Immunity from Viruses: Safety from Geeks Bearing Gifts - PowerPoint PPT Presentation

1 / 16
About This Presentation
Title:

Immunity from Viruses: Safety from Geeks Bearing Gifts

Description:

If a bad guy can persuade you to run his program on your ... Crypto Capabilities. The 4 Delegation Problems. Communicating Conspirators. Confused Deputy ... – PowerPoint PPT presentation

Number of Views:35
Avg rating:3.0/5.0
Slides: 17
Provided by: cypher8
Category:

less

Transcript and Presenter's Notes

Title: Immunity from Viruses: Safety from Geeks Bearing Gifts


1
Immunity from VirusesSafety from Geeks Bearing
Gifts
  • Mark S. Miller
  • Open Source Coordinator, ERights.org
  • CTO, Combex Inc.

2
MS's 1st Immutable Law
  • If a bad guy can persuade you to run his program
    on your computer, it's not your computer anymore.
  • It's an unfortunate fact of computer science
    when a computer program runs, it will do what
    it's programmed to do, even if it's programmed to
    be harmful. ... Once a program is running, it
    can do anything, up to the limits of what you
    yourself can do on the machine. ... It could
    open every document on the machine, and change
    the word "will" to "won't" in all of them. ...
    It could install a virus. It could create a
    "back door" that lets someone remotely control
    your machine. ...
  • That's why it's important to never run, or even
    download, a program from an untrusted source ...

3
POLA The Goldilocks Principle
Applications, Signed Code Full Authority
Integratable Useful
Caplets Least Authority
Isolated Useless
Applets No Authority
Safe
Dangerous
4
Which is Normal?
5
The Equivalence Myth
6
class Alice void someMethod()
// bob.foo(carol)
7
Capability SecurityOnly Connectivity Begets
Connectivity
  • By Introduction
  • ref to Carol
  • ref to Bob
  • decides to share
  • By Parenthood
  • By Construction
  • By Initial Conditions
  • Absolute Encapsulation
  • Only source of authority

8
Untangling the Myth
9
Capabilities O-O Security
Capability discipline -gt good software
engineering No static mutable state -gt
fewer per errors POLA -gt good
modularity - required trust is a form of
dependency - loose coupling -gt reducing
dependencies Information hiding -gt need to
know POLA -gt need to do
10
Dynamic Distributed Messaging
Object
Capability
Message
Vat
Process / Machine
11
Crypto Capabilities
12
(No Transcript)
13
(No Transcript)
14
(No Transcript)
15
SPKI as anOff-line Semi-Capability System
  • Unconfinable ref to Bob/Subject
  • Off-line
  • Auditable
  • Heavyweight

16
Rights Amplification
? define sealer, unsealer BrandMaker
pair("MarkM") value ltMarkM sealergt, ltMarkM
unsealergt ? define envelope sealer
seal("Tuna") value ltsealed by MarkMgt ?
unsealer unseal(envelope) value Tuna
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Immunity from Viruses: Safety from Geeks Bearing Gifts" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!