Crema - A LangSec Inspired Language
Offered By: YouTube
Course Description
Overview
Explore a LangSec-inspired language called Crema in this BSidesLV 2015 conference talk. Delve into the principles of Language-theoretic Security (LangSec) and its application in creating more secure systems. Learn about the concept of least computational privilege, sub-Turing execution, and the importance of language limitations in security. Examine a sample Crema program and understand its potential applications in real-world scenarios, such as improving the security of email systems like QMail and Sendmail. Discover the future work planned for Crema, including formal modeling and JIT unrolling. Gain insights into how Crema could be embedded in programs to enhance security and explore various use-cases for this innovative language.
Syllabus
Intro
Outline
Thesis
Some Definitions (cont.)
What is LangSec
Ok... What...
LangSec Perspective
Data Drives Execution
The Gap
The Angle
Least Computational Privilege
Sub-Turing Execution
Peter Pan of Programming
A Sub-Turing Language
Language Limitations
Language Fundamentals
Sample Crema Program
Future Work
Formal Model
Forward-only Execution
JIT Unrolling
Embedding Crema in Programs
QMail
Mark Dowd's Sendmail Bug
How Crema Could Help
Use-cases
Wrap-up
Questions?
Related Courses
Software as a ServiceUniversity of California, Berkeley via Coursera Software Testing
University of Utah via Udacity The Hardware/Software Interface
University of Washington via Coursera Software Debugging
Saarland University via Udacity Introduction to Systematic Program Design - Part 1
The University of British Columbia via Coursera