Learn More
We address three common misconceptions about capability-based systems: the Equivalence Myth (access control list systems and capability systems are formally equivalent), the Confinement Myth (capability systems cannot enforce confinement), and the Irrevocability Myth (capability-based access cannot be revoked). The Equivalence Myth obscures the benefits of(More)
JavaScript is widely used to provide client-side functionality in Web applications. To provide services ranging from maps to advertisements , Web applications may incorporate untrusted JavaScript code from third parties. The trusted portion of each application may then expose an API to untrusted code, interposing a reference monitor that mediates access to(More)
Browsers do not currently support the secure sharing of JavaScript objects between principals. We present this problem as the need for object views, which are consistent and controllable versions of objects. Multiple views can be made for the same object and customized for the recipients. We implement object views with a JavaScript library that wraps shared(More)
Every novel cooperative arrangement of mutually suspicious parties interacting electronically — every smart contract — effectively requires a new cryptographic protocol. However, if every new contract requires new cryptographic protocol design, our dreams of cryptographically enabled electronic commerce would be unreachable. Cryptographic protocol design is(More)
Access control systems must be evaluated in part on how well they enable one to distribute the access rights needed for cooperation, while simultaneously limiting the propagation of rights which would create vulnerabilities. Analysis to date implicitly assumes access is controlled only by manipulating a system's protection state—the arrangement of the(More)
Proxies are a powerful approach to implement meta-objects in object-oriented languages without having to resort to metacircular interpretation. We introduce such a meta-level API based on proxies for Javascript. We simultaneously introduce a set of design principles that characterize such APIs in general, and compare similar APIs of other languages in terms(More)
The transport of flagellar precursors and removal of turnover products from the flagellar tip is mediated by intraflagellar transport (IFT) , which is essential for both flagellar assembly and maintenance . Large groups of IFT particles are moved from the flagellar base to the tip by kinesin-2, and smaller groups are returned to the base by cytoplasmic(More)
The Chlamydomonas anterograde intraflagellar transport motor, kinesin-2, is isolated as a heterotrimeric complex containing two motor subunits and a nonmotor subunit known as kinesin-associated polypeptide or KAP. One of the two motor subunits is encoded by the FLA10 gene. The sequence of the second motor subunit was obtained by mass spectrometry and(More)