Authentication in distributed systems: theory and practice
ACM Transactions on Computer Systems (TOCS)
Application performance and flexibility on exokernel systems
Proceedings of the sixteenth ACM symposium on Operating systems principles
The performance of μ-kernel-based systems
Proceedings of the sixteenth ACM symposium on Operating systems principles
The Java Language Specification
The Java Language Specification
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Proceedings of the 11th USENIX Security Symposium
The Confused Deputy: (or why capabilities might have been invented)
ACM SIGOPS Operating Systems Review
Brook for GPUs: stream computing on graphics hardware
ACM SIGGRAPH 2004 Papers
The battle against phishing: Dynamic Security Skins
SOUPS '05 Proceedings of the 2005 symposium on Usable privacy and security
A Nitpicker's guide to a minimal-complexity secure GUI
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
A Safety-Oriented Platform for Web Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Puppetnets: misusing web browsers as a distributed attack infrastructure
Proceedings of the 13th ACM conference on Computer and communications security
Slinky: static linking reloaded
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Design of the EROS trusted window system
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
The Emperor's New Security Indicators
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Protection and communication abstractions for web browsers in MashupOS
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
MashupOS: operating system abstractions for client mashups
HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
Secure Web Browsing with the OP Web Browser
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Communications of the ACM
Accountable internet protocol (aip)
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Robust defenses for cross-site request forgery
Proceedings of the 15th ACM conference on Computer and communications security
TrInc: small trusted hardware for large distributed systems
NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Native Client: A Sandbox for Portable, Untrusted x86 Native Code
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Proceedings of the 19th international conference on Parallel architectures and compilation techniques
Convergence of desktop and web applications on a multi-service OS
HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
Difference engine: harnessing memory redundancy in virtual machines
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Leveraging legacy code to deploy desktop applications on the web
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
The multi-principal OS construction of the gazelle web browser
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Trust and protection in the Illinois browser operating system
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Rethinking the library OS from the top down
Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Memoir: Practical State Continuity for Protected Modules
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Atlantis: robust, extensible execution environments for web applications
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
The web interface should be radically refactored
Proceedings of the 10th ACM Workshop on Hot Topics in Networks
User-Driven Access Control: Rethinking Permission Granting in Modern Operating Systems
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
A conundrum of permissions: installing applications on an android smartphone
FC'12 Proceedings of the 16th international conference on Financial Cryptography and Data Security
πBox: a platform for privacy-preserving apps
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Content-based isolation: rethinking isolation policy design on client systems
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
How to run POSIX apps in a minimal picoprocess
USENIX ATC'13 Proceedings of the 2013 USENIX conference on Annual Technical Conference
| Hi-index | 0.00 |
Web browsers ostensibly provide strong isolation for the client-side components of web applications. Unfortunately, this isolation is weak in practice; as browsers add increasingly rich APIs to please developers, these complex interfaces bloat the trusted computing base and erode cross-app isolation boundaries. We reenvision the web interface based on the notion of a pico-datacenter, the client-side version of a shared server datacenter. Mutually untrusting vendors run their code on the user's computer in low-level native code containers that communicate with the outside world only via IP. Just as in the cloud datacenter, the simple semantics makes isolation tractable, yet native code gives vendors the freedom to run any software stack. Since the datacenter model is designed to be robust to malicious tenants, it is never dangerous for the user to click a link and invite a possibly-hostile party onto the client.