News
Currently, no news are available
Van Horn to Fuchsia: Capability-based Access Control
Overview
Capabilities as an access control paradigm have been around for nearly six decades. Still, until recently, they were a little-known access control primitive and not deployed in end-user devices. However, they recently re-emerged with the advent of CHERI and Google Fuchsia.
The seminar aims to explore the design space of capability systems on different levels. Students will be tasked with designing their own system with a set of characteristics they will identify themselves from the literature. To this end, the seminar will take place as an interactive design workshop. Accordingly, we expect active participation in discussions and group work in all sessions.
Logistics
| Location | CISPA E9.1 (see schedule for the room) |
| Time | Tuesday, 14–16 |
| Meeting | Seminar (Weekly meetings starting May 12) |
| No. of Students | max. 12 (min. 6) |
| Instructors | Sven Bugiel, Noah Mauthe |
| Contact | Noah Mauthe (email) |
| Language | English |
| Kickoff | April 21, 14–16, room 0.07 at CISPA |
Course structure and grading
The course is structured as an interactive design workshop. The first weeks will be spent discussing scientific literature (to be read in between sessions) and extracting insights and characteristics. The seminar group as a whole will create a design framework for capability systems during this time. In the following weeks, students will work in small groups to design (not implement) their own capability system based on the constructed framework. Further, the students are expected to provide feedback on other groups' designs. The seminar will conclude with presentations of the finished designs and a discussion of lessons learned during the design process applicable to further research. Please also take a look at the seminar schedule below for more details.
While much of the seminar will require working in small, changing groups, each student must write an individual seminar report at the end!
Grading will be based on active participation in the seminar sessions (30%) and the report (70%).
Registration and prerequisites
Given the seminar's design workshop format, we expect active participation in all sessions!
Please do not register for this seminar if you are not excited about discussing research with your peers or detest group work during seminar sessions.
There are no formal prerequisites. However, students must be familiar with the basics of access control and operating system security to understand the concepts from the literature. For example, by passing the Foundations of Cybersecurity lecture, the Core Lecture Security, or the Mobile Security lecture.
Registration is handled via the central registration system of the UdS.
Seminar Schedule
| Date | Topic | Format | Preparation | Room |
|
21.4. |
Kick-off | Presentation by the instructors | 0.07 | |
|
12.5. |
Capability System Characteristics - General | Discussion - Small groups, then whole class | Read 5 papers | 0.07 |
|
19.5. |
Capability System Characteristics - Modern Systems | Discussion - Small groups, then whole class | Read 2 papers | 0.07 |
|
26.5. |
Capability System Characteristics - Language Level | Discussion - Small groups, then whole class | Read 2 papers | 0.07 |
|
2.6. |
Capability System Characteristics & Domains | Discussion - Whole class | 0.07 | |
|
9.6. |
Design your own Capability System |
Design Session - Small Groups |
0.07 | |
|
16.6 |
Design your own Capability System | Design Session - Small Groups | 0.07 | |
|
23.6. |
Feedback Session | Presentations - Short group presentations, followed by discussion | 0.07 | |
|
30.6. |
Design your own capability system - Incorporating Feedback | Design Session - Small Groups | Write feedback | 0.07 |
|
7.7. |
Project Presentations | Presentations - Small Groups | 0.07 | |
|
14.7. |
Lessons learned, reflection, and future research | Discussion - Whole class | 0.07 |