Hails: Protecting data privacy in untrusted web applications
Artikel i vetenskaplig tidskrift, 2017

Many modern web-platforms are no longer written by a single entity, such as a company or individual, but consist of a trusted core that can be extended by untrusted third-party authors. Examples of this approach include Facebook, Yammer, and Salesforce. Unfortunately, users running third-party "apps" have little control over what the apps can do with their private data. Today's platforms offer only ad hoc constraints on app behavior, leaving users an unfortunate trade-off between convenience and privacy. A principled approach to code confinement could allow the integration of untrusted code while enforcing flexible, end-to-end policies on data access. This paper presents a new framework, Hails, for building web platforms, that adds mandatory access control and a declarative policy language to the familiar MVC architecture. We demonstrate the flexibility of Hails by building several platforms, including GitStar, a code-hosting website that enforces robust privacy policies on user data even while allowing untrusted apps to deliver extended features to users.

model

information

systems

Författare

Daniel Giffin

Stanford University

Amit Levy

Stanford University

Deian Stefan

University of California

David Terei

Stanford University

David Mazieres

Stanford University

John Mitchell

Stanford University

Alejandro Russo

Informationssäkerhet

Journal of Computer Security

0926-227X (ISSN)

Vol. 25 4-5 427-461

Ämneskategorier

Data- och informationsvetenskap

DOI

10.3233/JCS-15801

Mer information

Senast uppdaterat

2018-03-06