Ownership types for flexible alias protection
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Reflections on an operating system design
Communications of the ACM
Protection and the control of information sharing in multics
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
Object-Oriented Software Construction
Object-Oriented Software Construction
Ownership, encapsulation and the disjointness of type and effect
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Capability-Based Financial Instruments
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
A Semantic Model for Authentication Protocols
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
The Cambridge CAP computer and its operating system (Operating and programming systems series)
The Cambridge CAP computer and its operating system (Operating and programming systems series)
Protecting representation with effect encapsulation
Conference record of the 33rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Dynamic ownership in a dynamic language
Proceedings of the 2007 symposium on Dynamic languages
A Unified Framework for Verification Techniques for Object Invariants
ECOOP '08 Proceedings of the 22nd European conference on Object-Oriented Programming
Protection systems and protection implementations
AFIPS '72 (Fall, part I) Proceedings of the December 5-7, 1972, fall joint computer conference, part I
ESOP '09 Proceedings of the 18th European Symposium on Programming Languages and Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
The need for flexible object invariants
International Workshop on Aliasing, Confinement and Ownership in Object-Oriented Programming
Using history invariants to verify observers
ESOP'07 Proceedings of the 16th European conference on Programming
Monitoring security policies with metric first-order temporal logic
Proceedings of the 15th ACM symposium on Access control models and technologies
Object Capabilities and Isolation of Untrusted Web Applications
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Refinement types for secure implementations
ACM Transactions on Programming Languages and Systems (TOPLAS)
The relationship between separation logic and implicit dynamic frames
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
Automated Analysis of Security-Critical JavaScript APIs
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Proceedings of the 13th Workshop on Formal Techniques for Java-Like Programs
Considerate reasoning and the composite design pattern
VMCAI'10 Proceedings of the 11th international conference on Verification, Model Checking, and Abstract Interpretation
ACM Transactions on Programming Languages and Systems (TOPLAS)
A linear logic of authorization and knowledge
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Functional programs that explain their work
Proceedings of the 17th ACM SIGPLAN international conference on Functional programming
An analysis of the mozilla jetpack extension framework
ECOOP'12 Proceedings of the 26th European conference on Object-Oriented Programming
JSand: complete client-side sandboxing of third-party JavaScript without browser modifications
Proceedings of the 28th Annual Computer Security Applications Conference
Are your incoming aliases really necessary? counting the cost of object ownership
Proceedings of the 2013 International Conference on Software Engineering
| Hi-index | 0.00 |
The object-capability model is one of the industry standards adopted for the implementation of security policies for web-based software. Object-capabilities in various forms are supported by programming languages such as E, Joe-E, Newspeak, Grace, and the newer versions of Javascript. Unfortunately, code written using capabilities tends to concentrate on the low-level mechanism rather than the high-level policy. In this position paper, we argue that current specification methodologies cannot adequately capture all aspects of the capability policies required to support object-capability systems. We outline informally the features that such security policies should support, and we demonstrate (also informally) how we can reason that examples satisfy the capability policies.