Combex Home Page

Narrated Introductions To Capability Security

The links below will take you to a series of narrated presentations about capability security, on the desktop, in distributed systems, and in peer-to-peer applications. These presentations are designed to show what capability security looks like from a user perspective; for more technical discussion, see the Introduction to Capability Based Security, the ERights Home Page, and the Combex Home Page.

All the demonstrations here have been written using the E Programming Platform, a capability secure programming language specifically designed for high-speed construction of robustly secure distributed systems. For more information about E's high-productivity potential for developing your own secure distributed applications, see E in a Walnut.

If you have PowerPoint, the PowerPoint version of the slide show will run automatically when you click the link. If you choose the HTML pages, you will have to click the individual links to travel through the slides. The videos require either a Windows operating system, to run the prepackaged executable movie, or a QuickTime player (on Linux, xanim works fine). Because even the smallest multimedia presentations are much larger than simple HTML pages, unless you have a fast connection to the Web, it will take a few moments to start these presentations as data is downloaded for playback.

If you have any questions about these presentations, or problems running these presentations, please email Marc Stiegler.

Executive Summary

The basic intro takes seven minutes to walk through; the whole series of intros takes about 20 minutes. If this is more time than you can afford, read the Executive Summary, which lists the six most crucial points that are detailed and explained in the main presentations.

Basic Introduction to Capability Security For Users:

This presentation explains the fundamental reason why computer security cannot be achieved by the crazyquilt of current-day security technologies. It goes on to explain at a high level how it is possible, once you step into the right paradigm, to achieve true secure computing without impossible-to-remember passwords, annoying dialog boxes, or complicated firewalls. The presentation uses the CapDesk capability secure desktop, and the DarpaBrowser capability confined web browser, as examples.

See the show:

CapDesk Video

This companion video to the Basic Introduction shows CapDesk performing the feats of secure, powerful, easy-to-use computing described in the intro

DarpaBrowser Video

This companion video to the Basic Introduction shows the DarpaBrowser performing the feats of secure, powerful, easy-to-use computing described in the intro.

Security Technology Comparison

This presentation compares a variety of popular computer security technologies to see if any of them have any real merit

Capability Secure Distributed File Management

CapDesk was first created for secure distributed file management for a small consulting company that maintained confidential information for several Fortune 500 companies. CapDesk enables easy-to-use peer-to-peer sharing of fine-grain read/edit authorities over file subsystems, becoming the basis for ad hoc virtual private networks among teams of people who share only limited trust (the kind of trust shared by people who are working together but who are employed by different companies, for example).

Capability Secure Instant Messaging

The eChat instant messaging system is easy to use yet supplies the kind of security required for professional handling of sensitive data. One of the interesting features of eChat is that it is only five pages of code when written in E, and is actually used as one of the first tutorial examples when training new E programmers. As a consequence of both its simplicity and the high-speed productivity possible, E and eChat are natural components for building customized secure distributed applications.

Using traditional software in a capability secure environment

Using virtual machine technology and CapDesk distributed file management, you can use traditional non-capability applications with minimized risk of compromise by cyberattack.

Putting it all together

Using capability secure distributed file management with CapDesk, capability secure instant messaging with eChat, and virtual compartments, this video shows how these parts interact together to give you power, flexibility, and security, all at the same time.