Low-level object capabilities for formally watertight security. KU Leuven
Object capabilities (ocaps) are a technique for fine-grained privilege separation in programming languages, with applications in security and software engineering. Ocaps are practically used in high-level programming languages like JavaScript, but recently, there is also a renewed interest in capability machines: processors that apply ocaps at the low level of assembly languages (lowcaps). Security measures based on lowcaps offer the ...