An architecture for enforcing end-to-end access control over web applications

Authors:
Boniface Hicks;Sandra Rueda;Dave King;Thomas Moyer;Joshua Schiffman;Yogesh Sreenivasan;Patrick McDaniel;Trent Jaeger
Affiliations:
Saint Vincent College, Latrobe, PA, USA;The Pennsylvania State University, University Park, PA, USA;The Pennsylvania State University, University Park, PA, USA;The Pennsylvania State University, University Park, PA, USA;The Pennsylvania State University, University Park, PA, USA;The Pennsylvania State University, University Park, PA, USA;The Pennsylvania State University, University Park, PA, USA;The Pennsylvania State University, University Park, PA, USA
Venue:
Proceedings of the 15th ACM symposium on Access control models and technologies
Year:
2010

Citing 18
Cited 6

Protection in operating systems

Communications of the ACM
Xen and the art of virtualization

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
A Proposal and Implementation of Automatic Detection/Collection System for Cross-Site Scripting Vulnerability

AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
Building a MAC-Based Security Architecture for the Xen Open-Source Hypervisor

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
A Safety-Oriented Platform for Web Applications

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Protecting browser state from web privacy attacks

Proceedings of the 15th international conference on World Wide Web
JavaScript instrumentation for browser security

Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Defeating script injection attacks with browser-enforced embedded policies

Proceedings of the 16th international conference on World Wide Web
Subspace: secure cross-domain communication for web mashups

Proceedings of the 16th international conference on World Wide Web
BrowserShield: vulnerability-driven filtering of dynamic HTML

OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
An analysis of browser domain-isolation bugs and a light-weight transparent defense mechanism

Proceedings of the 14th ACM conference on Computer and communications security
MashupOS: operating system abstractions for client mashups

HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
From trusted to secure: building and executing applications that enforce system security

ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Securing distributed systems with information flow control

NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Secure Web Browsing with the OP Web Browser

SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Robust defenses for cross-site request forgery

Proceedings of the 15th ACM conference on Computer and communications security
SOMA: mutual approval for included content in web pages

Proceedings of the 15th ACM conference on Computer and communications security
OMOS: A Framework for Secure Communication in Mashup Applications

ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference

An integrated approach for identity and access management in a SOA context

Proceedings of the 16th ACM symposium on Access control models and technologies
Enhancing accountability of electronic health record usage via patient-centric monitoring

Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Scalable integrity-guaranteed AJAX

APWeb'12 Proceedings of the 14th Asia-Pacific international conference on Web Technologies and Applications
Transforming commodity security policies to enforce Clark-Wilson integrity

Proceedings of the 28th Annual Computer Security Applications Conference
Protecting sensitive web content from client-side vulnerabilities with CRYPTONS

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Auto-FBI: a user-friendly approach for secure access to sensitive content on the web

Proceedings of the 29th Annual Computer Security Applications Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

The web is now being used as a general platform for hosting distributed applications like wikis, bulletin board messaging systems and collaborative editing environments. Data from multiple applications originating at multiple sources all intermix in a single web browser, making sensitive data stored in the browser subject to a broad milieu of attacks (cross-site scripting, cross-site request forgery and others). The fundamental problem is that existing web infrastructure provides no means for enforcing end-to-end security on data. To solve this we design an architecture using mandatory access control (MAC) enforcement. We overcome the limitations of traditional MAC systems, implemented solely at the operating system layer, by unifying MAC enforcement across virtual machine, operating system, networking and application layers. We implement our architecture using Xen virtual machine management, SELinux at the operating system layer, labeled IPsec for networking and our own label-enforcing web browser, called FlowwolF. We tested our implementation and find that it performs well, supporting data intermixing while still providing end-to-end security guarantees.