Securing frame communication in browsers

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Securing frame communication in browsers

Full text

Digital Edition , Html

Html (3 KB), Pdf

Pdf (2.95 MB)

Source

Communications of the ACM archive
Volume 52 , Issue 6 (June 2009) table of contents
One Laptop Per Child: Vision vs. Reality

SECTION: Research highlights table of contents

Pages 83-91

Year of Publication: 2009

ISSN:0001-0782

Authors

Adam Barth	UC Berkeley
Collin Jackson	Stanford University
John C. Mitchell	Stanford University

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 46, Downloads (12 Months): 347, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1516046.1516066 What is a DOI?

ABSTRACT

Many Web sites embed third-party content in frames, relying on the browser's security policy to protect against malicious content. However, frames provide insufficient isolation in browsers that let framed content navigate other frames. We evaluate existing frame navigation policies and advocate a stricter policy, which we deploy in the open-source browsers. In addition to preventing undesirable interactions, the browser's strict isolation policy also affects communication between cooperating frames. We therefore analyze two techniques for interframe communication between isolated frames. The first method, fragment identifier messaging, initially provides confidentiality without authentication, which we repair using concepts from a well-known network protocol. The second method, <code>postMessage</code>, initially provides authentication, but we discover an attack that breaches confidentiality. We propose improvements in the <code>postMessage</code> API to provide confidentiality; our proposal has been standardized and adopted in browser implementations.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Burke, J. Cross domain frame communication with fragment identifiers. http://tagneto.blogspot.com/2006/06/cross-domain-frame-communication-with.html.
	2	Crockford, D. The <module> tag. http://www.json.org/module.html.
	3	Neil Daswani , Michael Stoppelman, The anatomy of Clickbot.A, Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets, p.11-11, April 10, 2007, Cambridge, MA
	4	Rachna Dhamija , J. D. Tygar , Marti Hearst, Why phishing works, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada [doi>10.1145/1124772.1124861]
	5	Eich, B. JavaScript: Mobility and ubiquity. http://kathrin.dagstuhl.de/files/Materials/07/07091/07091EichBrendan.Slides.pdf.
	6	Felten, E.W., Balfanz, D., Dean, D., Wallach, D.S. Web spoofing: An Internet con game. In Proceedings of the 20th National Information Systems Security Conference (1996).
	7	Guninski, G. Frame spoofing using loading two frames. Mozilla Bug 13871.
	8	Hickson, I. Re: A potential slight security enhancement to postMessage, Februrary 2008. http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2008-February/013949.html.
	9	Hickson, I. Re: HTML5 frame navigation policy, April 2008. http://lists.whatwg.org/pipermail/whatwg-whatwg.org/2008-April/014597.html.
	10	Hickson, I. et al. HTML 5 Working Draft, http://www.whatwg.org/specs/web-apps/current-work/.
	11	Jackson, C., Barth, A. Beware of finer-grained origins. In Proceedings of the Web 2.0 Security and Privacy (W2SP) (2008).
	12	Collin Jackson , Adam Barth , Andrew Bortz , Weidong Shao , Dan Boneh, Protecting browsers from dns rebinding attacks, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA [doi>10.1145/1315245.1315298]
	13	Collin Jackson , Helen J. Wang, Subspace: secure cross-domain communication for web mashups, Proceedings of the 16th international conference on World Wide Web, May 08-12, 2007, Banff, Alberta, Canada [doi>10.1145/1242572.1242655]
	14	Frederik De Keukelaere , Sumeer Bhola , Michael Steiner , Suresh Chari , Sachiko Yoshihama, SMash: secure component model for cross-domain mashups on unmodified browsers, Proceeding of the 17th international conference on World Wide Web, April 21-25, 2008, Beijing, China [doi>10.1145/1367497.1367570]
	15	Gavin Lowe, Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR, Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems, p.147-166, March 27-29, 1996
	16	Microsoft. SECURITY attribute (FRAME, IFRAME). http://msdn2.microsoft.com/en-us/library/ms534622(VS.85.)aspx.
	17	Roger M. Needham , Michael D. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM, v.21 n.12, p.993-999, Dec. 1978 [doi>10.1145/359657.359659]
	18	Ross, D., January 2008. Personal communication.
	19	Ruderman, J. JavaScript Security: Same Origin, http://www.mozilla.org/projects/security/components/same-origin.html.
	20	Stuttard, D., Pinto, M. The Web Application Hacker's Handbook. Wiley, 2007.
	21	Thorpe, D. Secure cross-domain communication in the browser. Archit. J. 12 (2007), 14--18.
	22	Helen J. Wang , Xiaofeng Fan , Jon Howell , Collin Jackson, Protection and communication abstractions for web browsers in MashupOS, Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles, October 14-17, 2007, Stevenson, Washington, USA