Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SP
2010
IEEE
2010
IEEE
Object Capabilities and Isolation of Untrusted Web Applications
—A growing number of current web sites combine active content (applications) from untrusted sources, as in so-called mashups. The object-capability model provides an appealing approach for isolating untrusted content: if separate applications are provided disjoint capabilities, a sound objectcapability framework should prevent untrusted applications from interfering with each other, without preventing interaction with the user or the hosting page. In developing language-based foundations for isolation proofs based on object-capability concepts, we identify a more general notion of authority safety that also implies resource isolation. After proving that capability safety implies authority safety, we show the applicability of our framework for a specific class of mashups. In addition to proving that a JavaScript subset based on Google Caja is capability safe, we prove that a more expressive subset of JavaScript is authority safe, even though it is not based on the object-capability m...
Real-time TrafficAuthority Safety | Object-capability Model | Safety Implies Authority | Security Privacy | SP 2010 |
Related Content
| Added | 16 Aug 2010 |
| Updated | 16 Aug 2010 |
| Type | Conference |
| Year | 2010 |
| Where | SP |
| Authors | Sergio Maffeis, John C. Mitchell, Ankur Taly |
Comments (0)
Researcher Info
|
