[Pl-seminar] 10/23: Scott Moore, Secure Scripting with Capabilities and Contracts

Vincent St-Amour stamourv at ccs.neu.edu
Wed Oct 22 13:41:26 EDT 2014

Just a reminder: Scott is speaking tomorrow.

Please note the non-standard time and place.


At Fri, 17 Oct 2014 11:26:16 -0400,
Vincent St-Amour wrote:
> NUPRL Seminar presents
> Scott Moore
> Harvard University
> 4:00 - 5:30 (non-standard time)
> Thursday, 10/23 (non-standard day)
> Room 128 Forsyth Building[1] (non-standard place)
> Secure Scripting with Capabilities and Contracts
> Abstract:
> Capability-based security is a security paradigm where all access decisions
> are mediated by unforgeable tokens of authority. Capabilities are powerful
> because they allow individual components to delegate authority to each
> other in a fine-grained way. Unfortunately, reasoning about how
> capabilities are used can be difficult.
> Behavioral contracts are a widely used specification tool for software
> components. Contracts enrich interfaces with executable specifications of
> logical assertions. The rigorous enforcement of contracts provides to
> programmers precise guarantees about a program's execution, and offers
> useful feedback for debugging contract violations.
> In this talk, I will demonstrate how capabilities and contracts can be used
> together to develop programs with clear, declarative security
> specifications. Specifically, I will focus on two applications of contracts
> in capability-based security. First, I will describe Shill; a
> capability-based shell scripting language where contracts specify and
> enforce policies about which OS resources scripts intend to use and how
> they use them. These contracts help script authors and users to adhere to
> the Principle of Least Privilege. Shill extends the guarantees that these
> contracts provide to arbitrary programs using sandboxing techniques.
> Second, I will present a contract system for describing and enforcing
> declarative policies on the flow of capabilities between components. Using
> this system, components can specify not only what capabilities they require
> from their users, but also how they intend to share these capabilities with
> other components.
> [1] Building 55 on http://www.northeastern.edu/campusmap/map/index.html
> _______________________________________________
> pl-seminar mailing list
> pl-seminar at lists.ccs.neu.edu
> https://lists.ccs.neu.edu/bin/listinfo/pl-seminar

More information about the pl-seminar mailing list