Presenting Robust Composition

3a9f8abc1147e55a25c7a5816a185909?s=47 clive boulton
December 07, 2017

Presenting Robust Composition


clive boulton

December 07, 2017


  1. 2.
  2. 3.

    Apple Root Password Vulnerability The bug meant anyone with physical

    access to a Mac running High Sierra could get admin access to the machine. an/status/935581020774 117381
  3. 8.

    Mark S Miller Mark S. Miller is the main designer

    of the E and Dr. SES distributed object-capability programming languages, inventor of Miller Columns, a pioneer of agoric (market-based secure distributed) computing, an architect of the Xanadu hypertext publishing system, a representative to the EcmaScript committee, and a senior fellow of the Foresight Institute.
  4. 9.

    Introduction to robust composition... Objects, References, Messages Object-capabilities (OCaps) Access

    Abstractions and Compositions Patterns of Safe Cooperation Dimensions & Taxonomy of Electronic Rights Smart Contacts [cheap machines not expensive lawyers] Composing Networks of contracts
  5. 10.

    How do I designate thee - The pointer --> count

    the ways - Two objects Bob points to Carol : By designation Bob Carol
  6. 11.

    How do I designate thee - The pointer --> count

    the ways - By introduction Bob Carol Alice FOO
  7. 12.

    How do I designate thee - The pointer --> count

    the ways - By endowment: Bob already exists, Bobs creates carol, Bob holds interface Bob Carol
  8. 13.

    How do I designate thee - The pointer --> count

    the ways - By endowment: Carol already exists, Alice creates Bob already endowed Bob Carol Alice
  9. 14.

    How do I designate thee - The pointer --> count

    the ways - Nothing exists: Bob comes into existence already points to Carol by initial conditions. Bob Carol
  10. 15.

    OCaps: Small step from pure objects 3 restrictions... + Memory

    safety and encapsulation + Effects only by using held references + No powerful references by default -------------------------------------------------------- Reference Graph === Access Graph Only connectivity begets connectivity OO expressiveness for security patterns (normally thought complex)
  11. 16.

    Objects as closures Examples of Dr. SES a variant of

    JavaScript Function makeCounter ( ) { var count = 0 return { incr: function ( ) { return ++ count:}. decr: function ( ) {return - count:} }); }
  12. 17.

    ECMAScript 5 Strict Mode Use strict Objects who can defend

    their integrity Properly defensive 7 steps of initialization is strict JS === Dr. SES
  13. 19.
  14. 20.

    Dr. SES - Distributed Resilient Secure EcmaScript Talk presented at

    the July 2017 TC39 (EcmaScript committee) meeting. ES2015 ES6 ES7 lands... OCap
  15. 21.
  16. 22.
  17. 23.
  18. 24.
  19. 27.

    What are capabilities? A capability is single thing that both

    designates a resource and authorizes some kind of access to it. Capabilities solve “The Confused Deputy” problem in Windows, MacOS, and Unix derived OS Linux, Android, etc. A first class move from ACL (access control lists) by closing the loopholes bad actors are exploiting in e-commerce. CB posits smart contract moves to POLA (principle of least authority) . Object capability: Smart contact blockchain capability-based.
  20. 28.

    Object-capabilities can provide specific access instead of access control lists.

    Example: Passport vs Car key. Assume my identity vs grant you access to my car.
  21. 31.

    Doing business with strangers Hard to hold strangers accountable, capabilities-based

    helps crypto-commerce.
  22. 33.

    Federated Wiki... Ward, does wiki deliberately avoid global locks by

    design? page Clive, yes, wiki enables collective behavior without any synchronization at the application level" page
  23. 34.

    Summary Cryptocurrencies boom makes sense when computer security in operating

    systems and programming languages were designed for private networks. Yet commerce now operates over public networks. Work scaling blockchain technologies perhaps is proxy for securing crypto-commerce. By addressing process, trust and access. • Smart contracts can enforce procedures within the company. For example, say, ‘user A can only access X document with approval from user B and C’. • In respect to trust, it allows companies to ensure that procedures are being executed in compliance with regulation. • Web developers can implement JavaScript strict-mode now to improve current apps (more object-capabilities slated for ES7).
  24. 35.

    More Mark Miller’s thesis and researched links Clive Boulton

    is fostering crypto-commerce… Tweet me at