Campus Event Calendar
Event Entry
What and Who
Formalizing object capabilities
David Swasey
MMCI
SWS Student Defense Talks - Qualifying Exam
SWS
Expert Audience
English
Note: We use this to send email in the morning.
Date, Time and Location
Wednesday, 13 April 2016
14:00
-- Not specified --
E1 5
029
Saarbrücken
Abstract
Object capabilities let mutually distrustful principals share
private state without giving up integrity, thus ostensibly making
secure programming easier in the presence of buggy or malicious
code. In practice, however, programmers may use object
capabilities incorrectly, creating subtle security flaws. I aim to
enable verification of programs that use object capabilities. In
this work, I model Firefox's use of object capabilities—which is
quite rich, going beyond "standard" patterns described in the
literature—and develop a program logic to prove integrity
properties.
private state without giving up integrity, thus ostensibly making
secure programming easier in the presence of buggy or malicious
code. In practice, however, programmers may use object
capabilities incorrectly, creating subtle security flaws. I aim to
enable verification of programs that use object capabilities. In
this work, I model Firefox's use of object capabilities—which is
quite rich, going beyond "standard" patterns described in the
literature—and develop a program logic to prove integrity
properties.
Contact
--email hidden
passcode not visible
logged in users only
Maria-Louise Albrecht, 07/11/2017 16:15
Maria-Louise Albrecht, 07/11/2017 16:03 -- Created document.
Maria-Louise Albrecht, 07/11/2017 16:03 -- Created document.