Sandstorm Blog

Designing secure systems with Object-Capabilities, Python, and Cap'n Proto

By Nena Nguyen - 20 Jun 2016

At our Sandstorm meetup on June 16th, Sandstorm core dev Drew Fisher talked about an object-oriented programming inspired technique for designing secure systems called object-capability security.

Object-capability security is a technique for designing systems that lets us apply object-oriented design principles to security policies, reducing cognitive overhead and risk of errors that lead to vulnerabilities. In this talk, Drew explains capabilities, how they work, and what cool things they make possible for your systems, with real-world examples from Sandstorm.io.

Watch the full talk here:

To see the slides: http://zarvox.org/pycon2016-talk

To read more about capability-based security: https://sandstorm.io/how-it-works#capabilities

To read more on Cap’n Proto: https://capnproto.org/

We also have an upcoming meetup on July 19 where Asheesh is giving a talk entitled, “Web app packaging in Sandstorm: It’s not LAMP.” RethinkDB is kind enough to host our event at their office in Mountain View, and all are invited. Read the details & RSVP here.