Mark S Miller

Learn More
We address three common misconceptions about capability-based systems: the Equivalence Myth (access control list systems and capability systems are formally equivalent), the Confinement Myth (capability systems cannot enforce confinement), and the Irrevocability Myth (capability-based access cannot be revoked). The Equivalence Myth obscures the benefits of(More)
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to(More)
We are developing Polaris, an environment for running unmodified Microsoft Windows applications that protects users from viruses and spyware while keeping the user experience as smooth and unchanged as possible. The design philosophy underlying Polaris is the principle of least authority, but it is built on Microsoft Windows, an operating system that(More)
  • 1