Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WWW
2010
ACM
2010
ACM
Fine-grained privilege separation for web applications
We present a programming model for building web applications with security properties that can be confidently verified during a security review. In our model, applications are divided into isolated, privilege-separated components, enabling rich security policies to be enforced in a way that can be checked by reviewers. In our model, the web framework enforces privilege separation and isolation of web applications by requiring the use of an objectcapability language and providing interfaces that expose limited, explicitly-specified privileges to application components. This approach restricts what each component of the application can do and quarantines buggy or compromised code. It also provides a way to more safely integrate third-party, less-trusted code into a web application. We have implemented a prototype of this model based upon the Java Servlet framework and used it to build a webmail application. Our experience with this example suggests that the approach is viable and hel...
Real-time Traffic| Added | 14 May 2010 |
| Updated | 14 May 2010 |
| Type | Conference |
| Year | 2010 |
| Where | WWW |
| Authors | Akshay Krishnamurthy, Adrian Mettler, David Wagner |
Comments (0)
Researcher Info
|
