Object Capabilities and Isolation of Untrusted Web Applications

Sergio Maffeis; John C. Mitchell; Ankur Taly

doi:10.1109/SP.2010.16

S
SP
2010
2010 IEEE Symposium on Security and Privacy
Abstract - Object Capabilities and Isolation of Untrusted Web Applications

	This Article
	Subscribers, please Login Purchase article: $19 PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Sergio Maffeis Articles by John C. Mitchell Articles by Ankur Taly

2010 IEEE Symposium on Security and Privacy

Object Capabilities and Isolation of Untrusted Web Applications

Berkeley, California, USA

May 16-May 19

ISBN: 978-0-7695-4035-1

	ASCII Text	x
	Sergio Maffeis, John C. Mitchell, Ankur Taly, "Object Capabilities and Isolation of Untrusted Web Applications," Security and Privacy, IEEE Symposium on, pp. 125-140, 2010 IEEE Symposium on Security and Privacy, 2010.

	BibTex	x
	@article{ 10.1109/SP.2010.16, author = {Sergio Maffeis and John C. Mitchell and Ankur Taly}, title = {Object Capabilities and Isolation of Untrusted Web Applications}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2010}, issn = {1081-6011}, pages = {125-140}, doi = {http://doi.ieeecomputersociety.org/10.1109/SP.2010.16}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - Object Capabilities and Isolation of Untrusted Web Applications SN - 1081-6011 SP125 EP140 A1 - Sergio Maffeis, A1 - John C. Mitchell, A1 - Ankur Taly, PY - 2010 KW - Language-based Security KW - Capabilities KW - Operational Semantics KW - JavaScript VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

Sergio Maffeis

John C. Mitchell

Ankur Taly

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SP.2010.16

A growing number of current web sites combine active content (applications) from untrusted sources, as in so-called mashups. The object-capability model provides an appealing approach for isolating untrusted content: if separate applications are provided disjoint capabilities, a sound object-capability framework should prevent untrusted applications from interfering with each other, without preventing interaction with the user or the hosting page. In developing language-based foundations for isolation proofs based on object-capability concepts, we identify a more general notion of authority safety that also implies resource isolation. After proving that capability safety implies authority safety, we show the applicability of our framework for a specific class of mashups. In addition to proving that a JavaScript subset based on Google Caja is capability safe, we prove that a more expressive subset of JavaScript is authority safe, even though it is not based on the object-capability model.

Index Terms:

Language-based Security, Capabilities, Operational Semantics, JavaScript

Citation:

Sergio Maffeis, John C. Mitchell, Ankur Taly, "Object Capabilities and Isolation of Untrusted Web Applications," sp, pp.125-140, 2010 IEEE Symposium on Security and Privacy, 2010

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.