Language-Based Isolation of Untrusted JavaScript

Maffeis, Sergio; Taly, Ankur

doi:10.1109/csf.2009.11

Cited by 65 publications

(57 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our approach can be applied to other scenarios, such as the verification of isolation properties [9], where it could be used to derive mostly-static lightweight enforcement mechanisms from prior purely static specifications.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Hybrid Typing of Secure Information Flow in a JavaScript-Like Language

Santos

Jensen

Rezk

et al. 2016

Trustworthy Global Computing

View full text Add to dashboard Cite

Abstract. As JavaScript is highly dynamic by nature, static information flow analyses are often too coarse to deal with the dynamic constructs of the language. To cope with this challenge, we present and prove the soundness of a new hybrid typing analysis for securing information flow in a JavaScript-like language. Our analysis combines static and dynamic typing in order to avoid rejecting programs due to imprecise typing information. Program regions that cannot be precisely typed at static time are wrapped inside an internal boundary statement used by the semantics to interleave the execution of statically verified code with the execution of code that must be dynamically checked.

show abstract

Section: Discussionmentioning

confidence: 99%

“…In JavaScript, one can access a field f of an object o either by writing o.f or o [e], where e is an expression that dynamically evaluates to the string f. Dynamic computation of field names is one of the major sources of imprecision of static analyses for JavaScript [9].…”

Section: Introductionmentioning

confidence: 99%

Hybrid Typing of Secure Information Flow in a JavaScript-Like Language

Santos

Jensen

Rezk

et al. 2016

Trustworthy Global Computing

View full text Add to dashboard Cite

show abstract

“…Until recently, such content-rewriting was a dangerous proposition. In particular, Google [28], Yahoo [11], Facebook [13], and Microsoft [16] have all developed technology to constrain the effects of thirdparty web content such as advertisements; but the design of existing browser interfaces made those tools vulnerable to attack [26].…”

Section: Discussion and Limitationsmentioning

confidence: 99%

Hails: Protecting data privacy in untrusted web applications

Giffin

Levy

Stefan

et al. 2017

JCS

View full text Add to dashboard Cite

Modern extensible web platforms like Facebook and Yammer depend on third-party software to offer a rich experience to their users. Unfortunately, users running a third-party "app" have little control over what it does with their private data. Today's platforms offer only ad-hoc constraints on app behavior, leaving users an unfortunate trade-off between convenience and privacy. A principled approach to code confinement could allow the integration of untrusted code while enforcing flexible, end-to-end policies on data access. This paper presents a new web framework, Hails, that adds mandatory access control and a declarative policy language to the familiar MVC architecture. We demonstrate the flexibility of Hails through GitStar.com, a code-hosting website that enforces robust privacy policies on user data even while allowing untrusted apps to deliver extended features to users.

show abstract

“…Monitored code can attempt to replace the transformation function with, e.g., the identity function, i.e., this['trans'] = function(s){ return s }. We envisage a combination of our monitor with safe language subset and reference monitoring technology [27,7,11,22,21] to prevent operations that compromise the integrity of the monitor.…”

Section: Methodsmentioning

confidence: 99%

On-the-fly Inlining of Dynamic Security Monitors

Magazinius

Russo

Sabelfeld

2010

Security and Privacy – Silver Linings in the Cloud

View full text Add to dashboard Cite

Abstract. Language-based information-flow security considers programs that manipulate pieces of data at different sensitivity levels. Securing information flow in such programs remains an open challenge. Recently, considerable progress has been made on understanding dynamic monitoring for secure information flow. This paper presents a framework for inlining dynamic information-flow monitors. A novel feature of our framework is the ability to perform inlining on the fly. We consider a source language that includes dynamic code evaluation of strings whose content might not be known until runtime. To secure this construct, our inlining is done on the fly, at the string evaluation time, and, just like conventional offline inlining, requires no modification of the hosting runtime environment. We present a formalization for a simple language to show that the inlined code is secure: it satisfies a noninterference property. We also discuss practical considerations and preliminary experimental results.

show abstract

Language-Based Isolation of Untrusted JavaScript

Cited by 65 publications

References 11 publications

Hybrid Typing of Secure Information Flow in a JavaScript-Like Language

Hybrid Typing of Secure Information Flow in a JavaScript-Like Language

Hails: Protecting data privacy in untrusted web applications

On-the-fly Inlining of Dynamic Security Monitors

Contact Info

Product

Resources

About