User Interface Toolkit Mechanisms For Securing Interface Elements Franziska Roesner, James Fogarty, Tadayoshi Kohno Computer Science & Engineering DUB.

Slides:

Advertisements

Similar presentations

PCT303 – Content Publishing in SharePoint Eugene Rosenfeld Black Blade Associates

Advertisements

Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.

Android UserInterfaces Nasrullah Niazi. overView All user interface elements in an Android app are built using View and ViewGroup objects. A View is an.

Syracuse University, New York, USA

User-Driven Access Control Rethinking Permission Granting in Modern OSes Franziska Roesner, Tadayoshi Kohno University of Washington Alexander Moshchuk,

An Application Package Configuration Approach to Mitigating Android SSL Vulnerabilities Vasant Tendulkar NC State University William.

CS 443 Advanced OS Fabián E. Bustamante, Spring 2005 Resource Containers: A new Facility for Resource Management in Server Systems G. Banga, P. Druschel,

Université catholique de Louvain (UCL) Belgian Laboratory of Computer-Human Interaction (BCHI) Place des Doyens, 1 B-1348 Louvain-la-Neuve (Belgium) Presented.

Smartphone Apps Development Team Weiqing Li Lijun Zhu Man Li.

An Evaluation of the Google Chrome Extension Security Architecture

W alkie Doggie is a web application that allows dog owners to help each other with their dog walks. It’s main feature is the walkies, which are the user’s.

10/20/2009 Loomi Liao.  The problems  Some anti-phishing solutions  The Web Wallet solutions  The Web Wallet User Interface  User study  Discussion.

Electrical and Computer Engineering Vitaly Gordievsky Alex Trefonas Scott Richard Matt Beckford Final Project Review.

Graphical User Interface (GUI) Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

Web Page Behavior IS 373—Web Standards Todd Will.

Interpret Application Specifications

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Stanford hci group / cs376 research topics in human-computer interaction I/O Toolkits Scott Klemmer 29 November 2005.

By: Jeremy Smith.  Introduction  Droid Draw  Add XML file  Layouts  LinearLayout  RelativeLayout  Objects  Notifications  Toast  Status Bar.

Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Prof. James A. Landay University of Washington Spring 2008 Web Interface Design, Prototyping, and Implementation Rich Internet Applications: AJAX, Server.

1 CS 3870/CS 5870 Static and Dynamic Web Pages ASP.NET and IIS.

CSCI 6962: Server-side Design and Programming Course Introduction and Overview.

MVC pattern and implementation in java

A Scalable Application Architecture for composing News Portals on the Internet Serpil TOK, Zeki BAYRAM. Eastern MediterraneanUniversity Famagusta Famagusta.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Design Extensions to Google+ CS6204 Privacy and Security.

ASP.NET + Ajax Jesper Tørresø ITNET2 F08. Ajax Ajax (Asynchronous JavaScript and XML) A group of interrelated web development techniques used for creating.

Overview of Previous Lesson(s) Over View  ASP.NET Pages  Modular in nature and divided into the core sections  Page directives  Code Section  Page.

Programming with Microsoft Visual Basic 2012 Chapter 12: Web Applications.

C Copyright © 2009, Oracle. All rights reserved. Appendix C: Service-Oriented Architectures.

DP&NM Lab. POSTECH, Korea - 1 -Interaction Translation Methods for XML/SNMP Gateway Interaction Translation Methods for XML/SNMP Gateway Using XML Technologies.

Model-View-Controller Ku-Yaw Chang Assistant Professor, Department of Computer Science and Information Engineering Da-Yeh University.

CSCI 6962: Server-side Design and Programming Introduction to Active Server Pages.

Web Technologies COMP6115 Session 4: Adding a Database to a Web Site Dr. Paul Walcott Department of Computer Science, Mathematics and Physics University.

Securing Embedded User Interfaces: Android and Beyond Franziska Roesner and Tadayoshi Kohno University of Washington Mohamed Grissa A presentation of USENIX.

Macromedia Dreamweaver 8 Revealed DREAMWEAVER GETTING STARTED WITH.

Microsoft SharePoint Server 2010 for the Microsoft ASP.NET Developer Yaroslav Pentsarskyy

Chapter 2. Core Defense Mechanisms. Fundamental security problem All user input is untrusted.

