Loading...

Bringing Object-orientation to Security Programming (Mark S. Miller, Google)

3,096 views

Loading...

Loading...

Transcript

The interactive transcript could not be loaded.

Loading...

Loading...

Rating is available when the video has been rented.
This feature is not available right now. Please try again later.
Published on Nov 3, 2011

This is talk 2/2 in a Lecture Series on Web Security by Google Research Scientist Mark S. Miller. It took place on October 7th at the Vrije Universiteit Brussel in Brussels, Belgium. Full details at: http://mobicrant-talks.eventbrite.com

Abstract:
Just as we should not expect our base programming language to provide all the data types we need, so we should not expect our security foundation to provide all the abstractions we need to express security policy. The answer to both is the same: We need foundations that provide simple abstraction mechanisms, which we use to build an open ended set of abstractions, which we then use to express policy. We show how to use EcmaScript 5 to enforce the security latent in object-oriented abstraction mechanisms: encapsulation, message-passing, polymorphism, and interposition. With these secured, we show how to build abstractions for confinement, rights amplification, transitive wrapping and revocation, and smart contracts.

Slides:
http://soft.vub.ac.be/events/mobicran...

Loading...

When autoplay is enabled, a suggested video will automatically play next.

Up next


to add this to Watch Later

Add to

Loading playlists...