Comment Re:Snakeoil (Score 1) 216
Yes, just think how secure our systems would be if only we'd stayed with assembly (or machine language) so that programmers didn't get soft and lazy working in C...
Comment Re:I don't see it working for long. (Score 1) 216
Isn't that partly just because the Unix permissions are too coarse to say what you really meant? Not clear this experience applies to a system that gives you better control over what you are sharing and better support (e.g., mandatory controls/information flow) for figuring out whether the policies are consistent with each other.
Comment Re:Tall statement (Score 1) 216
One of the nice things about Fabric is that it does seem to make programming easier in some ways, even if it makes it harder in others. For example, persistent and distributed data can be accessed as easily as regular language objects. That rips out a whole layer or two of crud that exists in a lot of applications now.
Comment Not really a Java module (Score 1) 216
They built the system on top of Java, and the language is similar to Java, but it is not really Java. It doesn't expose that much of Java and it has its own protocols for security policies, communication, serialization, and persistence. It looks like a node of Fabric could be implemented without using Java or the JVM at all.
New Programming Language Weaves Security Into Code 216
Ponca City writes "Until now, computer security has been reactive. 'Our defenses improve only after they have been successfully penetrated,' says security expert Fred Schneider. But now Dr. Dobb's reports that researchers at Cornell are developing a programming platform called 'Fabric,' an extension to the Java language that builds security into a program as it is written. Fabric is designed to create secure systems for distributed computing, where many interconnected nodes — not all of them necessarily trustworthy — are involved, as in systems that move money around or maintain medical records. Everything in Fabric is an 'object' labeled with a set of policies on how and by whom data can be accessed and what operations can be performed on it. Even blocks of program code have built-in policies about when and where they can be run. The compiler enforces the security policies and will not allow the programmer to write insecure code (PDF). The initial release of Fabric is now available at the Cornell website."
Submission + - New Programming Language Weaves Security Into Code
Ponca City writes: "Until now, computer security has been reactive. "Our defenses improve only after they have been successfully penetrated," says security expert Fred Schneider. But now Dr. Dobbs reports that researchers at Cornell are developing a programming platform called "Fabric," an extension to the Java language, that builds security into a program as it is written. Fabric is designed to create secure systems for distributed computing, where many interconnected nodes — not all of them necessarily trustworthy — are involved, as in systems that move money around or maintain medical records. Everything in Fabric is an "object" labeled with a set of policies on how and by whom data can be accessed and what operations can be performed on it. Even blocks of program code have built-in policies about when and where they can be run. The compiler that turns the programmer's code into an executable program enforces the security policies and will not allow the programmer to write insecure code (PDF). While your medical record, for example, could be seen entirely by your doctor, your physical therapist might be able to see only the doctor's prescription for your therapy, and your insurance company could see only the charges. "It's a paradigm shift," says Andrew Myers. "By making security policies part of the process of building software, we can make it much easier to build secure systems." The initial release of Fabric is now available at the Cornell website."
Slashdot Top Deals
Why be a man when you can be a success? -- Bertolt Brecht
