Third-party libraries ease the development of large-scale software systems. However,
libraries often execute with significantly more privilege than needed to complete their task …

Industries and governments are increasingly compelled by regulations and public pressure
to handle sensitive information responsibly. Regulatory requirements and user expectations …

Object capabilities are a technique for fine-grained privilege separation in programming
languages and systems, with important applications in security. However, current formal …

The principle of least authority states that each component of the system should be given
authority to access only the information and resources that it needs for its operation. This …

The orchestration of application components across heterogeneous cloud providers is a
problem that has been tackled using various approaches, some of which led to the creation …

Previous studies have reported that common dense linear algebra operations do not
achieve speed up by using multiple geographical sites of a computational grid. Because …

Existing programming language access control frameworks do not meet the needs of all
software components. We propose an expressive framework for implementing access …

Motivated by the problem of understanding the difference between practical access control
and capability systems formally, we distill the essence of both in a language-based setting …

Robust modules guarantee to do only what they are supposed to do–even in the presence
of untrusted malicious clients, and considering not just the direct behaviour of individual …

Object capabilities are increasingly used to reason informally about the properties of secure
systems. But can capabilities also aid in formal reasoning? To answer this question, we …