Erights - User contributions [en]

Documentation

SteveWitham — Fri, 20 Nov 2009 04:01:38 GMT

SteveWitham: fixed (?) a broken link

== Books and Theses ==

[http://www.evoluware.eu/fsp_thesis.pdf Patterns of Safe Collaboration]

[http://mscheffler.files.wordpress.com/2008/07/diploma_mscheffler.pdf Object-Capability Security in Virtual Environments]

[[Image:Ewalnut-pink.gif]]
[[Walnut|'''''E''''' in a Walnut]] - This is a basic tutorial on the '''''E''''' language covering basic, distributed, and secure distributed programming.

[http://www.erights.org/talks/thesis/index.html Robust Composition] - Towards a Unified Approach to Access Control and Concurrency Control. This is [[User:MarkM|Mark Miller]]'s PhD disseration, and it explains the rationale, philosophy, and goals of '''''E''''' and related systems.

[[Safe Serialization Under Mutual Suspicion]] (Wiki conversion in progress)

== Tutorials ==

[http://www.erights.org/elang/intro/index.html Tutorials] - several short tutorials showing how to use '''''E'''''.

[http://www.erights.org/elang/quick-ref.html Quick Reference Card] - Reminders of some useful patterns.

[[FAQ]]

[[E Under Eclipse]]

== Papers ==

[http://www.erights.org/elib/capability/ode/index.html Capability-based Financial Instruments] "An Ode to the [[wikipedia:Mark Granovetter|Granovetter]] Diagram" - diagramming communication relationships.

[http://www.hpl.hp.com/techreports/2003/HPL-2003-222.html Paradigm Regained: Abstraction Mechanisms for Access Control] by Mark S. Miller and Jonathan S. Shapiro.

[http://www.erights.org/talks/promises/paper/tgc05.pdf Concurrency Among Strangers: Programming in '''''E''''' as Plan Coordination] - by Mark S. Miller, E. Dean Tribble, Jonathan Shapiro. Explains '''''E''''''s concurrency control & distributed computing model.

[http://web.comlab.ox.ac.uk/oucl/work/toby.murray/papers/AALPE.pdf Authority Analysis for Least Privilege Environments] by Toby Murray and Gavin Lowe.

[http://web.comlab.ox.ac.uk/oucl/work/toby.murray/papers/NDA.pdf Non-delegatable authorities in capability systems] by Toby Murray and Gavin Lowe. ([http://portal.acm.org/citation.cfm?id=1460561&dl=ACM&coll=GUIDE&CFID=16630833&CFTOKEN=92363674# ACM link])

[http://www.linuxjournal.com/article/10199 MinorFs] by Rob Meijer. The MinorFs user-space filesystems works with AppArmor to provide a flexible form of discretionary access control.

[http://www.hpl.hp.com/techreports/2009/HPL-2009-53.html Not One Click for Security] by Alan Karp, Marc Stiegler, and Tyler Close. Describes how the ScoopFS (secure cooperative file sharing) UI design avoids ever presenting the user any interaction whose only purpose is security.

[http://www.hpl.hp.com/techreports/2009/HPL-2009-78.html Causeway: A message-oriented distributed debugger] by Terry Stanley, Tyler Close, and Mark S. Miller.

[http://waterken.sourceforge.net/web-key/ Mashing with Permission] by Tyler Close.

[http://www.hpl.hp.com/techreports/2009/HPL-2009-20.html ACLs don't] by Tyler Close.

[http://people.ischool.berkeley.edu/~ping/sid/ User Interaction Design for Secure Systems] by Ka-Ping Yee.

== Talks and Presentations ==
[http://sites.google.com/site/io/secure-collaboration---how-web-applications-can-share-and-still-be-paranoid Secure Collaboration - How Web Applications can Share and Still Be Paranoid] by Mike Samuel

[http://www.hpi.uni-potsdam.de/hirschfeld/dls/dls-07/program/ Tradeoffs in Retrofitting Security: An Experience Report] by Mark Miller

[http://youtube.com/watch?v=apVt7vhBqj0 Google TechTalk: Caja] by Mike Samuel

[http://www.youtube.com/watch?v=gGw09RZjQf8 The Lively Kernel] by Dan Ingalls

[http://www.youtube.com/watch?v=EGX2I31OhBE Object-Capabilities for Security] by David Wagner
([http://www.cs.berkeley.edu/~daw/talks/TRUST07.pdf slides from an earlier version of this talk])

