sandstorm: personal cloud platform with least-privilege security architecture

In [May], I wrote:

  "In  Everything Is Broken, Quinn Norton presents an alarming, though
witty, case that heartbleed is really just the tip of the iceberg when
it comes to computer security problems.

  The best weapons I've seen are (a)  certified programming with
dependent types, and (b)  Robust Composition with  capabilties. ..."

Sandstorm is a personal cloud hosting platform; it puts a nice user
interface on docker-style packaging and deployment; and it takes a a
very practical approach to capability security.

I'd really like to see it take off, so I'd appreciate if you'd take a
look; even consider chipping in on the crowdfunding campaign.

further reading:

Capability Security Advances: seL4, sandstorm, Rserve

Mashing with permission by Tyler Close


Dan Connolly

Received on Friday, 22 August 2014 01:04:39 UTC