[cap-talk] POLA in book about secure systems
walter at kriha.de
Thu Mar 26 07:12:25 EDT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Dear cap-talk list members,
I would like to inform you about a new book on "sichere Systeme" (secure
systems) which tries to apply the POLA principle to many different
system aspects: platform and language security, embedded systems,
applications (browsers etc.), enterprise infrastructure etc. Of course
not only capabilities are discussed. The different security principles
(object based, channel based, filters etc.) are explained and their use
(and limitations) demonstrated in existing security frameworks.
The book is written in German and covers framework security as well as
usability aspects. The goal is to create systems which offer damage
control by avoiding ambient authority.
Fred Spiessens from this list supplied a chapter on model checking with
Scoll and Scollar - a language and model-checking based approach to
control the enforcement of POLA by capabilities and rules. Thanks a lot
for this excellent contribution Fred!
Part of the book is a short qualitative analysis of Mozilla/Firefox bugs
and how they relate to the concept of POLA: are those bugs systematic?
could they be prevented with e.g. an architecture using
inversion-of-control to minimize ambient authority? Could tainting help?
The results are then put in contrast to the experiences made with the
DARPA browser. Usability considerations are then added but it is clearly
shown that usability techniques in systems without damage containment
are simply a useless nuisance.
My hope is that this book and its focus on capability based security
will foster the discussion of capabilities in the german speaking
countries. I am also currently preparing a lecture on secure systems.
Slides from the book (all in english) are available (as I get them
ready) and additional materials can be downloaded from www.kriha.de (the
site is in english)
finally I'd like to thank the members on this list for the ideas and
discussions which had a huge influence on me. The thesis work done by
Mark and Fred was extremely helpful as well.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the cap-talk