F-bounded polymorphism for object-oriented programming
FPCA '89 Proceedings of the fourth international conference on Functional programming languages and computer architecture
Extensible records in a pure calculus of subtyping
Theoretical aspects of object-oriented programming
ICALP '90 Proceedings of the 17th International Colloquium on Automata, Languages and Programming
Verified Interoperable Implementations of Security Protocols
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
BrowserShield: Vulnerability-driven filtering of dynamic HTML
ACM Transactions on the Web (TWEB)
Verifiable functional purity in java
Proceedings of the 15th ACM conference on Computer and communications security
Securing frame communication in browsers
SS'08 Proceedings of the 17th conference on Security symposium
Lightweight self-protecting JavaScript
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Symmetric Cryptography in Javascript
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
Object views: fine-grained sharing in browsers
Proceedings of the 19th international conference on World wide web
Isolating JavaScript with filters, rewriting, and wrappers
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
ConScript: Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Rootkits for JavaScript environments
WOOT'09 Proceedings of the 3rd USENIX conference on Offensive technologies
Automated Analysis of Security-Critical JavaScript APIs
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
How to Shop for Free Online -- Security Analysis of Cashier-as-a-Service Based Web Stores
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
ADsafety: type-based verification of JavaScript Sandboxing
SEC'11 Proceedings of the 20th USENIX conference on Security
Multiple facets for dynamic information flow
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
On the security of public key protocols
IEEE Transactions on Information Theory
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Jigsaw: efficient, low-effort mashup isolation
WebApps'12 Proceedings of the 3rd USENIX conference on Web Application Development
Information-Flow Security for a Core of JavaScript
CSF '12 Proceedings of the 2012 IEEE 25th Computer Security Foundations Symposium
Discovering Concrete Attacks on Website Authorization by Formal Analysis
CSF '12 Proceedings of the 2012 IEEE 25th Computer Security Foundations Symposium
On breaking SAML: be whoever you want to be
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Privilege separation in HTML5 applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Web-based attacks on host-proof encrypted storage
WOOT'12 Proceedings of the 6th USENIX conference on Offensive Technologies
FlowFox: a web browser with flexible and precise information flow control
Proceedings of the 2012 ACM conference on Computer and communications security
Fully abstract compilation to JavaScript
POPL '13 Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JavaSPI: A Framework for Security Protocol Implementation
International Journal of Secure Software Engineering
Keys to the cloud: formal analysis and concrete attacks on encrypted web storage
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
A trusted mechanised JavaScript specification
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Gradual typing embedded securely in JavaScript
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
| Hi-index | 0.00 |
We present new attacks and robust countermeasures for security-sensitive components, such as single sign-on APIs and client-side cryptographic libraries, that need to be safely deployed on untrusted web pages. We show how failing to isolate such components leaves them vulnerable to attacks both from the hosting website and other components running on the same page. These attacks are not prevented by browser security mechanisms alone, because they are caused by code interacting within the same origin. To mitigate these attacks, we propose to combine fine-grained component isolation at the JavaScript level with cryptographic mechanisms. We present Defensive JavaScript (DJS), a subset of the language that guarantees the behavior integrity of scripts even when loaded in a hostile environment. We give a sound type system, type inference tool, and build defensive libraries for cryptography and data encodings. We show the effectiveness of our solution by implementing several applications using defensive patterns that fix some of our original attacks. We present a model extraction tool to analyze the security properties of our applications using a cryptographic protocol verifier.