CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

A two-tier sandbox architecture for untrusted JavaScript

Phu H. Phung (Institutionen för data- och informationsteknik, Programvaruteknik (Chalmers)) ; Lieven Desmet
JSTools '12 Proceedings of the Workshop on JavaScript Tools, Beijing,13 June, 2012 p. 1-10. (2012)
[Konferensbidrag, refereegranskat]

The large majority of websites nowadays embeds third-party JavaScript into their pages, coming from external partners. Ideally, these scripts are benign and come from trusted sources, but over time, these third-party scripts can start to misbehave, or to come under control of an attacker. Unfortunately, the state-of-practice integration techniques for third-party scripts do not impose restrictions on the execution of JavaScript code, allowing such an attacker to perform unwanted actions on behalf of the website owner and/or website visitor. In this paper, we present a two-tier sandbox architecture to enable a website owner to enforce modular fine-grained security policies for potential untrusted third-party JavaScript code. The architecture contains an outer sandbox that provides strong baseline isolation guarantees with generic, coarse-grained policies and an inner sandbox that enables fine-grained, stateful policy enforcement specific to a particular untrusted application. The two-tier approach ensures that the application-specific policies and untrusted code are by default confined to a basic security policy, without imposing restrictions on the expressiveness of the policies. Our proposed architecture improves upon the state-of-the-art as it does not depend on browser modification nor preprocessing or transformation of untrusted code, and allows the secure enforcement of fine-grained, stateful access control policies. We have developed a prototype implementation on top of a open-source sandbox library in the ECMAScript 5 specification, and applied it to a representative online advertisement case study to validate the feasibility and security of the proposed architecture.

Nyckelord: Fine-grained security policy, Untrusted, Web application security, Web mashups



Den här publikationen ingår i följande styrkeområden:

Läs mer om Chalmers styrkeområden  

Denna post skapades 2012-12-24. Senast ändrad 2013-01-02.
CPL Pubid: 168610

 

Läs direkt!


Länk till annan sajt (kan kräva inloggning)