ZAC: Access Control in JavaScript
نویسندگان
چکیده
ZAC is a practical lightweight library for access control in JavaScript based on aspect orientation. The ZAC access control architecture is stack-based, very similar to the ones of Java and C#. However, ZAC integrates other interesting features for more expressive access control. First, access control policies can be enforced at the level of objects, which permits more fine-grained control over the access to resources. Second, policies in ZAC can base their decisions on the execution history of scripts, which permits to express policies that are impossible to define using other models, such as bounded-time execution.
منابع مشابه
Flexible Access Control for JavaScript pdfauthor=Richards, Hammer, Zappa Nardelli, Jagannathan, Vitek
Providing security guarantees for systems built out of untrusted components requires the ability to define and enforce access control policies over untrusted code. In Web 2.0 applications, JavaScript code from different origins is often combined on a single page, leading to well-known vulnerabilities. We present a security infrastructure which allows users and content providers to specify acces...
متن کاملCross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense
We identify a class of Web browser implementation vulnerabilities, cross-origin JavaScript capability leaks, which occur when the browser leaks a JavaScript pointer from one security origin to another. We devise an algorithm for detecting these vulnerabilities by monitoring the “points-to” relation of the JavaScript heap. Our algorithm finds a number of new vulnerabilities in the opensource Web...
متن کاملAccess Control to Prevent Malicious JavaScript Code Exploiting Vulnerabilities of WebView in Android OS
Android applications that using WebView can load and display web pages. Interaction with web pages allows JavaScript code within the web pages to access resources on the Android device by using the Java object, which is registered into WebView. If this WebView feature were exploited by an attacker, JavaScript code could be used to launch attacks, such as stealing from or tampering personal info...
متن کاملA Survey of Object Oriented JavaScript Language
Many of the programmers move towards object oriented programming languages due to its reusability nature, whereas in procedural programming languages reusability is not allowed, which may contribute to the high cost of development. Most of web browsers make use of JavaScript as a user interactive program that is a client side program due to its active nature. In the client side programming it i...
متن کاملEffects of in ovo Injection of Zinc Acetate on some Gene Expression Associated with Embryonic Growth and Development, and with Growth and Carcass Characteristics of the Resultant Chicks
This study was conducted in two steps to determine the effects of in ovo injection of zinc acetate (ZAC) on some gene expression associated with embryonic growth and development, and with growth and carcass characteristics of the resultant chicks. In the first step the effect of in ovo injectionofZAC on the expression of insulin-like growth factors (IGFs:IGF-I and IGF-I), myog...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2010