Showing posts with label Wagner. Show all posts
Showing posts with label Wagner. Show all posts

Thursday, December 06, 2007

YouTube video on Object Capabilities

An report update on the development of the Security & Access Module being developed for People, Ideas & Objects. Of particular note I want to highlight the work of Berkeley Professor David Wagner in the above noted video. (Click on the title for the YouTube video). At one point he indicates that he is very interested in securing alpha users for his research and use of "Joe-e" programming language. I will be emailing him soon and offering this module's development for consideration as an alpha-user of his research.

The Joe-e programming language is an offshoot of the Java Programming Language, just as JavaFX and Groovy are. It incorporates a higher level of "Type Safety" as no "global" or "static" variables are permitted; it is single thread safe and has a number of other enhancements that make it ideal for the development of "Object Capabilities". What are "Object Capabilities" Professor Wagner points to two excellent papers that describe in detail the concepts. I will be reviewing these as both research and development of the module.

Mark Miller "Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control." Johns Hopkins University 2005
and
Jonathon Rees "A security kernel based on the Lambda Calculus" MIT 1995
It will be worthwhile to look at the tie-in that we can make to Professor Carliss Baldwin's work on transactions. Recall the matrix's she introduced in defining the scope of transactions. And how "Vouchers" were how I would implement these elements of the transaction. Object Capability would define the access and concurrency of the interactions between users within that voucher as well.

In the process of this development it has become necessary to define the level of virtualization that is possible and needed for the operations of this application. Virtualization on Solaris provides the ability to have an instance of the OS and associated technology stack operate for one specific user-defined unit. The size of the unit could be the entire application, or I could define the virtualization level that would have each person, company and JOC have a virtualized OS and associated technology stack for each of those units. I would do the latter if it provided an enhanced level of security, and this will be determined through the research of this module.

What I hope to be able to do with Professor Wagner is to define the manner in which we layer the Military Command & Control structure of the Compliance & Governance Module over the Assets, People, Geography, JOC's, Companies, Disciplines etc. Much in the same way that the Military denotes in the "Sgt. 1st Class, Rick Emert, 1st ACB, 1st Cavalry Division, PAO". This definition is necessary for the application and the industry to function. The value and need of the end users to define these elements will be incalculable.

Lastly IPv6 is one of the cornerstones of the Technical Vision that I have put forward for this project. I want to review the impact of that technology on the policies and technologies mentioned in this post. Also, the level of encryption available in the Java Programming Language provides very high security. The cryptography available is well documented here.

Technorati Tags: , , , ,