JSFlow

Hedin, Daniel; Birgisson, Arnar; Bello, Luciano; Sabelfeld, Andrei

doi:10.1145/2554850.2554909

Cited by 116 publications

(14 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This section presents practical experiments made by instantiating the deployment architectures with the JSFlow [19,18] information-flow monitor. JSFlow is a tool that extends the formalization of a dynamic information flow tracker [20] to the full JavaScript language and its APIs.…”

Section: Instantiationmentioning

confidence: 99%

“…Our instantiation shows how to deploy JSFlow [19,18], an information-flow monitor for JavaScript by Hedin et al, via browser extension, via web proxy, and via suffix proxy (web service). We report on security and performance experiments that illustrate successful deployment of a JavaScript information-flow monitor with the different architectures.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Architectures for Inlining Security Monitors in Web Applications

Magazinius

Hedin

Sabelfeld

2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. Securing JavaScript in the browser is an open and challenging problem. Code from pervasive third-party JavaScript libraries exacerbates the problem because it is executed with the same privileges as the code that uses the libraries. An additional complication is that the different stakeholders have different interests in the security policies to be enforced in web applications. This paper focuses on securing JavaScript code by inlining security checks in the code before it is executed. We achieve great flexibility in the deployment options by considering security monitors implemented as security-enhanced JavaScript interpreters. We propose architectures for inlining security monitors for JavaScript: via browser extension, via web proxy, via suffix proxy (web service), and via integrator. Being parametric in the monitor itself, the architectures provide freedom in the choice of where the monitor is injected, allowing to serve the interests of the different stake holders: the users, code developers, code integrators, as well as the system and network administrators. We report on experiments that demonstrate successful deployment of a JavaScript information-flow monitor with the different architectures.

show abstract

Section: Instantiationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Architectures for Inlining Security Monitors in Web Applications

Magazinius

Hedin

Sabelfeld

2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…This has resulted in tools for mainstream programming languages as FlowFox [16] and JSFlow [20] for JavaScript, Jif [26], Paragon [9] and JOANA [17] for Java, FlowCaml [30] for Caml, LIO [31] for Haskell, and SPARK Examiner [5] for Ada that enforce versatile security policies. However, a roadblock on the way to wider adoption of these tools has been their limited permissiveness i.e secure programs are falsely rejected due to over-approximations.…”

Section: Introductionmentioning

confidence: 99%

“…However, a roadblock on the way to wider adoption of these tools has been their limited permissiveness i.e secure programs are falsely rejected due to over-approximations. Flow-, context-, and object-sensitive techniques [17] have been suggested to improve the precision of static information flow control, and dynamic and hybrid monitors [22,32,27,20,19] have been explored to leverage the knowledge about the current run for precision. Dynamic and hybrid techniques are particularly promising for highly dynamic languages such as JavaScript.…”

Section: Introductionmentioning

confidence: 99%

“…Unfortunately, his limitation of pure dynamic information flow control often turns out to be too restrictive in practice [20], and various ways of lifting the restriction have been proposed [3,8]. They aim to enhance the dynamic analysis with information that allows the label of write target to be changed before entering secret control, thus decoupling the label change from secret influence.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Value Sensitivity and Observable Abstract Values for Information Flow Control

Bello

Hedin

Sabelfeld

2015

Logic for Programming, Artificial Intelligence, and Reasoning

Self Cite

View full text Add to dashboard Cite

Abstract. Much progress has recently been made on information flow control, enabling the enforcement of increasingly rich policies for increasingly expressive programming languages. This has resulted in tools for mainstream programming languages as JavaScript, Java, Caml, and Ada that enforce versatile security policies. However, a roadblock on the way to wider adoption of these tools has been their limited permissiveness (high number of false positives). Flow-, context-, and object-sensitive techniques have been suggested to improve the precision of static information flow control and dynamic monitors have been explored to leverage the knowledge about the current run for precision. This paper explores value sensitivity to boost the permissiveness of information flow control. We show that both dynamic and hybrid information flow mechanisms benefit from value sensitivity. Further, we introduce the concept of observable abstract values to generalize and leverage the power of value sensitivity to richer programming languages. We demonstrate the usefulness of the approach by comparing it to known disciplines for dealing with information flow in dynamic and hybrid settings.

show abstract