Embedded Software SKKU 28 1 WebKit/EFL. Embedded Software SKKU 28 2 WebKit Parsing Layout and Painting WebKit and EFL Contents.

Javascript II DOM & JSON. In an effort to create increasingly interactive experiences on the web, programmers wanted access to the functionality of browsers.

USER DRIVEN ACCESS CONTROL: RETHINKING PERMISSION GRANTING IN MODERN OPERATING SYSTEM Presentation by: Manik Challana Presented at : IEEE Symposium on.

2011/12/20 1 Tongbo Luo, Hao Hao, Wenliang Du, Yifei Wang, and Heng Yin Syracuse University ACSAC 2011.

SMash : Secure Component Model for Cross- Domain Mashups on Unmodified Browsers WWW 2008 Frederik De Keukelaere et al. Presenter : SJ Park.

Building Secure Web Applications With ASP.Net MVC.

A Multi-agent Approach for the Integration of the Graphical and Intelligent Components of a Virtual Environment Rui Prada INESC-ID.

Mir Farooq Ali Computer Science, Virginia Tech May 9, 2003 Building Multi-platform User Interfaces using UIML.

3 Copyright © 2004, Oracle. All rights reserved. Working in the Forms Developer Environment.

User Profiling using Semantic Web Group members: Ashwin Somaiah Asha Stephen Charlie Sudharshan Reddy.

M. Alexander Helen J. Wang Yunxin Liu Microsoft Research 1 Presented by Zhaoliang Duan.

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Policy Authoring Matthew Dunlop Usable Security – CS 6204 – Fall, 2009 – Dennis.

learn. do. dream. Going Native Native Application Integration Attachments Camera GPS Mail Maps Phone Voice Input.

HW#9 Clues CSCI 571 Fall, HW#9 Prototype

Visualization Four groups Design pattern for information visualization

Web Browsing *TAKE NOTES*. Millions of people browse the Web every day for research, shopping, job duties and entertainment. Installing a web browser.

© SERG Reverse Engineering (REportal) REportal: Reverse Engineering Portal (reportal.cs.drexel.edu)

Chapter 27 Getting “Web-ified” (Web Applications) Clearly Visual Basic: Programming with Visual Basic nd Edition.

Web Site Development - Process of planning and creating a website.

Securing Web Applications Lesson 4B / Slide 1 of 34 J2EE Web Components Pre-assessment Questions 1. Identify the correct return type returned by the doStartTag()

TEMPLATE DESIGN © Crawling is the process of automatically exploring a web application to discover the states of the application.

Software Architecture for Multimodal Interactive Systems : Voice-enabled Graphical Notebook.

COMPOSITE PATTERN NOTES. The Composite pattern l Intent Compose objects into tree structures to represent whole-part hierarchies. Composite lets clients.

Background & Related Work Approaches to teaching media computation have so far primarily been reliant on textual programming languages [1]. For students.

1 Developing for Test Automation and Accessibility Using Programmatic Access to the UI Thomas Logan FUN307 Program Manager Microsoft Corporation.

GUI and Web Programming CSE 403 (based on a lecture by James Fogarty)

Java FX: Scene Builder.

Modeling User Interactions for (Fun and) Profit Preventing Request Forgery Attacks in Web Applications Karthick Jayaraman, Grzegorz Lewandowski, Paul G.

Application with Cross-Platform GUI

Social Networks Integration in Android

Understand Windows Forms Applications and Console-based Applications

Presentation transcript:

User Interface Toolkit Mechanisms For Securing Interface Elements Franziska Roesner, James Fogarty, Tadayoshi Kohno Computer Science & Engineering DUB Group, Security & Privacy Research Lab University of Washington

Like us on Facebook! User Interface Toolkits Ease interface design and implementation. Provide developers with flexibility and expressivity. Assumption: Developers have full control of an interface. New Challenge: Modern interfaces include elements implemented by different developers. Ad from ad library Social button from Facebook library 2 Map from Google library

Like us on Facebook! Attack #1: Programmatic Click Fraud 3 Ad Server App Developer User Click Programmatic Click

Like us on Facebook! Attack #2: Size Manipulation 4 Android requires applications to display a camera preview in order to take a photo. 1 pixel X 1 pixel camera preview

Attack #3: Eavesdropping 5 NEW! Login with your Google account! Interface Layout Tree Background {App} LoginBox {Google} Text {App} Interface Layout Tree Background {App} LoginBox {Google} Text {App} Terminology: Code from different developers is in different trust groups.

