of the E and Dr. SES distributed object-capability programming languages, inventor of Miller Columns, a pioneer of agoric (market-based secure distributed) computing, an architect of the Xanadu hypertext publishing system, a representative to the EcmaScript (TC39) committee, and a senior fellow of the Foresight Institute. https://research.google.com/pubs/author35958.html
designates a resource and authorizes some kind of access to it. A first class move from ACL (access control lists) by closing the loopholes bad actors are exploiting in e-commerce. Capabilities solve “The Confused Deputy” problem in Windows, MacOS, and Unix derived OS Linux, Android, etc.
safety and encapsulation + Effects only by using held references + No powerful references by default Reference graph === Access graph Only connectivity begets connectivity OO expressiveness for security patterns (normally thought complex)
access to Carol, as needed for foo ➢ Memory-safe encapsulated objects Protect objects from their outside world ➢ OCaps: Causality only by references No powerful references by default Protect world from objects ➢ Reference graph === Access graph Deny authority by withholding connectivity
as practical, remove destructive behavior). TC39 https://github.com/tc39/proposal-frozen-realms A shim implementation of the Realm API can be found here And you can play around with the Shim here https://rawgit.com/agorics/proposal-realms/master/shim/examples/simple.html
several elements added in ES5 (along with Object.freeze, Object.getOwnPropertyNames, ...) that make SES possible as a library. JS strict mode by itself does not turn JS into an ocap system. You still need a library such as SES or the upcoming Frozen Realm shim.” http://clive.tries.fed.wiki/view/ecmascript-spec-proposal-for-realms-api
design? page Clive, yes, wiki enables collective behavior without any synchronization at the application level" page Fed wiki implemented Caja another of Miller’s OCap languages. https://en.wikipedia.org/wiki/Caja_project
version of the Linux kernel has moved to a security model that is similar to an object capabilities model. It's known as Control Groups and contains two components: control groups and namespaces. In a typical deployment, only a small number of processes have the control group API enabled. Processes that need to manage cgroups for other processes and partition resources for a physical system need to be run with CAP_SYS_ADMIN, typically by running them as root. https://lwn.net/Articles/679786/
improve current apps (more object-capabilities slated for EcmaScript (Frozen Realms). • Capabilities can enforce procedures within the company. For example, say, ‘user A can only access X document with approval from user B and C’. • In respect to trust, it allows companies to ensure that procedures are being executed in compliance with regulation. • Smart contracts can automate procedures. • Work scaling blockchain technologies perhaps is proxy for securing crypto-commerce. By addressing process, trust and access.