Article

Object capabilities for security

Author:

David WagnerAuthors Info & Claims

PLAS '06: Proceedings of the 2006 workshop on Programming languages and analysis for security

Pages 1 - 2

https://doi.org/10.1145/1134744.1134745

Published: 10 June 2006 Publication History

Get Access

Abstract

Existing systems often do a poor job of meeting the principle of least privilege. I will discuss how object capability systems and language-based methods can help address this shortcoming. In language-based object capability systems, an object reference is treated as a capability; unforgeability of references ensures unforgeability of capabilities; and all privileges are expressed as capabilities in this way. This makes it possible to decompose the system into distrusting "privilege-separated" components, providing each component with the least privilege it needs to do its job; to reason about the privileges and powers available to various program elements, often in a local (modular) way; and to avoid common pitfalls, such as confused deputy and TOCTTOU vulnerabilities. I will attempt to introduce the audience to some work in this area that is perhaps not so widely known, and I will describe some work in progress to construct a subset of Java, called Joe-E, that is intended to enable capability-style programming using a programming syntax that is familiar to Java programmers.

Cited By

View all

Erlingsson U(2016)Data-Driven Software Security: Models and Methods2016 IEEE 29th Computer Security Foundations Symposium (CSF)10.1109/CSF.2016.40(9-15)Online publication date: Jun-2016
https://doi.org/10.1109/CSF.2016.40
Waddington DColmenares JKuang JSong F(2013)KV-CacheProceedings of the 2013 IEEE/ACM 6th International Conference on Utility and Cloud Computing10.1109/UCC.2013.34(123-130)Online publication date: 9-Dec-2013
https://dl.acm.org/doi/10.1109/UCC.2013.34
Cannon BWohlstadter ESullivan KGray JMoreira ASchwanninger CBaillargeon RGrechanik M(2009)Enforcing security for desktop clients using authority aspectsProceedings of the 8th ACM international conference on Aspect-oriented software development10.1145/1509239.1509275(255-266)Online publication date: 2-Mar-2009
https://dl.acm.org/doi/10.1145/1509239.1509275
Show More Cited By

Index Terms

Object capabilities for security
1. Security and privacy
  1. Software and application security
    1. Software security engineering
2. Software and its engineering

Recommendations

Canada's cyber warfare capabilities
CERIAS '13: Proceedings of the 14th Annual Information Security Symposium

This paper discusses Canada and its ability to wage cyber warfare. Several definitions of cyber warfare are presented and discussed, as well as the motives and potential actors behind a cyber attack. Several definitions of cyberspace are also discussed ...
Features and object capabilities: reconciling two visions of modularity
AOSD '12: Proceedings of the 11th annual international conference on Aspect-oriented Software Development

The prevalence of threats and attacks in modern systems demands programming techniques that help developers maintain security and privacy. In particular, frameworks for composing components written by multiple parties must enable the authors of each ...
Incorporating attacker capabilities in risk estimation and mitigation

The risk exposure of a given threat to an information system is a function of the likelihood of the threat and the severity of its impacts. Existing methods for estimating threat likelihood assume that the attacker is able to cause a given threat, that ...

Comments

Information & Contributors

Information

Published In

PLAS '06: Proceedings of the 2006 workshop on Programming languages and analysis for security

June 2006

102 pages

ISBN:1595933743

DOI:10.1145/1134744

General Chair:
Vugranam Sreedhar
IBM T.J. Watson Research Center, USA
,
Program Chair:
Steve Zdancewic
University of Pennsylvania, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 June 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

PLAS06

Sponsor:

PLAS06: Programming Languages and Analysis for Security Workshop

June 10, 2006

Ontario, Ottawa, Canada

Acceptance Rates

Overall Acceptance Rate 43 of 77 submissions, 56%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
238
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 08 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Erlingsson U(2016)Data-Driven Software Security: Models and Methods2016 IEEE 29th Computer Security Foundations Symposium (CSF)10.1109/CSF.2016.40(9-15)Online publication date: Jun-2016
https://doi.org/10.1109/CSF.2016.40
Waddington DColmenares JKuang JSong F(2013)KV-CacheProceedings of the 2013 IEEE/ACM 6th International Conference on Utility and Cloud Computing10.1109/UCC.2013.34(123-130)Online publication date: 9-Dec-2013
https://dl.acm.org/doi/10.1109/UCC.2013.34
Cannon BWohlstadter ESullivan KGray JMoreira ASchwanninger CBaillargeon RGrechanik M(2009)Enforcing security for desktop clients using authority aspectsProceedings of the 8th ACM international conference on Aspect-oriented software development10.1145/1509239.1509275(255-266)Online publication date: 2-Mar-2009
https://dl.acm.org/doi/10.1145/1509239.1509275
Schmitz RKriha WSchmitz RKriha W(2009)Grundprinzipien des Designs sicherer SystemeSichere Systeme10.1007/978-3-540-78959-8_3(91-114)Online publication date: 28-Mar-2009
https://doi.org/10.1007/978-3-540-78959-8_3
Schmitz RKriha WSchmitz RKriha W(2009)Sichere Software: Mechanismen und KonstruktionsprinzipienSichere Systeme10.1007/978-3-540-78959-8_10(415-484)Online publication date: 28-Mar-2009
https://doi.org/10.1007/978-3-540-78959-8_10

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

Cited By

Index Terms

Recommendations

Canada's cyber warfare capabilities

Features and object capabilities: reconciling two visions of modularity

Incorporating attacker capabilities in risk estimation and mitigation

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations