Presentation is loading. Please wait.

Presentation is loading. Please wait.

User Interface Toolkit Mechanisms For Securing Interface Elements Franziska Roesner, James Fogarty, Tadayoshi Kohno Computer Science & Engineering DUB.

Published byLouisa Long Modified over 9 years ago

Similar presentations

Presentation on theme: "User Interface Toolkit Mechanisms For Securing Interface Elements Franziska Roesner, James Fogarty, Tadayoshi Kohno Computer Science & Engineering DUB."— Presentation transcript:

1 User Interface Toolkit Mechanisms For Securing Interface Elements Franziska Roesner, James Fogarty, Tadayoshi Kohno Computer Science & Engineering DUB Group, Security & Privacy Research Lab University of Washington

2 Like us on Facebook! User Interface Toolkits Ease interface design and implementation. Provide developers with flexibility and expressivity. Assumption: Developers have full control of an interface. New Challenge: Modern interfaces include elements implemented by different developers. Ad from ad library Social button from Facebook library 2 Map from Google library

3 Like us on Facebook! Attack #1: Programmatic Click Fraud 3 Ad Server App Developer User Click Programmatic Click

4 Like us on Facebook! Attack #2: Size Manipulation 4 Android requires applications to display a camera preview in order to take a photo. 1 pixel X 1 pixel camera preview

5 Attack #3: Eavesdropping 5 NEW! Login with your Google account! Interface Layout Tree Background {App} LoginBox {Google} Text {App} Interface Layout Tree Background {App} LoginBox {Google} Text {App} Terminology: Code from different developers is in different trust groups.

6 Interface Layout Tree Background {App} LoginBox {Google} Text {App} Attack #3: Eavesdropping 6 App Developer p@ssw0rd NEW! Login with your Google account! ********

7 Like us on Facebook! Attack #4: Display Takeover 7 Widget parent = adWidget.getParent(); parent.removeChildren(); parent.addChild(fullScreenAd); Ad Library Code

8 An Opportunity for Toolkits These vulnerabilities are in the user interface. Existing solutions come at the expense of interface usability and flexibility. 8 Addressing these vulnerabilities in the user interface toolkit provides better security and enables new interfaces.

9 Desired Security Properties 1.Display Integrity 2.Input Integrity 3.Intent Integrity 4.Data Isolation 5.UI-to-API Links 9

10 Desired Security Properties 1.Display Integrity 2.Input Integrity 3.Intent Integrity 4.Data Isolation 5.UI-to-API Links 10

11 Desired Security Properties 1.Display Integrity 2.Input Integrity 3.Intent Integrity 4.Data Isolation 5.UI-to-API Links 11 Protect the display of interface elements across trust groups. Like us on Facebook! Recall the attacks: Size Manipulation Display Takeover

12 Recall the attack: Programmatic Click Fraud Like us on Facebook! Desired Security Properties 1.Display Integrity 2.Input Integrity 3.Intent Integrity 4.Data Isolation 5.UI-to-API Links 12 Prevent programmatic interaction with interface elements across trust groups.

13 Desired Security Properties 1.Display Integrity 2.Input Integrity 3.Intent Integrity 4.Data Isolation 5.UI-to-API Links 13 Protect displayed content and input across trust groups. Recall the attack: Eavesdropping NEW! Login with your Google account!

14 Architecting a Toolkit for Security 14 Techniques: Isolating trust groups Interface layout tree invariants Model-level event listeners Composition across trust groups Flexible feedback (for drag-and-drop, lenses) Goals: (1) Achieve our desired security properties. (2) Maintain usability and developer flexibility.

15 Architecting a Toolkit for Security 15 Techniques: Isolating trust groups Interface layout tree invariants Model-level event listeners Composition across trust groups Flexible feedback (for drag-and-drop, lenses) Goals: (1) Achieve our desired security properties. (2) Maintain usability and developer flexibility.

16 Interface Layout Tree Vulnerabilities 16 (1) Insecure Layout: Parent elements can manipulate the layout of the child elements. Recall the attack: Size Manipulation Size Request Problem: In a traditional layout tree, there is no guarantee of a trusted path to every node.

