If you're a programmer, you might be interested in watching some lectures about Authorization Based Access Control. Some folks from an HP research lab lectured at the GooglePlex about better & easier security through fine-grained access control. Maybe if I followed security literature closely, this would be all old news to me. But I don't. And these lectures were pretty good. Well, at least three of them were. I was out of town for one of them, and haven't seen it. Anyhow, links to the lectures:
- Intro to the lab's projects (Alan Karp)
- Abstraction mechanisms for Access Control (Mark Miller)
- A Very Secure and Powerful Wiki (or other web service) (Tyler Close)
- Fitting it all Together: Safely running warez from teh internets (Marc Stiegler)
These lectures were dangerous in that they made me want to go join a startup to create a new operating system. But I know better than that by now. So I got over it.
Labels: capabilities, link