Interface Layout Tree Background {App} LoginBox {Google} Text {App} Attack #3: Eavesdropping 6 App Developer NEW! Login with your Google account! ********

Like us on Facebook! Attack #4: Display Takeover 7 Widget parent = adWidget.getParent(); parent.removeChildren(); parent.addChild(fullScreenAd); Ad Library Code

An Opportunity for Toolkits These vulnerabilities are in the user interface. Existing solutions come at the expense of interface usability and flexibility. 8 Addressing these vulnerabilities in the user interface toolkit provides better security and enables new interfaces.

Desired Security Properties 1.Display Integrity 2.Input Integrity 3.Intent Integrity 4.Data Isolation 5.UI-to-API Links 9

Desired Security Properties 1.Display Integrity 2.Input Integrity 3.Intent Integrity 4.Data Isolation 5.UI-to-API Links 10

Desired Security Properties 1.Display Integrity 2.Input Integrity 3.Intent Integrity 4.Data Isolation 5.UI-to-API Links 11 Protect the display of interface elements across trust groups. Like us on Facebook! Recall the attacks: Size Manipulation Display Takeover

Recall the attack: Programmatic Click Fraud Like us on Facebook! Desired Security Properties 1.Display Integrity 2.Input Integrity 3.Intent Integrity 4.Data Isolation 5.UI-to-API Links 12 Prevent programmatic interaction with interface elements across trust groups.

Desired Security Properties 1.Display Integrity 2.Input Integrity 3.Intent Integrity 4.Data Isolation 5.UI-to-API Links 13 Protect displayed content and input across trust groups. Recall the attack: Eavesdropping NEW! Login with your Google account!

Architecting a Toolkit for Security 14 Techniques: Isolating trust groups Interface layout tree invariants Model-level event listeners Composition across trust groups Flexible feedback (for drag-and-drop, lenses) Goals: (1) Achieve our desired security properties. (2) Maintain usability and developer flexibility.

Architecting a Toolkit for Security 15 Techniques: Isolating trust groups Interface layout tree invariants Model-level event listeners Composition across trust groups Flexible feedback (for drag-and-drop, lenses) Goals: (1) Achieve our desired security properties. (2) Maintain usability and developer flexibility.

Interface Layout Tree Vulnerabilities 16 (1) Insecure Layout: Parent elements can manipulate the layout of the child elements. Recall the attack: Size Manipulation Size Request Problem: In a traditional layout tree, there is no guarantee of a trusted path to every node.

Interface Layout Tree Vulnerabilities 17 Input Events (2) Insecure Input: Parents can eavesdrop on or modify events intended for children. Recall the attack: Eavesdropping NEW! Login with your Google account! Problem: In a traditional layout tree, there is no guarantee of a trusted path to every node.

Interface Layout Tree Invariants Solution: Introduce new invariants: 1.The root node of an application’s layout tree must be a system node. 2.Only system nodes may have children of a different trust group. 18 system Input Events Size Request system

Interface Layout Tree Invariants How to do visual embedding? 19 Solution: Introduce a system-trusted proxy node into the layout tree. The proxy node is introduced automatically and can be transparent to the developer. NEW! Login with your Google account! Background {App} LoginBo x {Google} Text {App} Proxy {System} Root {System} Background {App} LoginBox {Google} Text {App} Root {System}

More in the paper! Techniques for flexibility – Exposing model-level APIs across trust groups – Composing trust groups in one interface element – Supporting feedback (drag-and-drop, lenses) 20 NEW! Login with your Google account! Prototype implementations for Android and a web browser Login token Like us on Facebook!

Conclusion Questions for future work and discussions: – What are appropriate defaults for access to APIs across trust groups? – What new interfaces will a secure toolkit enable? 21 A security-aware toolkit architecture can achieve security properties while maintaining developer flexibility.

User Interface Toolkit Mechanisms For Securing Interface Elements Franziska Roesner, James Fogarty, Tadayoshi Kohno Computer Science & Engineering DUB Group, Security & Privacy Research Lab University of Washington This work was supported by the NSF under Graduate Research Fellowship award DGE as well as awards CNS and IIS