[cap-talk] Emily: A High Performance Language for Breach-Resistant Server, Multimedia, and Rendering Applications

Mark S. Miller markm at cs.jhu.edu
Mon Mar 13 04:56:49 EST 2006 

 > > -----Original Message-----
 > > From: Karp, Alan H
 > > Sent: Thursday, March 09, 2006 10:36 AM
 > > Subject: Talk Announcement
 > >
 > > Title:   Emily: A High Performance Language for
 > > Breach-Resistant Server, Multimedia, and Rendering Applications
 > > Speaker: Marc Stiegler
 > > Date:    Wednesday, March 22
 > > Time:    10:00-11:00
 > > Place:   Tioga
 > > Phone:   1-866-422-4950, (Intl. 281-540-4912), code 593313972
 > > Host:    Alan Karp
 > >
 > > C++ is the language of choice for performance critical software that
 > > processes complex data formats, such as jpeg, mpeg, and Windows
 > > metafile.  Unfortunately, C++ embodies several security
 > hazards that
 > > make it difficult to write breach resistant software. As a
 > consequence
 > > C++ programs that process multimedia (and other) data formats
 > > have been
 > > found vulnerable to attacks based on careful manipulation of data
 > > streams.  A successful breach gives the attacker all the
 > privileges of
 > > the account running the code, which is often enough authority to do
 > > severe damage.
 > >
 > > Emily is a language we have developed with performance roughly
 > > comparable to C++, that makes mounting a successful attack more
 > > difficult.  By enforcing the Principle of Least Authority (POLA) on
 > > each object in the system, Emily reduces the damage that
 > can be done
 > > by exploiting a  flaw in a single object.  In general, a successful
 > > attack against an Emily program requires subverting enough
 > different
 > > objects, i.e., finding enough independent breachable flaws, to
 > > accumulate enough authority to achieve the attacker's
 > goals.  An Emily
 > > program still has a small number of strong-authority
 > objects that need
 > > special care, but Emily in general can deliver enhanced breach
 > > resistance simply through the careful use of traditional object
 > > oriented design principles.
 > >
 > > ---------------------------
 > >
 > > Please let me know if you plan to attend remotely, so I
 > know if I need
 > > to set up a Virtual Classrom or if NetMeeting will be adequate.
 > >
 > > ________________________
 > > Alan Karp
 > > Principal Scientist
 > > Virus Safe Computing Initiative
 > > Hewlett-Packard Laboratories
 > > 1501 Page Mill Road
 > > Palo Alto, CA 94304
 > > (650) 857-3967, fax (650) 857-7029
 > > https://ecardfile.com/id/Alan_Karp
 > > http://www.hpl.hp.com/personal/Alan_Karp

-- 
Text by me above is hereby placed in the public domain

     Cheers,
     --MarkM

More information about the cap-talk mailing list