Lost Wisdom of the Ancients
This presentation focuses on the application of object capabilities in the user interface. We learn why the ocap paradigm is uniquely adapted to the construction of highly secure systems wherein the security is invisible. One example is SCoopFS, the Secure Cooperative File Sharing system, an ocap peer to peer system with many DropBox-like characteristics but which did not need a central trusted third party server. In developing this system, we succeeded in making the security so invisible that users who liked the features would ask us to “turn on security”. This led to the question, “once you’ve made the security ubiquitous and invisible, how do we let the user know?”
Visiting Scholar and Research Scientist for HP Labs, developer of secure systems for DARPA. Developer of CapDesk, which applied ocaps to the man/machine interface to create a desktop effectively invulnerable to traditional computer viruses and zero-day attacks; Polaris, which applied the same principles to the Windows desktop; DonutLab, which demonstrated how to build an ocap version of PlanetLab, a distributed compute server system wherein each server resides in a different administrative domain with limited mutual trust; and Emily, an ocap version of OCaml.