Foundations of Web Script Security

نویسنده

  • Aaron Bohannon
چکیده

FOUNDATIONS OF WEB SCRIPT SECURITY Aaron Bohannon Benjamin C. Pierce A web browser works with data and scripts from different sources, and these sources are not all trusted equally by the user of the browser. This fact requires web browser designers to take special care in order to keep information secure within the browser: data from one source should not be stolen or corrupted by a script from another source. This aspect of web browser design is what we will call web script security. The effectiveness of security checks designed to enforce web script security must ultimately be judged in terms of their effect on the outwardly visible behavior of the browser. In light of this fact, this dissertation defines a policy for web script security to refer to a logical constraint on a browser’s behavior, stated exclusively in terms of the aspects that are outwardly visible, either to the network or to the user. Such end-to-end policies are naturally appealing. However, there is a reason they are rarely used for real-world systems: it is usually very unclear how to write down precise, flexible security policies of this sort. Supposing that one could write down such policies for web script security, a second obstacle would then arise: the problem of drawing a precise connection between such end-to-end policies and the security mechanisms that one would actually implement in a browser. This dissertation demonstrates that such information security policies for web browsers can in fact be written down—precisely and without reference to security enforcement mechanisms implemented inside the browser. Moreover, the mechanisms for enforcing those policies can be designed and formally proved correct within mathematical models of web browsers that are detailed enough to capture the inherent complexities of the domain. This dissertation supports these claims by (1) introducing mathematical tools for stating and proving end-to-end information security properties for software systems that are driven by buffered, asynchronous I/O; (2) introducing a particular mathematical model of a web browser that is accompanied by a security policy for confidentiality and is equipped with security mechanisms intended to enforce the policy; and (3) offering a proof that the security mechanisms in the model do enforce the policy, a proof which has been mechanized and verified in the Coq proof assistant.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Information-flow security for JavaScript and its APIs

JavaScript drives the evolution of the web into a powerful application platform. Increasingly, web applications combine services from different providers. The script inclusion mechanism routinely turns barebone web pages into full-fledged services built up from third-party code. Script inclusion poses a challenge of ensuring that the integrated third-party code respects security and privacy. Th...

متن کامل

Web Application Security—Past, Present, and Future *

Web application security remains a major roadblock to universal acceptance of the Web for many kinds of online transactions, especially since the recent sharp increase in remotely exploitable vulnerabilities has been attributed to Web application bugs. In software engineering, software testing is an established and well-researched process for improving software quality. Recently formal verifica...

متن کامل

Securing Script-Based Extensibility in Web Browsers

Web browsers are increasingly designed to be extensible to keep up with the Web’s rapid pace of change. This extensibility is typically implemented using script-based extensions. Script extensions have access to sensitive browser APIs and content from untrusted web pages. Unfortunately, this powerful combination creates the threat of privilege escalation attacks that grant web page scripts the ...

متن کامل

Client-side cross-site scripting protection

Web applications are becoming the dominant way to provide access to online services. At the same time, web application vulnerabilities are being discovered and disclosed at an alarming rate. Web applications often make use of JavaScript code that is embedded into web pages to support dynamic client-side behavior. This script code is executed in the context of the user’s web browser. To protect ...

متن کامل

Defeating Cyber Attacks Due to Script Injection

Offensive operations have been promoted by the aggressors using computer as a tool or target, resulting, a cyber attack in web-applications of an organization or the infrastructure of entire nation. Depending upon the attacker’s target, one can classify some of the mostly occurred cyber attacks into five broad categories. It reports some of the common methods adopted in conducting these attacks...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2012