Security system breaches resulting in exposure of large quantities of sensitive information have become increasingly common. As data-hungry enterprises aggregate larger and larger caches of sensitive information, the damage from the inevitable breaches becomes more significant and far-reaching. Is there something fundamentally wrong with the design of our security systems? Can these risks be mitigated? […]
16
Feb
2017
Distributed Security
Tags: actor, authentication, authorization, capability, decryption, distribution, encryption, envelope, network, ocaps, POLA, proxy, receptionist, routing, sealer, stub, unsealer
Within a single address-space, the capability-security properties of actor references are guaranteed by the actor run-time. Memory-safe implementations of actor languages ensure that actor references cannot be forged. Having a reference to an actor means you have permission to send it a message. A single machine may host multiple independent actor address-spaces, each of which […]