[http://www.youtube.com/watch?v=V13wmj88Zx8 Gears and the Mashup Problem] by Douglas Crockford

[http://www.youtube.com/watch?v=vrbmMPlCp3U Desktops to Donuts: Object-Caps Across Scales] by Marc Stiegler

[http://www.youtube.com/watch?v=8aedCggam4s Core Patterns for Web Permissions] by Tyler Close

[http://www.youtube.com/watch?v=oE3x_gM3YFU Paradigm Regained: Abstraction Mechanisms for Access Control] by Mark Miller

[http://www.youtube.com/watch?v=UH66YrzT-_M The Virus Safe Computing Initiative at HP Labs] by Alan Karp

== Important emails ==

[http://www.eros-os.org/pipermail/cap-talk/2006-August/005534.html On the Spread of the Capability Approach] by Bill Tulloh

Webkeys vs the web

SteveWitham — Sun, 12 Apr 2009 18:15:00 GMT

SteveWitham: Asking how to make subsections instead of bulleted list.

This page is a [[Whiteboards|whiteboard]] about [[http://www.eros-os.org/pipermail/cap-talk/2009-March/012406.html this thread]] that Chip Morningstar started on the cap-talk mailing list.

== The problem ==

"No! That isn't what I meant!"

== Use- and Abuse-Cases ==

For each: how does it come up? How to enable or prevent?

Doh, these should be subsections instead of a bulleted list, would appreciate if someone
can make them so.

* [[http://en.wikipedia.org/wiki/Clickjacking Clickjacking]]
* Meant to show friend how to withdraw from ''her'' bank account.
* Get a powerful key, accidentally email to the wrong person.
* Process of purposely giving away a powerful key?
* Process of receiving a powerful key
* What's the equivalent of the file-open dialog box?

== Browser properties needed ==

Are current browsers' basic abilities sufficient? Maybe with existing plugins? If not, what bits of software have to be there, or what pernicious bits need to be removed?

== What do users assume? How do they behave? ==

== What do developers assume? How do they behave? ==

Does security depend on developers never copy-and-pasting the wrong, but intuitive bit of Javascript or HTML?

== Larger infrastructure ==

Mention Waterken.

If users give away powerful capabilities on purpose, then how are the following managed?
* Friends' identities
* Capabilities that have been handed out

== Code samples ==

Might want to put some advice about how to quote HTML and Javascript code here.

Webkeys vs the web

SteveWitham — Sun, 12 Apr 2009 18:13:15 GMT

SteveWitham: "This is a whiteboard". Also added "withdraw from ''her'' account."

This page is a [[Whiteboards|whiteboard]] about [[http://www.eros-os.org/pipermail/cap-talk/2009-March/012406.html this thread]] that Chip Morningstar started on the cap-talk mailing list.

== The problem ==

"No! That isn't what I meant!"

== Use- and Abuse-Cases ==

For each: how does it come up? How to enable or prevent?

* [[http://en.wikipedia.org/wiki/Clickjacking Clickjacking]]
* Meant to show friend how to withdraw from ''her'' bank account.
* Get a powerful key, accidentally email to the wrong person.
* Process of purposely giving away a powerful key?
* Process of receiving a powerful key
* What's the equivalent of the file-open dialog box?

== Browser properties needed ==

Are current browsers' basic abilities sufficient? Maybe with existing plugins? If not, what bits of software have to be there, or what pernicious bits need to be removed?

== What do users assume? How do they behave? ==

== What do developers assume? How do they behave? ==

Does security depend on developers never copy-and-pasting the wrong, but intuitive bit of Javascript or HTML?

== Larger infrastructure ==

Mention Waterken.

If users give away powerful capabilities on purpose, then how are the following managed?
* Friends' identities
* Capabilities that have been handed out

== Code samples ==

Might want to put some advice about how to quote HTML and Javascript code here.

Whiteboards

SteveWitham — Sun, 12 Apr 2009 18:07:59 GMT

SteveWitham:

Whiteboards are pages that members of various E and Capabilities [[Erights:Community Portal|discussions]] can hash stuff out upon.

Whiteboard means, like a wiki page only more purposely, visibly and messily so.

Might invent some etiquette. For instance: don't just erase someone else's content. Maybe stages like: add comment about why it's not needed/obsolete/resolved/off-topic etc., discuss on whatever list, reduce font size, finally move to a "resolved" section.

