News
Further ReadingWritten on 20.05.26 (last change on 20.05.26) by Huda Dawoud As mentioned in yesterday’s session, I would like to once again draw your attention to the research papers and links included in the further readings. In particular, having a basic understanding of SES and Cap’n Web before our next meeting would greatly enrich the discussion. You are not required to… Read more As mentioned in yesterday’s session, I would like to once again draw your attention to the research papers and links included in the further readings. In particular, having a basic understanding of SES and Cap’n Web before our next meeting would greatly enrich the discussion. You are not required to submit something about them, but of course, sending questions in advance is highly encouraged and very welcome. |
Miro UpdateWritten on 13.05.26 by Noah Mauthe As discussed yesterday, I re-arranged the Miro board slightly according to our discussion and left some questions that could help you extract interesting insights from the papers for next week. The questions are definitely not exhaustive, please do not limit yourself to answering them. In fact, feel… Read more As discussed yesterday, I re-arranged the Miro board slightly according to our discussion and left some questions that could help you extract interesting insights from the papers for next week. The questions are definitely not exhaustive, please do not limit yourself to answering them. In fact, feel free to ignore them entirely and provide your own, more interesting points :) Side-note: Please remember that we are interested in your views and insights for the submissions, not summaries. |
First SessionWritten on 11.05.26 by Noah Mauthe Please remember to bring your laptop to the first session tomorrow. We will start to work on a shared miro board already. Looking forward to the first discussion! |
Quick reminder: Preparing for the first sessionWritten on 05.05.26 by Noah Mauthe Please remember to read the 5 Papers on Capabilities in General found in the materials section and submit the respective short takeaways / own thoughts on the paper. Of course you can also include questions if understanding was difficult so we can prepare accordingly. The reading is essential so… Read more Please remember to read the 5 Papers on Capabilities in General found in the materials section and submit the respective short takeaways / own thoughts on the paper. Of course you can also include questions if understanding was difficult so we can prepare accordingly. The reading is essential so the fun part of the seminar, the informed discussion, can start right away. |
LSF Registration openWritten on 24.04.26 by Sven Bugiel Dear all, the examination office mentioned that the LSF registration should now be possible. Please register by May 12 to attend the seminar and receive credits. |
Van Horn to Fuchsia: Capability-based Access Control
Overview
Capabilities as an access control paradigm have been around for nearly six decades. Still, until recently, they were a little-known access control primitive and not deployed in end-user devices. However, they recently re-emerged with the advent of CHERI and Google Fuchsia.
The seminar aims to explore the design space of capability systems on different levels. Students will be tasked with designing their own system with a set of characteristics they will identify themselves from the literature. To this end, the seminar will take place as an interactive design workshop. Accordingly, we expect active participation in discussions and group work in all sessions.
Logistics
| Location | CISPA E9.1 (see schedule for the room) |
| Time | Tuesday, 14–16 |
| Meeting | Seminar (Weekly meetings starting May 12) |
| No. of Students | max. 12 (min. 6) |
| Instructors | Sven Bugiel, Noah Mauthe, Huda Dawoud |
| Contact | Noah Mauthe (email) |
| Language | English |
| Kickoff | April 21, 14–16, room 0.07 at CISPA |
Course structure and grading
The course is structured as an interactive design workshop. The first weeks will be spent discussing scientific literature (to be read in between sessions) and extracting insights and characteristics. The seminar group as a whole will create a design framework for capability systems during this time. In the following weeks, students will work in small groups to design (not implement) their own capability system based on the constructed framework. Further, the students are expected to provide feedback on other groups' designs. The seminar will conclude with presentations of the finished designs and a discussion of lessons learned during the design process applicable to further research. Please also take a look at the seminar schedule below for more details.
While much of the seminar will require working in small, changing groups, each student must write an individual seminar report at the end!
Grading will be based on active participation in the seminar sessions (30%) and the report (70%).
Registration and prerequisites
Given the seminar's design workshop format, we expect active participation in all sessions!
Please do not register for this seminar if you are not excited about discussing research with your peers or detest group work during seminar sessions.
There are no formal prerequisites. However, students must be familiar with the basics of access control and operating system security to understand the concepts from the literature. For example, by passing the Foundations of Cybersecurity lecture, the Core Lecture Security, or the Mobile Security lecture.
Registration is handled via the central registration system of the UdS.
Seminar Schedule
| Date | Topic | Format | Preparation | Room |
|
21.4. |
Kick-off | Presentation by the instructors | 0.07 | |
|
12.5. |
Capability System Characteristics - General | Discussion - Small groups, then whole class | Read 5 papers | 0.07 |
|
19.5. |
Capability System Characteristics - Modern Systems | Discussion - Small groups, then whole class | Read 2 papers | 0.07 |
|
26.5. |
Capability System Characteristics - Language Level | Discussion - Small groups, then whole class | Read 2 papers | 0.07 |
|
2.6. |
Capability System Characteristics & Domains | Discussion - Whole class | 3.21 | |
|
9.6. |
Design your own Capability System |
Design Session - Small Groups |
0.07 | |
|
16.6 |
Design your own Capability System | Design Session - Small Groups | 0.07 | |
|
23.6. |
Feedback Session | Presentations - Short group presentations, followed by discussion | 0.07 | |
|
30.6. |
Design your own capability system - Incorporating Feedback | Design Session - Small Groups | Write feedback | 0.07 |
|
7.7. |
Project Presentations | Presentations - Small Groups | 0.07 | |
|
14.7. |
Lessons learned, reflection, and future research | Discussion - Whole class | 0.07 |