SMash

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

SMash: secure component model for cross-domain mashups on unmodified browsers

Full text

Pdf (414 KB)

Source

International World Wide Web Conference archive
Proceeding of the 17th international conference on World Wide Web table of contents

Beijing, China

SESSION: Security II: web client security table of contents

Pages 535-544

Year of Publication: 2008

ISBN:978-1-60558-085-2

Authors

Frederik De Keukelaere	IBM Tokyo Research Laboratory, Yamato, Japan
Sumeer Bhola	IBM T. J. Watson Research Center, Hawthorne, NY, USA
Michael Steiner	IBM T. J. Watson Research Center, Hawthorne, NY, USA
Suresh Chari	IBM T. J. Watson Research Center, Hawthorne, NY, USA
Sachiko Yoshihama	IBM Tokyo Research Laboratory, Yamato, Japan

Sponsor

ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 35, Downloads (12 Months): 239, Citation Count: 6

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1367497.1367570 What is a DOI?

ABSTRACT

Mashup applications mix and merge content (data and code) from multiple content providers in a user's browser, to provide high-value web applications that can rival the user experience provided by desktop applications. Current browser security models were not designed to support such applications and they are therefore implemented with insecure workarounds. In this paper, we present a secure component model, where components are provided by different trust domains, and can interact using a communication abstraction that allows ease of specification of a security policy. We have developed an implementation of this model that works currently in all major browsers, and addresses challenges of communication integrity and frame-phishing. An evaluation of the performance of our implementation shows that this approach is not just feasible but also practical.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	OpenAjax Alliance Open Source Project. http://openajaxallianc.sourceforge.net.
	2	A. Barth and C. Jackson. Protecting browsers from frame hijacking attacks. http://crypto.stanford.edu/frames/.
	3	M. Y. Becker, C. Fournet, and A. D. Gordon. SecPAL: Design and semantics of a decentralized authorization language. Technical Report MSR-TR-2006-120, Microsoft Research, Sept. 2006.
	4	J. Burke. Cross domain frame communication with fragment identifiers. http://tagneto.blogspot.com/2006/06/cross-domain-frame-communication-with.html, June 2006.
	5	D. Crockford. The (module) tag. http://www.json.org/module.html, Oct. 2006.
	6	Rachna Dhamija , J. D. Tygar , Marti Hearst, Why phishing works, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada [doi>10.1145/1124772.1124861]
	7	Dojo Foundation. Dojo javascript toolkit. http://www.dojotoolkit.org/.
	8	Google. Gadget-to-gadget communication. http://www.google.com/apis/gadgets/pubsub.html.
	9	Google. Google account authentication (AuthSub). http://code.google.com/apis/accounts/AuthForWebApps.html.
	10	I. Hickson (Editor). HTML 5. Technical report, Web Hypertext Application Technology Working Group HTML 5, 2007. Working Draft, http://www.whatwg.org/specs/web-apps/current-work.
	11	Jon Howell , Collin Jackson , Helen J. Wang , Xiaofeng Fan, MashupOS: operating system abstractions for client mashups, Proceedings of the 11th USENIX workshop on Hot topics in operating systems, p.1-7, May 07-09, 2007, San Diego, CA
	12	Collin Jackson , Helen J. Wang, Subspace: secure cross-domain communication for web mashups, Proceedings of the 16th international conference on World Wide Web, May 08-12, 2007, Banff, Alberta, Canada [doi>10.1145/1242572.1242655]
	13	G. Lee. Personal communication on XDDE. http://www.openspot.com, 2007.
	14	B. McLaughlin. Mastering Ajax. IBM developerWorks, 2005 - 2007. http://www-128.ibm.com/developerworks/views/web/libraryview.jsp?search_by=Mastering+Ajax+Part.
	15	Microsoft. Windows cardspace. http://cardspace.netfx3.com, http://www.identityblog.com.
	16	M. S. Miller, M. Samuel, B. Laurie, I. Awad, and M. Stay. Caja - safe active content in sanitized Javascript. http://google-caja.googlecode.com/files/caja-spec-2007-10-11.pdf, Oct. 2007.
	17	Mozilla.org. The same origin policy. http://www.mozilla.org/projects/security/components/same-origin.html.
	18	D. L. Parnas, On the criteria to be used in decomposing systems into modules, Communications of the ACM, v.15 n.12, p.1053-1058, Dec. 1972 [doi>10.1145/361598.361623]
	19	D. Raggett, H. Le Arnaud, and I. Jacobs (Editors). HyperText Markup Language (HTML). W3C Recommendation 4.01, W3C, Dec, Dec. 1999.
	20	Charles Reis , John Dunagan , Helen J. Wang , Opher Dubrovsky , Saher Esmeir, BrowserShield: vulnerability-driven filtering of dynamic HTML, Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation, p.5-5, November 06-08, 2006, Seattle, WA
	21	A. Russel, D. Davis, G. Wilkins, and M. Nesbitt. Bayeux protocol. Technical Report 1.0draft0, Dojo Foundation, 2007.
	22	J. H. Saltzer and M. D. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278--1308, Sept. 1975.
	23	K. Spett. Cross-site scripting - are your web applications vulnerable? Technical report, SPI Dynamics, 2005. http://www.spidynamics.com/whitepapers/SPIcross-sitescripting.pdf.
	24	Teknikill, Shadowcat Systems, and SitePen, Inc. Cometd. http://www.cometd.com/.
	25	K. Vikram and M. Steiner. Mashup component isolation via server-side analysis and instrumentation. In Web 2.0 Security & Privacy Workshop. IEEE Computer Society, Technical Committee on Security and Privacy, 2007.
	26	World Wide Web Consortium. Document Object Model. http://www.w3.org/DOM/.
	27	Yahoo! Browser-based authentication (BBAuth). http://developer.yahoo.com/auth/.
	28	Ka-Ping Yee , Kragen Sitaker, Passpet: convenient password management and phishing protection, Proceedings of the second symposium on Usable privacy and security, July 12-14, 2006, Pittsburgh, Pennsylvania [doi>10.1145/1143120.1143126]
	29	Dachuan Yu , Ajay Chander , Nayeem Islam , Igor Serikov, JavaScript instrumentation for browser security, Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages, January 17-19, 2007, Nice, France
	30	K. Zyp. CrossSafe. http://code.google.com/p/crosssafe/.

CITED BY 6

	Steven Crites , Francis Hsu , Hao Chen, OMash: enabling secure web mashups via object abstractions, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
	Adam Barth , Collin Jackson , John C. Mitchell, Securing frame communication in browsers, Proceedings of the 17th conference on Security symposium, p.17-30, July 28-August 01, 2008, San Jose, CA
	Serge Abiteboul , Ohad Greenshpan , Tova Milo, Modeling the mashup space, Proceeding of the 10th ACM workshop on Web information and data management, October 30-30, 2008, Napa Valley, California, USA
	Michiaki Tatsubori , Toyotaro Suzumura, HTML templates that fly: a template engine approach to automated offloading from server to client, Proceedings of the 18th international conference on World wide web, April 20-24, 2009, Madrid, Spain
	Tommi Mikkonen , Antero Taivalsaari, Creating a mobile web application platform: the lively kernel experiences, Proceedings of the 2009 ACM symposium on Applied Computing, March 08-12, 2009, Honolulu, Hawaii
	Adam Barth , Collin Jackson , John C. Mitchell, Securing frame communication in browsers, Communications of the ACM, v.52 n.6, June 2009