To create a whiteboard: edit this page, add a link to the new whiteboard, save, then click the link. Probably put a first sentence saying the new page is a whiteboard, with link back to here.

* [[Webkeys vs the web]]: How can a way to convey capabilities in URLs be used
to make useable user-facing web pages without vulnerabilities like clickjacking?

Webkeys vs the web

SteveWitham — Sun, 12 Apr 2009 17:45:43 GMT

SteveWitham: Put in lots of stub sections.

Chip Morningstar started [[http://www.eros-os.org/pipermail/cap-talk/2009-March/012406.html this thread]] on the cap-talk mailing list.

== The problem ==

"No! That isn't what I meant!"

== Use- and Abuse-Cases ==

For each: how does it come up? How to enable or prevent?

* [[http://en.wikipedia.org/wiki/Clickjacking Clickjacking]]
* Process of purposely giving away a powerful key?
* Get a powerful key, accidentally email to the wrong person.
* Process of receiving a powerful key
* What's the equivalent of the file-open dialog box?

== Browser properties needed ==

Are current browsers' basic abilities sufficient? Maybe with existing plugins? If not, what bits of software have to be there, or what pernicious bits need to be removed?

== What do users assume? How do they behave? ==

== What do developers assume? How do they behave? ==

Does security depend on developers never copy-and-pasting the wrong, but intuitive bit of Javascript or HTML?

== Larger infrastructure ==

Mention Waterken.

If users give away powerful capabilities on purpose, then how are the following managed?
* Friends' identities
* Capabilities that have been handed out

== Code samples ==

Might want to put some advice about how to quote HTML and Javascript code here.

Webkeys vs the web

SteveWitham — Sun, 12 Apr 2009 17:19:36 GMT

SteveWitham: Just the stub.

Chip Morningstar started [[http://www.eros-os.org/pipermail/cap-talk/2009-March/012406.html this thread]] on the cap-talk mailing list.

This article on the ERights wiki is...a nice clean whiteboard. You can help by scribbling all over it.

Whiteboards

SteveWitham — Sun, 12 Apr 2009 17:11:13 GMT

SteveWitham:

To create a whiteboard: edit this page, add a link to the new whiteboard, save, then click the link.

* [[Webkeys vs the web]]: How can a way to convey capabilities in URLs be turned
into useable user-facing web pages without vulnerabilities like clickjacking?

Whiteboards

SteveWitham — Sun, 12 Apr 2009 17:09:36 GMT

SteveWitham: Bulleted list.

To create a whiteboard, edit this page, add a link to the new whiteboard, save, then click the link!

* [[Webkeys vs the web]]: How can a way to convey capabilities in URLs be turned
into useable user-facing web pages without vulnerabilities like clickjacking?

Whiteboards

SteveWitham — Sun, 12 Apr 2009 17:03:38 GMT

SteveWitham: Created top paragraph and first whiteboard link

To create a whiteboard, edit this page, add a link to the new whiteboard, save, then click the link!

[[Webkeys vs the web]]: Given a way to convey capabilities in URLs, how can that be turned
into useable and secure user-facing web pages without vulnerabilities like clickjacking?

Main Page

SteveWitham — Sun, 12 Apr 2009 16:52:57 GMT

SteveWitham: Added "Whiteboards" section

__NOTOC__
<big>'''Welcome to the ERights.org wiki.'''</big>

E is an [[wikipedia:Object-capability model|object-capability]] programming language and platform for writing [[wikipedia:Distributed computing|distributed]], secure, and robust software. This wiki is about E and the larger subject of [[wikipedia:Capability-based security|capability-based security]].

== [[Getting Started]] ==

[[Getting Started]] - Tips for '''''E''''' newbies

== What's New? ==

[http://www.erights.org/talks/index.html#google-abac Google Techtalk series on ABAC] - Authorization Based Access Control.

[[Future research topics]]

== [[Documentation]] ==

* [[Documentation#Books|Books]]
** [[Walnut|'''''E''''' in a Walnut]]
* [[Documentation#Tutorials|Tutorials]]
* [[FAQ]]
* [[Documentation#Papers|Papers]]
* [[Documentation#Talks and Presentations|Talks and Presentations]]

== [[Whiteboards]] ==

Where [[Erights:Community Portal|list]] members can hash things out.

