Toolglass and magic lenses: the see-through interface
SIGGRAPH '93 Proceedings of the 20th annual conference on Computer graphics and interactive techniques
Systematic output modification in a 2D user interface toolkit
Proceedings of the 10th annual ACM symposium on User interface software and technology
Past, present, and future of user interface software tools
ACM Transactions on Computer-Human Interaction (TOCHI) - Special issue on human-computer interaction in the new millennium, Part 1
Capability-Based Computer Systems
Capability-Based Computer Systems
Extensible input handling in the subArctic toolkit
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A Safety-Oriented Platform for Web Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Making mashups with marmite: towards end-user programming for the web
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
The Emperor's New Security Indicators
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Programming by a sample: rapidly creating web applications with d.mix
Proceedings of the 20th annual ACM symposium on User interface software and technology
Evaluating user interface systems research
Proceedings of the 20th annual ACM symposium on User interface software and technology
You've been warned: an empirical study of the effectiveness of web browser phishing warnings
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
End-user programming of mashups with vegemite
Proceedings of the 14th international conference on Intelligent user interfaces
Isolating web programs in modern browser architectures
Proceedings of the 4th ACM European conference on Computer systems
Visual vs. compact: a comparison of privacy policy interfaces
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Prefab: implementing advanced behaviors using pixel-based reverse engineering of interface structure
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Proceedings of the Sixth Symposium on Usable Privacy and Security
Bootstrapping Trust in Commodity Computers
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Convergence of desktop and web applications on a multi-service OS
HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
Crying wolf: an empirical study of SSL warning effectiveness
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
The multi-principal OS construction of the gazelle web browser
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Quire: lightweight provenance for smart phone operating systems
SEC'11 Proceedings of the 20th USENIX conference on Security
Cracking the cocoa nut: user interface programming at runtime
Proceedings of the 24th annual ACM symposium on User interface software and technology
Unsafe exposure analysis of mobile in-app advertisements
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
Privacy-aware shared UI toolkit for nomadic environments
Software—Practice & Experience
User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Securing embedded user interfaces: Android and beyond
SEC'13 Proceedings of the 22nd USENIX conference on Security
| Hi-index | 0.00 |
User interface toolkit research has traditionally assumed that developers have full control of an interface. This assumption is challenged by the mashup nature of many modern interfaces, in which different portions of a single interface are implemented by multiple, potentially mutually distrusting developers (e.g., an Android application embedding a third-party advertisement). We propose considering security as a primary goal for user interface toolkits. We motivate the need for security at this level by examining today's mashup scenarios, in which security and interface flexibility are not simultaneously achieved. We describe a security-aware user interface toolkit architecture that secures interface elements while providing developers with the flexibility and expressivity traditionally desired in a user interface toolkit. By challenging trust assumptions inherent in existing approaches, this architecture effectively addresses important interface-level security concerns.