CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

Information-flow security for a core of JavaScript

Daniel Hedin (Institutionen för data- och informationsteknik, Programvaruteknik (Chalmers)) ; Andrei Sabelfeld (Institutionen för data- och informationsteknik, Programvaruteknik (Chalmers))
Proceedings of the Computer Security Foundations Symposium (1063-6900). p. 3-18. (2012)
[Konferensbidrag, refereegranskat]

Tracking information flow in dynamic languages remains an important and intricate problem. This paper makes substantial headway toward understanding the main challenges and resolving them. We identify language constructs that constitute a core of JavaScript: objects, higher-order functions, exceptions, and dynamic code evaluation. The core is powerful enough to naturally encode native constructs as arrays, as well as functionalities of JavaScript's API from the document object model (DOM) related to document tree manipulation and event processing. As the main contribution, we develop a dynamic type system that guarantees information-flow security for this language.


2012 IEEE 25th Computer Security Foundations Symposium, CSF 2012;Cambridge, MA;25 June 2012through27 June 2012



Den här publikationen ingår i följande styrkeområden:

Läs mer om Chalmers styrkeområden  

Denna post skapades 2012-10-23. Senast ändrad 2015-12-17.
CPL Pubid: 165025

 

Läs direkt!


Länk till annan sajt (kan kräva inloggning)