Google Tech Talks
November, 30 2007
ABSTRACT
Existing systems often do a poor job of meeting the principle of least privilege. I will discuss how object capability systems and language-based methods can help address this shortcoming. In language-based object capability systems, an object reference is treated as a capability; unforgeability of references ensures unforgeability of capabilities; and all privileges are expressed as capabilities in this way. This makes it possible to decompose the system into distrusting "privilege-separated" components, providing each component with the least privilege it needs to do its job; to reason about the privileges and powers available to various program elements, often in a local (modular) way; and to avoid common pitfalls, such as confused deputy and TOCTTOU vulnerabilities.
I will attempt to introduce the audience to some work in this area that is perhaps not so widely known, and I will describe some work in progress to construct a subset of Java, called Joe-E, that is intended to enable capability-style programming using a programming syntax that is familiar to Java programmers.
Speaker: David Wagner
David Wagner is an Associate Professor in the Computer Science Division at the University of California at Berkeley with extensive experience in computer security and cryptography. He and his Berkeley colleagues are known for discovering a wide variety of security vulnerabilities in various cellphone standards, 802.11 wireless networks, and other widely deployed systems, and he has published two books and over 90 peer-reviewed scientific papers. David is a founding member of the ACCURATE center on electronic voting. He is active in the areas of systems security, cryptography, and electronic voting.
nice conference
malindavanderwal 2 months ago
You go make a video, then try not to say UHM all the time. You realize HOW hard it is?
htmlmm 9 months ago
So it's glorified file descriptors. What's novel here?
otsos2000 1 year ago
@cristiandeidaho I've seen much MUCH MUCH worse presentations. I think the topic is very interesting and the presentation is ok.
blenderpanzi 1 year ago
I'm sorry, but I have to agree with cristiandeidaho, the presentation was difficult to listen to. I'm glad I decided to see this video. thank you
madDragon08 2 years ago
Yes well kudos to him, I think he adequately explains this topic :)
douggypowis 3 years ago 2
This comment has received too many negative votes show
Yeah, that guy needs to take a breath and realize that he's getting paid to communicate, not just think.
Argonaut22j 3 years ago
hkyuuuu
mettalika26 3 years ago
Uhm gosh uhm people need to learn how to uh give a presentation, uh but, uhm, so uhm, uh in particular, you should review your presentation before you give it, uhm yes uhm.
cristiandeidaho 3 years ago