Sciweavers

SP
2010
IEEE

Object Capabilities and Isolation of Untrusted Web Applications

14 years 3 months ago
Object Capabilities and Isolation of Untrusted Web Applications
—A growing number of current web sites combine active content (applications) from untrusted sources, as in so-called mashups. The object-capability model provides an appealing approach for isolating untrusted content: if separate applications are provided disjoint capabilities, a sound objectcapability framework should prevent untrusted applications from interfering with each other, without preventing interaction with the user or the hosting page. In developing language-based foundations for isolation proofs based on object-capability concepts, we identify a more general notion of authority safety that also implies resource isolation. After proving that capability safety implies authority safety, we show the applicability of our framework for a specific class of mashups. In addition to proving that a JavaScript subset based on Google Caja is capability safe, we prove that a more expressive subset of JavaScript is authority safe, even though it is not based on the object-capability m...
Sergio Maffeis, John C. Mitchell, Ankur Taly
Added 16 Aug 2010
Updated 16 Aug 2010
Type Conference
Year 2010
Where SP
Authors Sergio Maffeis, John C. Mitchell, Ankur Taly
Comments (0)