The Case for JavaScript Transactions Mohan Dhawan, Chung-chieh Shan, Vinod Ganapathy Department of Computer Science Rutgers University PLAS 2010.

Slides:



Advertisements
Similar presentations
Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 16 Introduction to Ajax.
Advertisements

Protecting Browser State from Web Privacy Attacks Collin Jackson, Andrew Bortz, Dan Boneh, John Mitchell Stanford University.
Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.
Analyzing Information Flow in JavaScript-based Browser Extensions Mohan Dhawan and Vinod Ganapathy Department of Computer Science Rutgers University 25.
JavaScript and AJAX Jonathan Foss University of Warwick
Alex Crowell, Rutgers University Computer Science and Mathematics Advisor: Prof. Danfeng Yao, Computer Science Department.
JavaScript FaaDoOEngineers.com FaaDoOEngineers.com.
THE BROKEN WEB A Systematic Analysis of XSS Sanitization in Web Application Frameworks.
0 The Past, Present and Future of XSS Defense Jim Manico 2011 OWASP Brussels.
Enforcing Security Policies using Transactional Memory Introspection Vinod Ganapathy Rutgers University Arnar BirgissonMohan Dhawan Ulfar ErlingssonLiviu.
Monitoring Data Structures Using Hardware Transactional Memory Shakeel Butt 1, Vinod Ganapathy 1, Arati Baliga 2 and Mihai Christodorescu 3 1 Rutgers University,
GATEKEEPER MOSTLY STATIC ENFORCEMENT OF SECURITY AND RELIABILITY PROPERTIES FOR JAVASCRIPT CODE Salvatore Guarnieri & Benjamin Livshits Presented by Michael.
Web Server Programming
Presented by Vaibhav Rastogi.  Advent of Web 2.0 and Mashups  Inclusion of untrusted third party content a necessity  Need to restrict the functionality.
The Essence of JavaScript Arjun Guha, Claudiu Saftoiu, and Shriram Krishnamurthi.
An Evaluation of the Google Chrome Extension Security Architecture
Vaibhav Rastogi and Yi Yang.  Web 2.0 – rich applications  A website hosts content it may not be responsible for  Third party gadgets  Third party.
Java Chapter 22 - Student. Why Java? ADVANTAGESDISADVANTAGES Has _____________ capabilities__________ ( times) than languages compiled directly.
Aaron Blankstein and Michael J. Freedman Princeton University Tuan Tran.
Web 2.0 with AJAX Students : LASC Ioana KELEMEN Csilla POP Dan Adrian CIOBANU Dumitru Daniel Project leader : Ahmed RHIAT.
Phu H. Phung Chalmers University of Technology JSTools’ 12 June 13, 2012, Beijing, China Joint work with Lieven Desmet (KU Leuven)
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
4.1 JavaScript Introduction
JavaScript and The Document Object Model MMIS 656 Web Design Technologies Acknowledgements: 1.Notes from David Shrader, NSU GSCIS 2.Some material adapted.
Ajax (Asynchronous JavaScript and XML). AJAX  Enable asynchronous communication between a web client and a server.  A client is not blocked when an.
Architecture Of ASP.NET. What is ASP?  Server-side scripting technology.  Files containing HTML and scripting code.  Access via HTTP requests.  Scripting.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
JavaScript II ECT 270 Robin Burke. Outline JavaScript review Processing Syntax Events and event handling Form validation.
Lecture 11 – DOM Scripting SFDV3011 – Advanced Web Development Reference: 1.
CSS/Photoshop Layouts – Quiz #7 Lecture Code:
Enforcing Security Policies using Transactional Memory Introspection Vinod Ganapathy Rutgers University Arnar BirgissonMohan Dhawan Ulfar ErlingssonLiviu.
1 Approaches for Asynchronous Communication in Web Applications Stefan Potthast and Mike Rowe.
document.location ✗ Location Hijacking Phishing.
Chapter 8 Cookies And Security JavaScript, Third Edition.
Copyright © 2008 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 16 Introduction to Ajax.
Extending HTML CPSC 120 Principles of Computer Science April 9, 2012.
Module 5: Configuring Internet Explorer and Supporting Applications.
2011/12/20 1 Tongbo Luo, Hao Hao, Wenliang Du, Yifei Wang, and Heng Yin Syracuse University ACSAC 2011.
Architectural pattern: Interceptor Source: POSA II pp 109 – 140POSA II Environment: developing frameworks that can be extended transparently Recurring.
Introduction to Client-Side Web Development Introduction to Client-Side programming using JavaScript JavaScript; application examples 10 th February 2005.
C C Implementation  Prototype based on Firefox 3.0b2 codebase/ Spidermonkey VM  Uses SM contexts to manage multiple JavaScript execution contexts simultaneously.
Department of Computer Science Internet Performance Measurements using Firefox Extensions Scot L. DeDeo Professor Craig Wills.
Enhancing JavaScript with Transactions Mohan Dhawan †, Chung-chieh Shan ‡ and Vinod Ganapathy † † Department of Computer Science, Rutgers University ‡
Module 8 : Configuration II Jong S. Bok
Review of the DOM Node properties and methods Some ways of accessing nodes Appending, copying and removing nodes Event handling – Inline – Scripting –
University of Central Florida The Postman Always Rings Twice: Attacking & Defending postMessage in HTML5 Websites Ankur Verma University of Central Florida,
Vaibhav Rastogi and Yi Yang.  SOP is outdated  Netscape introduced this policy when most content on the Internet was static  Differences amongst different.
Protecting Browsers from Extension Vulnerabilities Paper by: Adam Barth, Adrienne Porter Felt, Prateek Saxena at University of California, Berkeley and.
Scripting Languages Client Side and Server Side. Examples of client side/server side Examples of client-side side include: JavaScript Jquery (uses a JavaScript.
Web Technologies Lecture 7 Synchronous vs. asynchronous.
Plug-in Architectures Presented by Truc Nguyen. What’s a plug-in? “a type of program that tightly integrates with a larger application to add a special.
Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.
Trevor Jim Nikhil Swamy Michael Hicks Defeating Script Injection Attacks with Browser-Enforced Embedded Policies Jason FroehlichSeptember 24, 2008.
 Web pages originally static  Page is delivered exactly as stored on server  Same information displayed for all users, from all contexts  Dynamic.
Web Technologies Lecture 6 State preservation. Motivation How to keep user data while navigating on a website? – Authenticate only once – Store wish list.
AJAX. Overview of Ajax Ajax is not an API or a programming language Ajax aims to provide more responsive web applications In normal request/response HTTP.
Puppetnets: Misusing Web Browsers as a Distributed Attack Infrastructure Paper By : V.T.Lam, S.Antonatos, P.Akritidis, K.G.Anagnostakis Conference : ACM.
JavaScript and Ajax (JavaScript Environment) Week 6 Web site:
Open Solutions for a Changing World™ Eddy Kleinjan Copyright 2005, Data Access WordwideNew Techniques for Building Web Applications June 6-9, 2005 Key.
SlideSet #20: Input Validation and Cross-site Scripting Attacks (XSS) SY306 Web and Databases for Cyber Operations.
Constraint Framework, page 1 Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Constraints approach.
JavaScript Print slides by Sean Boyle, with overall content based on material provided by Dan Bogaard, from:
World Wide Web policy.
Security mechanisms and vulnerabilities in .NET
Magento Technical Guidelines Eugene Shakhsuvarov, Software Magento
Browser code isolation
Secure Web Programming
Windows Vista Inside Out
Creating dynamic/interactive web pages
Presentation transcript:

The Case for JavaScript Transactions Mohan Dhawan, Chung-chieh Shan, Vinod Ganapathy Department of Computer Science Rutgers University PLAS 2010

Problem Web applications include third party content Examples: widgets, advertisements, libraries May contain untrusted, malicious JavaScript April 13, 20152PLAS 2010

Example from nytimes.com Rouge third party advertisement Displayed image of fake virus scan Client security and privacy at risk April 13, 20153PLAS 2010

Goal Protect Web application data by isolating untrusted JavaScript code Must handle arbitrary 3 rd party code written in JavaScript Including constructs such as eval, this, with. Must enforce powerful security policies Allow pop-ups from white-listed websites only. April 13, 20154PLAS 2010

Outline Problem Transcript Example Implementation Related Work Conclusion April 13, 20155PLAS 2010

Solution: Transcript Extend JavaScript to support Transactions Execute untrusted content speculatively Commit changes after policy enforcement Transaction Web Application April 13, 20156PLAS 2010

Transcript features Speculative execution of unmodified third party JavaScript code Suspend transactions on DOM and AJAX operations Transactional execution of event handlers April 13, 20157PLAS 2010

Schematic use of Transcript // Web application code var tx = transaction{... // unmodified 3 rd party code... }; // Introspection block goes below /* policy enforcement code */ // validate actions of the transaction tx.commit(); //Rest of the Web application code Transaction Web Application April 13, 20158PLAS 2010

Outline Problem Transcript Example Implementation Related Work Conclusion April 13, 20159PLAS 2010

Example: Untrusted code // Web application code var tx = transaction{ var image = document.createElement(‘img’); var url = " var params = document.cookie; image.src = url + "?cookie=" + params; document.body.appendChild(image);... window.location = " }; Transaction Web Application April 13, PLAS 2010

April 13, 2015PLAS tx = transaction {... body.appendChild(image);... }; do {... tx = tx.resume();... } while(tx.isSuspended()); tx.commit(); Web application code … Rest of the Web application read and write sets call stack 3 rd party Transaction object tx web app call stack 3 rd -party …… resume … … call stack 3 rd party tx’s write set + Heap orig Heap new = read and write sets call stack 3 rd party Transaction object tx web app web app* Transcript runtime system Introspection block Transcript Runtime On a transaction suspend, the Transcript runtime saves all the i) read write sets, and ii) stack frames till the nearest transaction delimiter to create a Transaction object Transcript runtime loads the saved read write sets and stack frames when the transaction resumes. Transcript runtime applies the write set changes to the JavaScript heap when the transaction commits.

Transaction suspend and resume Transaction Web Application April 13, PLAS 2010 var tx = transaction{... document.body.appendChild(image); }; do{ var rs = tx.getReadSet(), arg = tx.getArgs(); switch(tx.getCause()) { case "appendChild": if (arg[0].nodeName.match("IMG") && !rs.checkMembership(document,"cookie"))‏ obj.appendChild(arg[0]); break; }; /* end switch */ tx = tx.resume(); }while(tx.isSuspended()); if (arg[0].nodeName.match("IMG") && !rs.checkMembership(document,"cookie"))‏ obj.appendChild(arg[0]); Policy

Read and Write Sets var tx = transaction{... window.location = " }; /* Introspection Code */ var ws = tx.getWriteSet(); if(ws.checkMembership(window,"location")){ var loc = ws.getValue(window, "location"); if(!isWhiteListed(loc))‏ to_commit = false; } // Rest of the web application code Transaction Web Application var ws = tx.getWriteSet(); if(ws.checkMembership(window,"location")){ var loc = ws.getValue(window, "location"); if(!isWhiteListed(loc))‏ to_commit = false; } Policy April 13, PLAS 2010

Outline Problem Transcript Example Implementation Related Work Conclusion April 13, PLAS 2010

Implementation Prototype implementation in Firefox 3.7a4 Added new JavaScript features transaction keyword and Transaction object Modified interpreter op-codes to Log all object accesses Suspend on DOM / AJAX calls For details on semantics of the transactions, kindly refer the paper. April 13, PLAS 2010

Outline Problem Transcript Example Implementation Related Work Conclusion April 13, PLAS 2010

Related Work Staged information flow in JavaScript: PLDI'09 hybrid framework for JavaScript with the aim of protecting Web applications from untrusted code Conscript: S&P'10 aspect-oriented framework to specify and enforce fine- grained security policies for Web applications AdJail: USENIX Security'10 isolation mechanism to protect Web application content from malicious advertisements Caja, FBJS, AdSafe, etc. April 13, PLAS 2010

Conclusion JavaScript transactions provide isolation Suspend operations that break isolation Resume operation if web application allows Enforcement of powerful security policies All data reads / writes are recorded Ability to inspect reads / writes before commit No restriction or changes to third party code April 13, PLAS 2010

Questions ? April 13, PLAS 2010

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.