Contemporary microprocessor designs are based on pervasively shared mutable state. This introduces numerous vulnerabilities that have been exploited to violate the security of our computing platforms. Mechanisms to mitigate these hazards, such as Memory Management Units (MMUs), increase the complexity and power-consumption of CPUs. The movement to multicore processors amplifies the problem and adds more […]
25
Aug
2022
Memory Safety Simplifies Microprocessor Design
Tags: actor, capability, concurrency, CPU, microprocessor, ocaps, POLA, power, processor, safety, security, synchronization
29
Sep
2017
Computer Security Breaches Are Preventable
Security system breaches resulting in exposure of large quantities of sensitive information have become increasingly common. As data-hungry enterprises aggregate larger and larger caches of sensitive information, the damage from the inevitable breaches becomes more significant and far-reaching. Is there something fundamentally wrong with the design of our security systems? Can these risks be mitigated? […]
16
Feb
2017
Distributed Security
Tags: actor, authentication, authorization, capability, decryption, distribution, encryption, envelope, network, ocaps, POLA, proxy, receptionist, routing, sealer, stub, unsealer
Within a single address-space, the capability-security properties of actor references are guaranteed by the actor run-time. Memory-safe implementations of actor languages ensure that actor references cannot be forged. Having a reference to an actor means you have permission to send it a message. A single machine may host multiple independent actor address-spaces, each of which […]
19
Mar
2014
Implementing Actors in JavaScript
JavaScript does not exactly have an ideal semantic model for implementing Actors. Execution is single-threaded and sequential. Most objects are mutable by default. However, it has the advantage of being the most available and widely used computer language, so it seems worthwhile to show how actors can be used in this environment. Asynchronous Programming JavaScript […]
09
Oct
2013
Towards a Universal Implementation of Unforgeable Actor Addresses
Tags: actor, capability, decryption, encryption, grant-matcher, ocaps, POLA, sealer, Slominski, trust, unsealer
[It is my pleasure to welcome my colleague and collaborator, Tristan Slominski, as a guest-blogger -Dale] 2017-02-07 EDIT: A previous version of this article used the term Domain instead of Realm. In the popular implementations of the Actor Model, actor addresses are usually globally available to any other actor desiring to discover them. However, in […]
25
Mar
2012
Futures and Capabilities
Tags: actor, adapter, asynchronous, blocking, capability, concurrency, data-flow, deadlock, dependency, future, promise, protocol, proxy, security, sequence, synchronization, value
In the Actor Model, concurrency is the default. Sequencing must by arranged explicitly. An important case of sequencing occurs when there is a data dependency between different parts of a system. One part produces a value that another part needs to perform its function. One mechanism for sequencing data-dependent operations is to create a Future. […]
11
May
2010
Deconstructing the Actor Model
Tags: actor, asynchronous, capability, consistency, iteration, message-passing, primitive, recursion
The Actor Model of Computation, as defined by Carl Hewitt [1] and elaborated by Gul Agha [2], defines three primitive operations. These operations are “Send”, “Create” and “Become”. The “Send” operation transmits an asynchronous message to a known receiver. The “Create” operation constructs a new actor with a specified initial behavior. The “Become” operation defines […]