News

Feedback

Written on 30.06.26 (last change on 01.07.26) by Noah Mauthe

I have uploaded the Draft Design Document of the group you have chosen as feedback to each respective group's submission. They will also be available under materials, but this way it is clear which project you are supposed to give feedback on.

Further, I have installed a forum where you can ask the… Read more

I have uploaded the Draft Design Document of the group you have chosen as feedback to each respective group's submission. They will also be available under materials, but this way it is clear which project you are supposed to give feedback on.

Further, I have installed a forum where you can ask the group you are reviewing for clarification in case this is needed.

Clarification of the Feedback Session

Written on 26.06.26 by Noah Mauthe

Since there have been some questions, I want to clarify the format of the upcoming feedback session.

Before: We expect you to upload a written description of your design that the other group that will evaluate your design can use. You are not required, but encouraged, to use one of the provided… Read more

Since there have been some questions, I want to clarify the format of the upcoming feedback session.

Before: We expect you to upload a written description of your design that the other group that will evaluate your design can use. You are not required, but encouraged, to use one of the provided templates, as they already contain all necessary sections, making your life easier.

Presentation: The "presentation" of your design is freeform. Meaning, we expect you to present your design in an understandable way, but do NOT require any particular format. Using slides / whiteboard / puppets or whatever else you can imagine will help other groups understand your presentation is totally up to you. The length of the presentation should be 8-10 minutes. This way, the other groups (and we as instructors) have the chance to ask questions for 20 minutes. It is NOT necessary to split the presentation among all groups members. However, everyone should of course be able to answer the questions regarding the group's design. 

Design Feedback Offer and Additional Material

Written on 11.06.26 by Noah Mauthe

Observing your very lively design discussions this week, we realized that the alotted time might not be sufficient to flesh out your design, especially considering the number of characteristics you have identified in the course of the seminar. Thus, we are currently looking into restructuring the… Read more

Observing your very lively design discussions this week, we realized that the alotted time might not be sufficient to flesh out your design, especially considering the number of characteristics you have identified in the course of the seminar. Thus, we are currently looking into restructuring the latter part of the seminar so you have more time to properly finish your designs. In the meantime, I can offer you (either by yourself or with your group) to set up individual meetings in case you want feedback on your design (or to discuss capabilities in general). This is of course completely optional and will not affect your grade in any way.

To support your design process further, I have also uploaded my recently accepted work "SoK: Capability Operating Systems: Is the Future Finally Here?" to the materials section of the CMS. It will be published at USENIX Security later this year, so apart from our research group you are the first ones to read it. I hope it can give you some interesting insights!

Creating Teams

Written on 03.06.26 by Noah Mauthe

Contrary to what I have said yesterday, it is actually much easier if you set up the groups yourself in the CMS, rather than sending me an email. The functionality is available on your personal site in CMS, same place you can also find your submissions. One group has already found it, you can just… Read more

Contrary to what I have said yesterday, it is actually much easier if you set up the groups yourself in the CMS, rather than sending me an email. The functionality is available on your personal site in CMS, same place you can also find your submissions. One group has already found it, you can just ignore this message.

Team groupings can be changed until the beginning of the next seminar session, then they are fixed.

 

Characteristics

Written on 02.06.26 by Noah Mauthe

Thank you for a very productive and interactive session today! As promised, a more readable version of the characteristics can now be found in the materials section.

Room Change Tomorrow

Written on 01.06.26 by Noah Mauthe

Quick reminder that tomorrow's seminar session will take place in room 3.21 (still at CISPA, same building). 

Further Reading

Written on 20.05.26 (last change on 20.05.26) by Huda Dawoud

As mentioned in yesterday’s session, I would like to once again draw your attention to the research papers and links included in the further readings. In particular, having a basic understanding of SES and Cap’n Web before our next meeting would greatly enrich the discussion. You are not required to… Read more

As mentioned in yesterday’s session, I would like to once again draw your attention to the research papers and links included in the further readings. In particular, having a basic understanding of SES and Cap’n Web before our next meeting would greatly enrich the discussion. You are not required to submit something about them, but of course, sending questions in advance is highly encouraged and very welcome.

Miro Update

Written on 13.05.26 by Noah Mauthe

As discussed yesterday, I re-arranged the Miro board slightly according to our discussion and left some questions that could help you extract interesting insights from the papers for next week. The questions are definitely not exhaustive, please do not limit yourself to answering them. In fact, feel… Read more

As discussed yesterday, I re-arranged the Miro board slightly according to our discussion and left some questions that could help you extract interesting insights from the papers for next week. The questions are definitely not exhaustive, please do not limit yourself to answering them. In fact, feel free to ignore them entirely and provide your own, more interesting points :)

Side-note: Please remember that we are interested in your views and insights for the submissions, not summaries.

