SMash : Secure Component Model for Cross- Domain Mashups on Unmodified Browsers WWW 2008 Frederik De Keukelaere et al. Presenter : SJ Park.

Slides:

Advertisements

Similar presentations

WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?

Advertisements

The OWASP Foundation Web Application Security Host Apps Firewall Host Apps Database Host Web serverApp serverDB server Securing the.

JavaScript and AJAX Jonathan Foss University of Warwick

JavaScript FaaDoOEngineers.com FaaDoOEngineers.com.

Chapter 5 standards for multimedia communications

The Web Warrior Guide to Web Design Technologies

An Evaluation of the Google Chrome Extension Security Architecture

1 14th ACM Conference on Computer and Communications Security, Alexandria, VA Shuo Chen †, David Ross ‡, Yi-Min Wang † † Internet Services Research Center.

Introduction to Web Database Processing

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

World Wide Web1 Applications World Wide Web. 2 Introduction What is hypertext model? Use of hypertext in World Wide Web (WWW) – HTML. WWW client-server.

Introduction to Web Interface Technology (CSE2030)

Figure 1.1 Interaction between applications and the operating system.

Outline IS400: Development of Business Applications on the Internet Fall 2004 Instructor: Dr. Boris Jukic DHTML.

1 Subspace: Secure Cross Domain Communication for Web Mashups Collin Jackson and Helen J. Wang Mamadou H. Diallo.

Subspace: Secure Cross-Domain Communication for Web Mashups Collin Jackson Stanford University Helen J. Wang Microsoft Research ACM WWW, May, 2007 Presenter:

Subspace: Secure Cross-Domain Communication for Web Mashups In Proceedings of the 16th International World Wide Web Conference. (WWW), 2007 Collin Jackson,

IT 210 The Internet & World Wide Web introduction.

DHTML. What is DHTML?  DHTML is the combination of several built-in browser features in fourth generation browsers that enable a web page to be more.

JavaScript and The Document Object Model MMIS 656 Web Design Technologies Acknowledgements: 1.Notes from David Shrader, NSU GSCIS 2.Some material adapted.

JavaScript & jQuery the missing manual Chapter 11

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Design Extensions to Google+ CS6204 Privacy and Security.

Overview of Previous Lesson(s) Over View  ASP.NET Pages  Modular in nature and divided into the core sections  Page directives  Code Section  Page.

HTML DOM.  The HTML DOM defines a standard way for accessing and manipulating HTML documents.  The DOM presents an HTML document as a tree- structure.

Lecture 2 : Understanding the Document Object Model (DOM) UFCFR Advanced Topics in Web Development II 2014/15 SHAPE Hong Kong.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

JavaScript is a client-side scripting language. Programs run in the web browser on the client's computer. (PHP, in contrast, is a server-side scripting.

ASP.NET Controls. Slide 2 Lecture Overview Identify the types of controls supported by ASP.NET and the differences between them.

TCP/IP Protocols Dr. Sharon Hall Perkins Applications World Wide Web(HTTP) Presented by.

Web Mashups -Nirav Shah.

OMash: Enabling Secure Web Mashups via Object Abstractions Steven Crites, Francis Hsu, Hao Chen UC Davis.

OMash: Enabling Secure Web Mashups via Object Abstractions Steven Crites, Francis Hsu, Hao Chen (UC Davis) ACM Conference on Computer and Communications.

JavaScript, Fourth Edition

INTRODUCTION TO JAVASCRIPT AND DOM Internet Engineering Spring 2012.

User Interface Toolkit Mechanisms For Securing Interface Elements Franziska Roesner, James Fogarty, Tadayoshi Kohno Computer Science & Engineering DUB.

1 Dr Alexiei Dingli XML Technologies XML Advanced.

Extending HTML CPSC 120 Principles of Computer Science April 9, 2012.

Javascript II DOM & JSON. In an effort to create increasingly interactive experiences on the web, programmers wanted access to the functionality of browsers.

Chapter 5: Windows and Frames

1 Geospatial and Business Intelligence Jean-Sébastien Turcotte Executive VP San Francisco - April 2007 Streamlining web mapping applications.

2011/12/20 1 Tongbo Luo, Hao Hao, Wenliang Du, Yifei Wang, and Heng Yin Syracuse University ACSAC 2011.

Database Systems: Design, Implementation, and Management Eighth Edition Chapter 14 Database Connectivity and Web Technologies.

Overview Web Session 3 Matakuliah: Web Database Tahun: 2008.

Cookies and Sessions IDIA 618 Fall 2014 Bridget M. Blodgett.

Virtual Earth Map Control V4 MARK MAGLIOCCO Phillydotnet.org 11/21/2006

BeamAuth : Two-Factor Web Authentication with a Bookmark 14 th ACM Conference on Computer and Communications Security Ben Adida Presenter : SJ Park.

M. Alexander Helen J. Wang Yunxin Liu Microsoft Research 1 Presented by Zhaoliang Duan.

University of Central Florida The Postman Always Rings Twice: Attacking & Defending postMessage in HTML5 Websites Ankur Verma University of Central Florida,

Vaibhav Rastogi and Yi Yang.  SOP is outdated  Netscape introduced this policy when most content on the Internet was static  Differences amongst different.

Protecting Browsers from Extension Vulnerabilities Paper by: Adam Barth, Adrienne Porter Felt, Prateek Saxena at University of California, Berkeley and.

© FPT SOFTWARE – TRAINING MATERIAL – Internal use 04e-BM/NS/HDCV/FSOFT v2/3 JSP Application Models.

Document Object Model Nasrullah. DOM When a page is loaded,browser creates a Document Object Model of the Page.

