Proceedings of the 15th International Conference on Managed Languages &Amp; Runtimes - ManLang '18 2018
DOI: 10.1145/3237009.3237025
|View full text |Cite
|
Sign up to set email alerts
|

Guardia

Abstract: The complex architecture of browser technologies and dynamic characteristics of JavaScript make it difficult to ensure security in client-side web applications. Browser-level security policies alone are not sufficient because it is difficult to apply them correctly and they can be bypassed. As a result, they need to be completed by application-level security policies.In this paper, we survey existing solutions for specifying and enforcing application-level security policies for client-side web applications, an… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
6
0

Year Published

2019
2019
2023
2023

Publication Types

Select...
2
2
1

Relationship

1
4

Authors

Journals

citations
Cited by 5 publications
(6 citation statements)
references
References 21 publications
0
6
0
Order By: Relevance
“…JIPDA and the flow graphs it produces fulfill the assumptions discussed before. For RASP, we use a revised version of Guardia [41] for AC policies, which we load as a library before analysing a particular application.…”
Section: Discussionmentioning
confidence: 99%
See 4 more Smart Citations
“…JIPDA and the flow graphs it produces fulfill the assumptions discussed before. For RASP, we use a revised version of Guardia [41] for AC policies, which we load as a library before analysing a particular application.…”
Section: Discussionmentioning
confidence: 99%
“…In the context of security, some approaches [28,41,48] decouple policy specification from actual verification and enforcement through the use of some security policy language. However, this decoupling does not facilitate the development of complementary SAST and RASP tools, because any additional or reused implementation still faces the same aforementioned problems.…”
Section: Challenges For Rasp and Sast Integrationmentioning
confidence: 99%
See 3 more Smart Citations