Using object capabilities and effects to build an authority-safe module system: poster
| dc.contributor.author | Melicher, Darya | en |
| dc.contributor.author | Shi, Yangqingwei | en |
| dc.contributor.author | Zhao, Valerie | en |
| dc.contributor.author | Potanin, Alex | en |
| dc.contributor.author | Aldrich, Jonathan | en |
| dc.date.accessioned | 2026-03-04T08:40:43Z | |
| dc.date.available | 2026-03-04T08:40:43Z | |
| dc.date.issued | 2018-04-10 | en |
| dc.description.abstract | The principle of least authority states that each component of a software system must have only the authority necessary for its execution and nothing else. This principle is a cornerstone of the security of software applications, but it is difficult to enforce in practice. Current programming languages, as well as non-linguistic approaches, do not provide adequate control over the authority of untrusted modules [1, 5]. To fill this gap, we designed and implemented a capability-based module system that facilitates controlling the security capabilities of software modules [2]. Furthermore, we are currently working on augmenting our module system with an effect system to make our design authority-safe. Our approach simplifies the process of ensuring that a software system maintains the principle of least authority, and also allows for attenuation of module authority [3]. Our design is implemented as part of the Wyvern programming language [4]. | en |
| dc.description.status | Peer-reviewed | en |
| dc.format.extent | 1 | en |
| dc.identifier.isbn | 9781450364553 | en |
| dc.identifier.other | dblp:conf/hotsos/MelicherSZPA18 | en |
| dc.identifier.scopus | 85047210607 | en |
| dc.identifier.uri | https://hdl.handle.net/1885/733807077 | |
| dc.language.iso | en | en |
| dc.publisher | Association for Computing Machinery (ACM) | en |
| dc.relation.ispartof | Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, HoTSoS 2018 | en |
| dc.relation.ispartofseries | 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, HoTSoS 2018 | en |
| dc.relation.ispartofseries | ACM International Conference Proceeding Series | en |
| dc.rights | Publisher Copyright: | en |
| dc.subject | Authority | en |
| dc.subject | Capabilities | en |
| dc.subject | Effects | en |
| dc.subject | Language-based security | en |
| dc.subject | Modules | en |
| dc.title | Using object capabilities and effects to build an authority-safe module system: poster | en |
| dc.type | Meeting Abstract | en |
| dspace.entity.type | Publication | en |
| local.contributor.affiliation | Melicher, Darya; Carnegie Mellon University | en |
| local.contributor.affiliation | Shi, Yangqingwei; Carnegie Mellon University | en |
| local.contributor.affiliation | Zhao, Valerie; Wellesley College | en |
| local.contributor.affiliation | Potanin, Alex; Victoria University of Wellington | en |
| local.contributor.affiliation | Aldrich, Jonathan; Carnegie Mellon University | en |
| local.identifier.doi | 10.1145/3190619.3191691 | en |
| local.identifier.pure | f7d93194-9ba0-4bcd-8e03-e416a16d1039 | en |
| local.identifier.url | https://www.scopus.com/pages/publications/85047210607 | en |
| local.type.status | Published | en |