Elementary Security in Erlang-OTP

Other texts I have reviewed: - “Thinking in Erlang” – version 0.9 dated January 31st, 2007, by Robert Baruch - “OTP Design Principles” – version 5.10.4,  http://www.erlang.org/doc/design_principles/users_guide.html  - “Making reliable distributed systems in the presence of software errors” - final version updated November 2003, by Joe Armstrong, http://www.sics.se/~joe/thesis/armstrong_thesis_2003.pdf - “Concurrent Programming in ERLANG”, second edition, … Continue reading Elementary Security in Erlang-OTP

Security and “Information Flow”

From the beginning of the Information “era” the Security disciplines already had the hierarchical imprint that is now current, centring it around the protection of “informational assets.” Although not directly relevant to the subject of Erlang Security, I want to quote here a paper by Bhavani Thuraisingham (MITRE Corporation) published in 1993 by the ACM. … Continue reading Security and “Information Flow”

Example of Oblivion

Similar to other papers I have seen  describing the advantages of Erlang and OTP,  the text titled “Sendmail Meets Erlang: Experiences Using Erlang for Email Applications”, by S.L.Fritchie, J.Larson, N.Christenson, D.Jones and L.Öhman – dated October 3, 2000) succeeds in forgetting everything related to Security. The authors describe a specific project focused on integrating diverse … Continue reading Example of Oblivion

Searching for “Erlang Security”

The search through the literature and Internet resources produces very few Security-related materials for the Erlang language or the Erlang-OTP platform. Nevertheless, it focuses our attention on what we expect to find. As I am considering Erlang primarily as a programming language, it is necessary to direct the search towards the attributes of secure computing. … Continue reading Searching for “Erlang Security”

“Talking to the outside world” – the UBF way

I’m progressing through the Erlang-related literature looking for everything relevant to Security. Today I have some comments about Joe Armstrong’s paper “Getting Erlang to talk to the outside world,” published in 2002. You can find it here: http://www.erlang.se/workshop/2002/Armstrong.pdf . There are also slides from a talk given by Armstrong the same year (here: http://www.sics.se/~joe/talks/pittsburgh_2002_ubf.pdf )  … Continue reading “Talking to the outside world” – the UBF way

Erlang Security: what is the matter?

What is it with Security objectives that we so frequently find them missing in Software design and development? Granted that not every software project should or must address security capabilities, it nevertheless seems interesting to point out the discontinuity that seems to exist between these disciplines. People who are active in either of these areas … Continue reading Erlang Security: what is the matter?

Against all Cyber wars (and the others)

Security professionals need to take a hard look at the “spirit of the times,” the ideological atmosphere that surrounds us and our clients, and take a step back. A most concerning part of the current scenario is that the presumptions around so-called “Cyber war” are taking hold, and slowly becoming part of “reality.” In general … Continue reading Against all Cyber wars (and the others)

False Trade-Off between Security and Freedom

It is extremely concerning to see political figures and even business leaders admonishing the general population of the Western countries stating that privacy and freedom need to be traded for “security.”  Democratic and civic principles are abandoned by those who should defend them and instead recommend their destruction for political ends. State bureaucrats improve even … Continue reading False Trade-Off between Security and Freedom

We are Persons and Citizens

Public and private actors are aligning largely into two camps in respect to the controversy generated after recent press and whistle-blower reports on mass surveillance and secret data mining. This alignment by no means is transparent, and many will be surprised to see that there are both liberal ("progressive") and conservative voices that don´t see "what the fuss is about." It is … Continue reading We are Persons and Citizens

The Cloud is (not) what I say it is (not)

The simplest way to appear “on top of your subject” is to avoid contradictions when you speak. It does not matter if you know your subject, for in a generalised Services Economy there are hardly any standards. When presenting something, just be consistent and utter tautological implications. For example: “We need a consistent plan to … Continue reading The Cloud is (not) what I say it is (not)

What IT does not do (never did, and never will)

In May 2003, Nicholas Carr predicted the end of Corporate Computing: "Something happened in the first years of the 20th century that would have seemed unthinkable just a few decades earlier: Manufacturers began to shut down and dismantle their waterwheels, steam engines and electric generators. They no longer had to run their own dynamos; they could … Continue reading What IT does not do (never did, and never will)