Lecture series on SES and capability-based security by Mark Miller

Tom Van Cutsem tomvc.be at gmail.com
Thu Nov 3 12:52:22 PDT 2011


Last month, Mark Miller gave a series of talks at the University of
Brussels on SES and capability-based security. The videos of the talks have
now been made fully available on Youtube. I think this may be of interest
to some on this list. As many of you know, Mark uses ECMAScript 5 as a
foundation for his Secure ECMAScript (SES) work. Also, I heartily recommend
the talks to those not entirely convinced of the necessity of
private/const/frozen features. Mark makes a pretty good case for
encapsulation as a necessary building block for ocap-based security.

Abstract and links to videos below.


Talk 1/2: Secure Distributed Programming with Object-capabilities in

Until now, browser-based security has been hell. The object-capability
(ocap) model provides a simple and expressive alternative. Google's Caja
project uses the latest JavaScript standard, EcmaScript 5, to support
fine-grained safe mobile code, solving the secure mashup problem. Dr. SES
-- Distributed Resilient Secure EcmaScript -- extends the ocap model
cryptographically over the network, enabling RESTful composition of
mutually suspicious web services. We show how to apply the expressiveness
of object programming to the expression of security patterns, solving
security problems normally thought to be difficult with simple elegant

Slides: <http://soft.vub.ac.be/events/mobicrant_talks/talk1_ocaps_js.pdf>
Video: <http://www.youtube.com/watch?v=w9hHHvhZ_HY>

Talk 2/2: Bringing Object-orientation to Security Programming

Just as we should not expect our base programming language to provide all
the data types we need, so we should not expect our security foundation to
provide all the abstractions we need to express security policy. The answer
to both is the same: We need foundations that provide simple abstraction
mechanisms, which we use to build an open ended set of abstractions, which
we then use to express policy. We show how to use EcmaScript 5 to enforce
the security latent in object-oriented abstraction mechanisms:
encapsulation, message-passing, polymorphism, and interposition. With these
secured, we show how to build abstractions for confinement, rights
amplification, transitive wrapping and revocation, and smart contracts.

Slides: <http://soft.vub.ac.be/events/mobicrant_talks/talk2_OO_security.pdf>
Video: <http://www.youtube.com/watch?v=oBqeDYETXME>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/es-discuss/attachments/20111103/ca3abdcc/attachment.html>

More information about the es-discuss mailing list