[cap-talk] Computer Security Foundations (was: Re: Any hope in RSA 2008?)

[Jed Donnelley]

On 4/4/2008 3:28 PM, Pierre THIERRY wrote:
> Scribit Jed Donnelley dies 04/04/2008 hora 12:57:
>> David says, "send more research".
> 
> I should mention that there has just been a call for poject[1] directed
> a french IT labs, from the Agence Nationale de la Recherche[2] (national
> research agency), about security. It is entitled « Défi Sécurité Système
> d'Exploitation Cloisonné et Sécurisé pour l'Internaute », which should
> translate to "Compartimented and Secure for the Internet User Operating
> System Security Challenge".
> 
>   1. http://www.agence-nationale-recherche.fr/AAPProjetsOuverts?NodId=17&lngAAPId=180
>   2. http://www.agence-nationale-recherche.fr/
> 
> The challenge will last two years, in three periods of 12, 6 and 6
> months. In each period, the teams will have to produce a viable solution
> for the first half of the time, and try to find vulnerabilities in
> others' solutions the other half.

Sorry I can't read the French, but the above does sound promising to me.
I'll be interested to hear what sorts of approaches are used.

> Among the wider call for projects, one is for embedded systems and wide
> infrastructures[3], and has in its objectives:
> 
> - radicalization of issues concerning quality, reliability, security and
>   safety of components and systems
> 
>   3. http://www.agence-nationale-recherche.fr/AAPProjetsOuverts?NodId=17&lngAAPId=159

Woo hoo.  Good luck to the participants!

>> I'm trying to energize forums that will better address the long term
>> problem than the RSA 2008 conference or the Usenix Security conference
>> (others?) have.
> 
> I wonder if EuroSys[4] may be willing to host a workshop about
> capability computing and POLA. EuroSys is the european chapter of ACM
> SIGOPS, with the goal of boosting system research in Europe, and we have
> produced some famous POLA systems here.
> 
>   4. http://www.eurosys.org/

That sounds like a promising possibility, though I doubt I could
play much but a supportive role.

> Have you looked at the following venues? Their orientation on formal
> methods and theory may make them more willing to consider long-term
> alternatives to the current "state of the art":
> 
> - http://www.cylab.cmu.edu/CSF2008/

Bingo!! I wasn't aware of this conference series, "Computer Security
Foundations Symposium".  That sounds like just what I've been
asking/looking for.  Thanks Pierre!  Sorry to be so disconnected
that I was unaware of it.

> - http://profs.sci.univr.it/~vigano/fcs-arspa-wits08/

Seems to be related to the above.

> - http://www.dsic.upv.es/workshops/secret08/

Can somebody provide a high level overview of the significance
of "rewriting techniques" for computer security?

Looks like Pittsburgh is going to be a happening place for
computer security fundamentals near the end of June.
Anybody going to be there?

It's too late to do anything for this year, but I'll
have to mine the above resources for connections
for my proposed Capability Systems Workshop.  I wonder
if it might make sense to coordinate with the above
series in 2009?

The above does seem to me to focus on the area of
fundamentals for computer security that we are trying
to address with POLA and the capability paradigm.

Can anybody report on any interactions with the
above community - either productive or destructive -
in the past?  I'll have to see if I can get some time
to probe for feedback on POLA and the capability
paradigm from folks prominent in that community.
I wonder if they have a visible mailing list?
It seems to me that some (many?) of those folks
must have positions on the "capability propagation
control myth" and the communicating conspirators
problem and generally on the efficacy (or not)
of POLA and specifically the capability paradigm.

I'm quite interested to hear about any past interactions
with that community.

Is there anything else like the above that I'm also
missing?

--Jed  http://www.webstart.com/jed/