== [[Downloads]] ==

* [[Downloads#Releases|Releases]] - ready-to-install versions of '''''E'''''.

==[[:Category:Applications|Applications]]==

== [[Erights:Community Portal|Community]] ==

[http://www.eros-os.org/pipermail/e-lang/ e-lang mailing list] - discussion of '''''E''''' and other capability languages.

[http://www.eros-os.org/pipermail/cap-talk/ cap-talk mailing list] - discussion of general issues regarding capability security.

[http://ircbrowse.com/cdates.html?channel=erights #erights IRC channel] - On the [http://www.mibbit.com/?server=irc.freenode.net&channel=%23erights #erights] IRC channel at irc.freenode.net, you can talk to a running instance of '''''E ''''' as well as elang-ers online. Try saying "? 2+3".

==[[Development]]==
* [[Downloads#Subversion|Subversion Repository]] - development branch

== [[Related Sites]] ==

[http://www.erights.org Main Erights.org site]

[[wikipedia:E_(programming_language)|'''''E''''' on Wikipedia]]

[http://rosettacode.org/wiki/Category:E '''''E''''' on Rosetta Code]

[[Object-capability languages]]

[http://www.combex.com/ Combex, Inc.] - The for-profit facet of the '''''E''''' project, featuring [[CapDesk]] -- the capability secure desktop, and [[caplet]] installation and launching framework.

Main Page

SteveWitham — Sun, 12 Apr 2009 16:50:51 GMT

SteveWitham:

__NOTOC__
<big>'''Welcome to the ERights.org wiki.'''</big>

E is an [[wikipedia:Object-capability model|object-capability]] programming language and platform for writing [[wikipedia:Distributed computing|distributed]], secure, and robust software. This wiki is about E and the larger subject of [[wikipedia:Capability-based security|capability-based security]].

== [[Getting Started]] ==

[[Getting Started]] - Tips for '''''E''''' newbies

== What's New? ==

[http://www.erights.org/talks/index.html#google-abac Google Techtalk series on ABAC] - Authorization Based Access Control.

[[Future research topics]]

== [[Documentation]] ==

* [[Documentation#Books|Books]]
** [[Walnut|'''''E''''' in a Walnut]]
* [[Documentation#Tutorials|Tutorials]]
* [[FAQ]]
* [[Documentation#Papers|Papers]]
* [[Documentation#Talks and Presentations|Talks and Presentations]]

== [[Downloads]] ==

* [[Downloads#Releases|Releases]] - ready-to-install versions of '''''E'''''.

==[[:Category:Applications|Applications]]==

== [[Erights:Community Portal|Community]] ==

[http://www.eros-os.org/pipermail/e-lang/ e-lang mailing list] - discussion of '''''E''''' and other capability languages.

[http://www.eros-os.org/pipermail/cap-talk/ cap-talk mailing list] - discussion of general issues regarding capability security.

[http://ircbrowse.com/cdates.html?channel=erights #erights IRC channel] - On the [http://www.mibbit.com/?server=irc.freenode.net&channel=%23erights #erights] IRC channel at irc.freenode.net, you can talk to a running instance of '''''E ''''' as well as elang-ers online. Try saying "? 2+3".

==[[Development]]==
* [[Downloads#Subversion|Subversion Repository]] - development branch

== [[Related Sites]] ==

[http://www.erights.org Main Erights.org site]

[[wikipedia:E_(programming_language)|'''''E''''' on Wikipedia]]

[http://rosettacode.org/wiki/Category:E '''''E''''' on Rosetta Code]

[[Object-capability languages]]

[http://www.combex.com/ Combex, Inc.] - The for-profit facet of the '''''E''''' project, featuring [[CapDesk]] -- the capability secure desktop, and [[caplet]] installation and launching framework.

User talk:151.203.223.199

SteveWitham — Sun, 12 Apr 2009 16:49:19 GMT

SteveWitham: taking credit

This was me, [[SteveWitham]] on April 12, 2009. Sorry, edited before logging in. I second the notion of disallowing anonymous edits.

User:SteveWitham

SteveWitham — Fri, 03 Apr 2009 03:53:39 GMT

SteveWitham: Put up self-description.

When I first arrived, I found that Kilroy had already been here.

Steve Witham is a programmer who lives in the Boston area.

He has a [http://www.tiac.net/~sw web page].