AJAX Use Cases for WSRP Subbu Allamaraju BEA Systems Inc WSRP F2F Meeting, May 2006.

Overview of Previous Lesson(s) Over View  ASP is a technology that enables scripts in web pages to be executed by an Internet server.  ASP.NET is a.

Cloud Environment Spring  Microsoft Research Browser (2009)  Multi-Principal Environment with Browser OS  Next Step Towards Secure Browser 

JavaScript Introduction and Background. 2 Web languages Three formal languages HTML JavaScript CSS Three different tasks Document description Client-side.

 AJAX technology  Rich User Experience  Characteristics  Real live examples  JavaScript and AJAX  Web application workflow model – synchronous vs.

1 Introduction to Active Directory Directory Services Uniquely identify users and resources on a network Provide a single point of network management.

The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5 Websites Paper by Sooel Son and Vitaly Shmatikov, The University of Texas.

Redmond Protocols Plugfest 2016 Tarun Chopra Accessing APIs through Add-Ins Sr. Escalation Engineer.

Open Solutions for a Changing World™ Eddy Kleinjan Copyright 2005, Data Access WordwideNew Techniques for Building Web Applications June 6-9, 2005 Key.

ArcGIS for Server Security: Advanced

Introduction to.

Applied Component I Unit II Introduction of java-script

Subbu Allamaraju BEA Systems Inc

Dynamic Web Pages (Flash, JavaScript)

Web Systems Development (CSC-215)

Introduction to Active Directory Directory Services

Presentation transcript:

SMash : Secure Component Model for Cross- Domain Mashups on Unmodified Browsers WWW 2008 Frederik De Keukelaere et al. Presenter : SJ Park

Table of Contents  Introduction  Problems  Secure Component Model  Solution Overview  Solution Details  Performance Evaluation  Summary 2

Mashups 3  Definition  Applications which mix and merge content coming from different content providers  Interface  Public interface like API  Web feeds like RSS  Example  Use of used car data from Google Maps to add additional information  News aggregation  Many companies, such as eBay, Google, and so on, provide API for mashup application. Introduction (1/2)

Mashup Example 4 Introduction (2/2)

Problems 5  Security  No mechanism to protect contents from other provider’s script  Requiring a sound security foundation protecting the interests of the various involved parities  Browser Limitation  Content from different origins can not interact with each other.  Current solutions are proxy server and tag.

Model 6  Component  Frame for a content  Port  Types of input and output  Event hub  A publish/subscribe system with many-to-many channels  Communication channel Secure Component Model (1/3)

Security Requirement 7  The DOM tree of each component is totally isolated from other components.  The JavaScript namespace is completely isolated from other components  Components can be loaded directly from the component provider.  Inter-component communication is secure.  Component loading and unloading is completely under the control of the mashup application. Secure Component Model (2/3)

Implementation Background 8  Document Object Model(DOM)  Unit to represent an HTML document loaded in a browser  domain  DOM’s property which is the hostname of the server  Numeric IP address or DNS domain name  location  DOM’s property that represents the URL of the document  Change of fragment ID doesn’t cause a web page reloading.  ex)  tag  A document with domain and location attributes  Frame can embed sub-frames, forming a frame hierarchy.  Even if frames are from different domains, a frame can write the location property of any frame in the same frame hierarchy, regardless of origin. Secure Component Model (3/3)

Figure : Isolated Components 9 Solution Overview (1/2)

Key Features 10  Component isolation  using tag  Component-mashup communication link  Using fragment identifier of the location property of the iframe  Based on observation that parent can write to the child’s location property  Link security  Link security is guaranteed with frame hierarchy.  Link integrity is guaranteed with a shared secret token.  Protection from frame-phishing  Navigating a component away from it’s URL to another  To protect it, using event handlers, timeouts, and communication using the tunnel iframe Solution Overview (2/2)

Figure : Layered Communication Stack 11 Solution Details (1/4)

Layers 12  Event hub layer  Loading and unloading components  Creating and deleting channels  Wiring the ports of the components to channels  Event communication layer  Composing the messages used to multiplex the multiple component ports on a single link  Fragment communication layer  Layer aware of the use of fragment IDs to communicate between components and the mashup application  Possible to employ another communication mechanism Solution Details (2/4)

Fragment Communication and Link Integrity 13  Fragment Communication  Long messages have to be split into segments because of the URL length limitation.  Using periodic timer to read a message  Process  Component writes a message to the fragment ID in the tunnel’s location property.  Component has to wait until the previous message has been read by tunnel.  When the tunnel has read the previous message, it sends ack message.  Link Integrity  Malicious component can modify the location property.  In each message, it embeds a shared secret to authenticate a component. Solution Details (3/4)

Protection from Frame Phishing 14  Using a combination of onunload handler, timeouts, and communication using tunnel iframe  In case of being replaced by attacker  Component’s onunload handler is invoked.  However, there is no guarantee that communication will success before the unload complete.  Instead, using the tunnel’s onunload handler. (Java script function call)  In case of being replaced before the tunnel iframe is load  Setting a timeout in the mashup application  If this timeout expires, an application specific error handler is called. Solution Details (4/4)

Metrics 15  Event Rate  Sustainable maximum event rate  Data Throughput  Maximum rate in KB/sec  Transfer l MB data from the mashup application to components  Component Load Latency  Latency to load a component and setup the communication link between mashup app and component Performance Evaluation (1/4)

Event Rate 16 Performance Evaluation (2/4)

Data Throughput 17 Performance Evaluation (3/4)

Component Load Latency 18 Performance Evaluation (4/4)

Summary 19  Use browser's same-origin policy to enforce isolation of providers' content  Implement a robust message-passing system based on setting fragment identifiers  Be resilient to attacks such as channel spying, message forging, and frame-phishing