Google Tech Talk
March 11, 2010
ABSTRACT
Presented by Marc Stiegler.
This presentation starts with a simple block of code written by the Lazy Programmer, to observe how laziness made the code more compact and simpler. We then define the Principle of Least Authority(POLA), and explain why it is a best practice for secure programming. We show how laziness in that first example enabled enforcement of POLA. We then put the Lazy Programmer through a series of increasingly more difficult tasks as management attempts to make the Lazy Programmer work hard. To achieve maximum laziness, the Lazy Programmer is driven toward increasingly more modular, encapsulating OO designs that happen to implement POLA; ultimately compelled to build systems with defense in depth to avoid work. A secret truth is thus revealed: lazy OO programmers have been using secure techniques for decades, if only they had known. We then describe the tools that turn laziness into correctly enforced security for JavaScript, Java, and distributed computing.
Marc Stiegler is a researcher at Hewlett-Packard Labs who has written "Introduction to Capability Based Security," and designed CapDesk and Polaris, a windows overlay that isolates applications from one another to allow virus safe computing.
Introducing The Veterans Job Bank
11/7/11: White House Press Briefing
President Obama's Press Conference on the G20 Summit
President Obama Speaks About the US-France Alliance
President Obama's Bilateral Meeting with President Cristina Fernandez de Kirchner of Argentina
Weekly Address: We Have to Increase the Pace
President's Management Advisory Board Session II
President's Management Advisory Board Session I
Why We Can't Wait to Invest in Our Infrastructure
Advise the Advisor: Nancy-Ann DeParle
Ren McCormack: A Time to Dance
Maid of Honor: Best Wedding Speech Ever
Amy Poehler: 2011 Commencement Address at the Harvard University
Ray Lewis: Elon Football Team Pregame Speech
Martin Luther King Jr.: We Shall Overcome
Ali G: Ali G's Harvard Graduation Speech
Maximus Decimus Meridius: My Name is Maximus
Gordon Gekko: Greed is Good
Best Man: Funny Best Man Speech
Favorite:
0
0