@inbook{f7d931949ba04bcd8e03e416a16d1039,
title = "Using object capabilities and effects to build an authority-safe module system: poster",
abstract = "The principle of least authority states that each component of a software system must have only the authority necessary for its execution and nothing else. This principle is a cornerstone of the security of software applications, but it is difficult to enforce in practice. Current programming languages, as well as non-linguistic approaches, do not provide adequate control over the authority of untrusted modules [1, 5]. To fill this gap, we designed and implemented a capability-based module system that facilitates controlling the security capabilities of software modules [2]. Furthermore, we are currently working on augmenting our module system with an effect system to make our design authority-safe. Our approach simplifies the process of ensuring that a software system maintains the principle of least authority, and also allows for attenuation of module authority [3]. Our design is implemented as part of the Wyvern programming language [4].",
keywords = "Authority, Capabilities, Effects, Language-based security, Modules",
author = "Darya Melicher and Yangqingwei Shi and Valerie Zhao and Alex Potanin and Jonathan Aldrich",
note = "Publisher Copyright: ; 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, HoTSoS 2018 ; Conference date: 10-04-2018 Through 11-04-2018",
year = "2018",
month = apr,
day = "10",
doi = "10.1145/3190619.3191691",
language = "English",
series = "ACM International Conference Proceeding Series",
publisher = "Association for Computing Machinery (ACM)",
booktitle = "Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, HoTSoS 2018",
address = "United States",
}