Secure web applications via automatic partitioning

Chong, Stephen; Liu, Jed; Myers, Andrew C.; Qi, Xin; Vikram, K.; Zheng, Lantian; Zheng, Xin

doi:10.1145/1323293.1294265

Cited by 97 publications

(116 citation statements)

References 21 publications

Supporting

Mentioning

116

Contrasting

Order By: Relevance

“…Several informationflow tools have been developed for mainstream languages, e.g., Java-based Jif [35], Caml-based FlowCaml [46], and Ada-based SPARK Examiner [8], [11], as well as case studies [46], [3], [23], [13], [12], [15], [38]. Informationflow analysis is becoming particularly attractive for web applications (e.g, [13], [12], [49], [30]), where the challenge is to secure the manipulation of secret and public data on both server and client side.…”

Section: Introductionmentioning

confidence: 99%

Dynamic vs. Static Flow-Sensitive Security Analysis

Russo

Sabelfeld

2010

2010 23rd IEEE Computer Security Foundations Symposium

152

216

View full text Add to dashboard Cite

Abstract-This paper seeks to answer fundamental questions about trade-offs between static and dynamic security analysis. It has been previously shown that flow-sensitive static information-flow analysis is a natural generalization of flowinsensitive static analysis, which allows accepting more secure programs. It has been also shown that sound purely dynamic information-flow enforcement is more permissive than static analysis in the flow-insensitive case. We argue that the step from flow-insensitive to flow-sensitive is fundamentally limited for purely dynamic information-flow controls. We prove impossibility of a sound purely dynamic information-flow monitor that accepts programs certified by a classical flow-sensitive static analysis. A side implication is impossibility of permissive dynamic instrumented security semantics for information flow, which guides us to uncover an unsound semantics from the literature. We present a general framework for hybrid mechanisms that is parameterized in the static part and in the reaction method of the enforcement (stop, suppress, or rewrite) and give security guarantees with respect to terminationinsensitive noninterference for a simple language with output.

show abstract

Section: Introductionmentioning

confidence: 99%

Dynamic vs. Static Flow-Sensitive Security Analysis

Russo

Sabelfeld

2010

2010 23rd IEEE Computer Security Foundations Symposium

152

216

View full text Add to dashboard Cite

show abstract

“…For the remaining part of the application, we will first determine: which part of the state is to be kept local and which one to keep global ie, how to partition the remaining application? There are several issues faced in deciding the partitioning [6]- [7].…”

Section: Discussionmentioning

confidence: 99%

Embedded Computing : Partitioning the Software between Clients and Servers

2014

IJRA

View full text Add to dashboard Cite

The energy efficiency of mobile applications has been a highly tackled research problem within the last years. Many research groups have focused on optimizing the hardware of mobile devices, as well as their middleware and applications, increasing both the devices' uptime and their users' satisfaction. However, only scare work has analyzed to partition the application between client and server. In this paper, we focus on social games which are played by several players connected to a server via their mobile devices. Current state of the art is to keep everything on servers and synchronize the state across all clients which makes real-time media oriented computation can perform poorly on servers due to varying loads, and can result in interruptions in execution. Due to lots of jobs, sometimes the computation does not scale with number of users on servers. Thus in this paper, we propose to partition the application between embedded device and server using Android for performance benefit and energy saving.

show abstract

“…Generally they accept as input a program written in a Turingcomplete programming language, which can be either imperative [74,15,47,73,83,110,108,25,26,72] or descriptive [97]. The systems outputs can be boolean circuits [74,15,47], source code in a generic programming language [73,110,108,25,26,72], or a running protocol [97]. Some systems [74,15,47,97,73] employed cryptographic primitives to enable secure computation, whereas others [110,108,25,26,72,83] did not.…”

Section: Programming Toolsmentioning

confidence: 99%

“…The systems outputs can be boolean circuits [74,15,47], source code in a generic programming language [73,110,108,25,26,72], or a running protocol [97]. Some systems [74,15,47,97,73] employed cryptographic primitives to enable secure computation, whereas others [110,108,25,26,72,83] did not. Instead, they were designed as tools that use types or annotations to specify security properties and apply various static analysis techniques to ensure the security requirements are met.…”

Section: Programming Toolsmentioning

confidence: 99%

See 1 more Smart Citation

Practical Secure Two-Party Computation

Huang

View full text Add to dashboard Cite

Secure two-party computation allows two parties to cooperatively evaluate a function that takes both parties' private data as input without revealing any private information other than the outcome. Although secure computation has many important applications in various fields and a general theoretical solution has been known for decades, practical systems are rare due to the prohibitive performance overhead and the tremendous effort required to build such systems.The garbled circuit (i.e., Yao's circuit) technique enables secure computing of polynomial-time computable functions but has previously been thought to be too expensive for practical applications. We improved the efficiency of garbled circuits focusing on both execution and design aspects. Our implementation uses pipelining aggressively so the circuit execution runs with a nearly constant amount of memory and can scale to arbitrarily large circuits. To aid the efficient construction of circuits, we developed a library of component circuits that enables programmers to quickly create new ones by modular composition of existing ones. We integrated these ideas into a new framework that enables programmers to develope secure computation protocols from an existing insecure implementation while providing enough control over the circuit design to enable efficient implementation. To evaluate the effectiveness of our techniques and our new tools, we build several privacy-preserving applications which are secure against passive adversaries, including secure biometric identification, secure edit distance and Smith-Waterman, private encryption, and private set intersection.The secure guarantees of passively-secure protocols do not hold if an attacker goes "active" -by deviating from the protocol specification. To thwart active adversaries, we present a concrete design and implementation of protocols achieving security guarantees that are much stronger than are possible with passively-secure protocols, at minimal extra cost. We consider protocols in which a malicious adversary may learn a single (arbitrary) bit of additional information about the honest party's input. Correctness of the honest party's output is still guaranteed. Adapting prior work of Mohassel and Franklin, the basic idea in our protocols is to conduct two separate runs of a (specific) semi-honest, garbled-circuit protocol, with the parties swapping roles, followed by an inexpensive secure equality test. We provide a rigorous definition and prove that this protocol leaks no more than one additional bit against a malicious adversary. In addition, we propose some i Abstract ii heuristic enhancements to reduce the overall information a cheating adversary learns. Our experiments show that protocols meeting this security level can be implemented at a cost very close to protocols that only achieve semi-honest security. Our results indicate that this model enables the large-scale, practical applications possible within the semi-honest security model, while providing stronger security guarantees.We al...

show abstract

Secure web applications via automatic partitioning

Cited by 97 publications

References 21 publications

Dynamic vs. Static Flow-Sensitive Security Analysis

Dynamic vs. Static Flow-Sensitive Security Analysis

Embedded Computing : Partitioning the Software between Clients and Servers

Practical Secure Two-Party Computation

Contact Info

Product

Resources

About