First Session

Written on 11.05.26 by Noah Mauthe

Please remember to bring your laptop to the first session tomorrow. We will start to work on a shared miro board already.

Looking forward to the first discussion!

Quick reminder: Preparing for the first session

Written on 05.05.26 by Noah Mauthe

Please remember to read the 5 Papers on Capabilities in General found in the materials section and submit the respective short takeaways / own thoughts on the paper. Of course you can also include questions if understanding was difficult so we can prepare accordingly.

The reading is essential so… Read more

Please remember to read the 5 Papers on Capabilities in General found in the materials section and submit the respective short takeaways / own thoughts on the paper. Of course you can also include questions if understanding was difficult so we can prepare accordingly.

The reading is essential so the fun part of the seminar, the informed discussion, can start right away.

LSF Registration open

Written on 24.04.26 by Sven Bugiel

Dear all, the examination office mentioned that the LSF registration should now be possible. Please register by May 12 to attend the seminar and receive credits.

Show all

Van Horn to Fuchsia: Capability-based Access Control

Overview

Capabilities as an access control paradigm have been around for nearly six decades. Still, until recently, they were a little-known access control primitive and not deployed in end-user devices. However, they recently re-emerged with the advent of CHERI and Google Fuchsia.

The seminar aims to explore the design space of capability systems on different levels. Students will be tasked with designing their own system with a set of characteristics they will identify themselves from the literature. To this end, the seminar will take place as an interactive design workshop. Accordingly, we expect active participation in discussions and group work in all sessions.


Logistics

Location CISPA E9.1 (see schedule for the room)
Time Tuesday, 14–16
Meeting Seminar (Weekly meetings starting May 12)
No. of Students max. 12 (min. 6)
Instructors Sven Bugiel, Noah Mauthe, Huda Dawoud
Contact Noah Mauthe (email)
Language  English
Kickoff April 21, 14–16, room 0.07 at CISPA

Course structure and grading

The course is structured as an interactive design workshop. The first weeks will be spent discussing scientific literature (to be read in between sessions) and extracting insights and characteristics. The seminar group as a whole will create a design framework for capability systems during this time. In the following weeks, students will work in small groups to design (not implement) their own capability system based on the constructed framework. Further, the students are expected to provide feedback on other groups' designs. The seminar will conclude with presentations of the finished designs and a discussion of lessons learned during the design process applicable to further research. Please also take a look at the seminar schedule below for more details.

While much of the seminar will require working in small, changing groups, each student must write an individual seminar report at the end!

Grading will be based on active participation in the seminar sessions (30%) and the report (70%).


Registration and prerequisites

Given the seminar's design workshop format, we expect active participation in all sessions!

Please do not register for this seminar if you are not excited about discussing research with your peers or detest group work during seminar sessions.

There are no formal prerequisites. However, students must be familiar with the basics of access control and operating system security to understand the concepts from the literature. For example, by passing the Foundations of Cybersecurity lecture, the Core Lecture Security, or the Mobile Security lecture.

Registration is handled via the central registration system of the UdS.


Seminar Schedule

Date Topic Format Preparation Room

21.4.

Kick-off Presentation by the instructors   0.07

12.5.

Capability System Characteristics - General Discussion - Small groups, then whole class Read 5 papers 0.07

19.5.

Capability System Characteristics - Modern Systems Discussion - Small groups, then whole class Read 2 papers 0.07

26.5.

Capability System Characteristics - Language Level Discussion - Small groups, then whole class Read 2 papers 0.07

2.6.

Capability System Characteristics & Domains Discussion - Whole class   3.21

9.6.

Design your own Capability System

Design Session - Small Groups

  0.07

16.6

Design your own Capability System Design Session - Small Groups   0.07

23.6.

Design your own Capability System Design Session - Small Groups   0.07

30.6.

Feedback Session Presentations - Short group presentations, followed by discussion Write design draft 0.07

7.7.

Design your own Capability System - Incorporating Feedback Design Session - Small Groups Write feedback 0.07

14.7.

Final Design Project Presentations

Lessons learned, reflection, and future research

Presentations - Small Groups

Discussion - Whole class

  0.07
Privacy Policy | Legal Notice
If you encounter technical problems, please contact the administrators.