secure Collaboration - How Web Applications can Share and Still Be Paranoid] by Mike Samuel | ||
| - | |||
| - | |||
[http://youtube.com/watch?v=apVt7vhBqj0 Google TechTalk: Caja] by Mike Samuel | [http://youtube.com/watch?v=apVt7vhBqj0 Google TechTalk: Caja] by Mike Samuel | ||
[http://www.youtube.com/watch?v=gGw09RZjQf8 The Lively Kernel] by Dan Ingalls | [http://www.youtube.com/watch?v=gGw09RZjQf8 The Lively Kernel] by Dan Ingalls | ||
| - | |||
| - | |||
| - | |||
[http://www.youtube.com/watch?v=V13wmj88Zx8 Gears and the Mashup Problem] by Douglas Crockford | [http://www.youtube.com/watch?v=V13wmj88Zx8 Gears and the Mashup Problem] by Douglas Crockford | ||
[http://www.youtube.com/watch?v=vrbmMPlCp3U Desktops to Donuts: Object-Caps Across Scales] by Marc Stiegler | [http://www.youtube.com/watch?v=vrbmMPlCp3U Desktops to Donuts: Object-Caps Across Scales] by Marc Stiegler | ||
| - | |||
| - | |||
| - | |||
| - | |||
[http://www.youtube.com/watch?v=UH66YrzT-_M The Virus Safe Computing Initiative at HP Labs] by Alan Karp | [http://www.youtube.com/watch?v=UH66YrzT-_M The Virus Safe Computing Initiative at HP Labs] by Alan Karp | ||
Revision as of 23:21, 4 July 2017
Contents |
Tutorials and References
What are Capabilities by Chip Morningstar
Tutorials — several short tutorials showing how to use E.
Category:Reference material — reference material on this wiki.
Quick Reference Card — Reminders of some useful patterns.
Books and Theses
Analysing the Security Properties of Object-Capability Patterns by Toby Murray.
Patterns of Safe Collaboration by Fred Spiessens.
Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control by Mark S. Miller. Explains the rationale, philosophy, and goals of E and related systems.
Language and Framework Support for Reviewably-Secure Software Systems by Adrian Mettler.
Ambient References: Object Designation in Mobile Ad Hoc Networks by Tom Van Cutsem.
Towards First Class References as a Security Infrastructure in Dynamically-Typed Languages by Arnaud Jean-Baptiste
Semantics and Types for Safe Web Programming by Arjun Guha
Object-Capability Security in Virtual Environments by Martin Scheffler
E in a Walnut by Marc Stiegler - This is a basic tutorial on the E language covering basic, distributed, and secure distributed programming.
Safe Serialization Under Mutual Suspicion (Wiki conversion in progress)
Papers
Smart Contracting
Distributed Electronic Rights in JavaScript - paper for ESOP'13 Keynote, by Miller, Tom Van Cutsem, and Bill Tulloh.
Capability-based Financial Instruments "An Ode to the Granovetter Diagram" - diagramming communication relationships.
Mashing with Permission by Tyler Close.
The Digital Path by Mark Miller and Marc Stiegler.
Formal Methods
Robust and Compositional Verification of Object Capability Patterns by David Swasey, Deepak Garg, Derek Dreyer
Permission and Authority Revisited: towards a formalization by Sophia Drossopoulou, James Noble, Mark S. Miller, Toby Murray
Reasoning about Risk and Trust in an Open World by Sophia Drossopoulou, James Noble, Toby Murray, Mark S. Miller
Analysing the Security Properties of Object-Capability Patterns by Toby Murray.
Automated Analysis of Security-critical JavaScript APIs by Ankur Taly, Ulfar Erlingsson, Mark S. Miller, John C. Mitchell, and Jasvir Nagra
Authority Analysis for Least Privilege Environments by Toby Murray and Gavin Lowe.
Patterns of Safe Collaboration by Fred Spiessens.
Access Control
Capability Myths Demolished by Mark S. Miller, Ka-Ping Yee, and Jonathan Shapiro. What you may have learned in CS class is wrong.
ACLs don't by Tyler Close.
Tahoe – The Least-Authority Filesystem by Zooko Wilcox-O'Hearn and Brian Warner.
Taming of Pict by Matej Košík. See also Standard Library of Tamed Pict Programming Language.
Non-delegatable authorities in capability systems by Toby Murray and Gavin Lowe. (ACM link)
MinorFs by Rob Meijer. The MinorFs user-space filesystems works with AppArmor to provide a flexible form of discretionary access control.
Access Control by Ben Laurie.
Verifiable Functional Purity in Java by Matthew Finifter, Adrian Mettler, Naveen Sastry, and David Wagner.
Joe-E: A Security-Oriented Subset of Java by Adrian Mettler, David Wagner, and Tyler Close.
Fine-Grained Privilege Separation for Web Applications by Akshay Krishnamurthy, Adrian Mettler, and David Wagner.
Class Properties for Security Review in an Object-Capability Subset of Java (Short Paper) by Adrian Mettler and David Wagner.
Concurrency Control
Concurrency Among Strangers: Programming in E as Plan Coordination - by Mark S. Miller, E. Dean Tribble, Jonathan Shapiro. Explains E's concurrency control & distributed computing model.
Causeway: A message-oriented distributed debugger by Terry Stanley, Tyler Close, and Mark S. Miller.
User Interface
Not One Click for Security by Alan Karp, Marc Stiegler, and Tyler Close. Describes how the ScoopFS (secure cooperative file sharing) UI design avoids ever presenting the user any interaction whose only purpose is security.
User Interaction Design for Secure Systems by Ka-Ping Yee.
Rich Sharing for the Web by Marc Stiegler. What properties must computer-based human-to-human sharing mechanisms need to support, so that people don't just send email attachments instead?
Talks and Presentations
The Elements of Decision Alignment: Large programs as complex organizations - talk by Mark S. Miller at UCI in 2017.
Frozen Realms: Draft standard support for safer JavaScript plugins - talk by Mark S. Miller at the IWACO workshop of ECOOP 2016.
Computer Security as the Future of Law - talk by Mark S. Miller at the 1997 Extro 3 Conference.
Interview with Mark S. Miller - about Smart Contracts, Prediction, Singularities, and more.
The Lazy Programmer's Guide to Secure Computing by Marc Stiegler
Part 1: Secure Distributed Programming with Object-capabilities in JavaScript by Mark S. Miller (slides)
Part 2: Bringing Object-orientation to Security Programming by Mark S. Miller (slides)
Object-Capabilities for Security by David Wagner (slides from an earlier version of this talk)
Core Patterns for Web Permissions by Tyler Close
Object Capabilities and Isolation of Untrusted Web Applications (Part 1) (Part 2) (Part 3) by Sergio Maffeis
Secure Collaboration - How Web Applications can Share and Still Be Paranoid by Mike Samuel
Google TechTalk: Caja by Mike Samuel
The Lively Kernel by Dan Ingalls
Gears and the Mashup Problem by Douglas Crockford
Desktops to Donuts: Object-Caps Across Scales by Marc Stiegler
The Virus Safe Computing Initiative at HP Labs by Alan Karp
Important emails
On the Spread of the Capability Approach by Bill Tulloh
