W3C home > Mailing lists > Public > semantic-web@w3.org > August 2014

sandstorm: personal cloud platform with least-privilege security architecture

From: Dan Connolly <dckc@madmode.com>
Date: Thu, 21 Aug 2014 20:04:11 -0500
Message-ID: <CAD2YivbiU4NaFSAbUH_+dpTwcyhxnCXWvHGrqvaD64-UziSvRQ@mail.gmail.com>
To: public-xg-federatedsocialweb@w3.org, public-webid@w3.org, semantic-web@w3.org, public-fedsocweb@w3.org, public-web-security@w3.org
In [May], I wrote:

  "In  Everything Is Broken, Quinn Norton presents an alarming, though
witty, case that heartbleed is really just the tip of the iceberg when
it comes to computer security problems.

  The best weapons I've seen are (a)  certified programming with
dependent types, and (b)  Robust Composition with  capabilties. ..."


Sandstorm is a personal cloud hosting platform; it puts a nice user
interface on docker-style packaging and deployment; and it takes a a
very practical approach to capability security.

https://sandstorm.io/
https://blog.sandstorm.io/news/2014-07-24-tinytinyrss-plus-security-discussion.html


I'd really like to see it take off, so I'd appreciate if you'd take a
look; even consider chipping in on the crowdfunding campaign.



further reading:

Capability Security Advances: seL4, sandstorm, Rserve
http://www.madmode.com/2014/08-ocap-here-and-there.html

Mashing with permission by Tyler Close
http://waterken.sourceforge.net/web-key/

[May] https://informatics.kumc.edu/work/blog/2014/05/ocap_tutor

-- 
Dan Connolly
http://www.madmode.com/
Received on Friday, 22 August 2014 01:04:39 UTC

This archive was generated by hypermail 2.4.0 : Tuesday, 5 July 2022 08:45:38 UTC