Designing secure systems with Object-Capabilities­, Python, and Cap'n Proto

Join us for a talk from Sandstorm core dev Drew Fisher about an object-oriented programming inspired technique for designing secure systems called object-capability security. This is a cooperative Meetup with the Sandstorm.io Meetup; RSVP here or on their Meetup group (https://www.meetup.com/Sandstorm-SF-Bay-Area/events/231065150/). The event is based on a talk by Drew Fisher at PyCon (https://us.pycon.org/2016/schedule/presentation/2248/).

Drew's talk will be followed by a Q&A session with opportunities to chat with Sandstorm's community before and after.

Designing secure systems with Object-Capabilities, Python, and Cap'n Proto by Drew Fisher.

Object-capability security is a technique for designing systems that lets us apply object-oriented design principles to security policies, reducing cognitive overhead and risk of errors that lead to vulnerabilities. In this talk, Drew will explain capabilities, how they work, and what cool things they make possible for your systems, with real-world examples from Sandstorm.io.

This talk will demonstrate implementing a trivial remote 4-function calculator server with pycapnp (a library which provides Python bindings for Cap'n Proto (https://capnproto.org/)), and then show how you might implement more complicated services, like the ones we use in Sandstorm.io (https://sandstorm.io/) for file access and HTTP.

To read more about capability-based security: https://sandstorm.io/how-it-works#capabilities

To read more on Cap'n Proto: https://capnproto.org/

Hope to see you there!

Schedule:

6:00PM - Dinner and socializing
7:30PM - Featured talk by Drew Fisher
7:50PM - Q&A
9:30PM - Venue closes