17 Interface Layout Tree Vulnerabilities 17 Input Events (2) Insecure Input: Parents can eavesdrop on or modify events intended for children. Recall the attack: Eavesdropping NEW! Login with your Google account! Problem: In a traditional layout tree, there is no guarantee of a trusted path to every node.

18 Interface Layout Tree Invariants Solution: Introduce new invariants: 1.The root node of an application’s layout tree must be a system node. 2.Only system nodes may have children of a different trust group. 18 system Input Events Size Request system

19 Interface Layout Tree Invariants How to do visual embedding? 19 Solution: Introduce a system-trusted proxy node into the layout tree. The proxy node is introduced automatically and can be transparent to the developer. NEW! Login with your Google account! Background {App} LoginBo x {Google} Text {App} Proxy {System} Root {System} Background {App} LoginBox {Google} Text {App} Root {System}

20 More in the paper! Techniques for flexibility – Exposing model-level APIs across trust groups – Composing trust groups in one interface element – Supporting feedback (drag-and-drop, lenses) 20 NEW! Login with your Google account! Prototype implementations for Android and a web browser Login token Like us on Facebook!

21 Conclusion Questions for future work and discussions: – What are appropriate defaults for access to APIs across trust groups? – What new interfaces will a secure toolkit enable? 21 A security-aware toolkit architecture can achieve security properties while maintaining developer flexibility.

22 User Interface Toolkit Mechanisms For Securing Interface Elements Franziska Roesner, James Fogarty, Tadayoshi Kohno Computer Science & Engineering DUB Group, Security & Privacy Research Lab University of Washington franzi@cs.washington.edu This work was supported by the NSF under Graduate Research Fellowship award DGE-0718124 as well as awards CNS-0846065 and IIS-1053868.

Download ppt "User Interface Toolkit Mechanisms For Securing Interface Elements Franziska Roesner, James Fogarty, Tadayoshi Kohno Computer Science & Engineering DUB."

Similar presentations

PCT303 – Content Publishing in SharePoint Eugene Rosenfeld Black Blade Associates

PCT303 – Content Publishing in SharePoint Eugene Rosenfeld Black Blade Associates
Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.

Presented by Vaibhav Rastogi. Current browsers try to separate host system from Web Websites evolved into web applications Lot of private data on the.
Android UserInterfaces Nasrullah Niazi. overView All user interface elements in an Android app are built using View and ViewGroup objects. A View is an.

Android UserInterfaces Nasrullah Niazi. overView All user interface elements in an Android app are built using View and ViewGroup objects. A View is an.
Syracuse University, New York, USA

Syracuse University, New York, USA
User-Driven Access Control Rethinking Permission Granting in Modern OSes Franziska Roesner, Tadayoshi Kohno University of Washington Alexander Moshchuk,

User-Driven Access Control Rethinking Permission Granting in Modern OSes Franziska Roesner, Tadayoshi Kohno University of Washington Alexander Moshchuk,
An Application Package Configuration Approach to Mitigating Android SSL Vulnerabilities Vasant Tendulkar NC State University William.

An Application Package Configuration Approach to Mitigating Android SSL Vulnerabilities Vasant Tendulkar NC State University William.
CS 443 Advanced OS Fabián E. Bustamante, Spring 2005 Resource Containers: A new Facility for Resource Management in Server Systems G. Banga, P. Druschel,

CS 443 Advanced OS Fabián E. Bustamante, Spring 2005 Resource Containers: A new Facility for Resource Management in Server Systems G. Banga, P. Druschel,
Université catholique de Louvain (UCL) Belgian Laboratory of Computer-Human Interaction (BCHI) Place des Doyens, 1 B-1348 Louvain-la-Neuve (Belgium) Presented.

Université catholique de Louvain (UCL) Belgian Laboratory of Computer-Human Interaction (BCHI) Place des Doyens, 1 B-1348 Louvain-la-Neuve (Belgium) Presented.
Smartphone Apps Development Team Weiqing Li Lijun Zhu Man Li.

Smartphone Apps Development Team Weiqing Li Lijun Zhu Man Li.
An Evaluation of the Google Chrome Extension Security Architecture

An Evaluation of the Google Chrome Extension Security Architecture
W alkie Doggie is a web application that allows dog owners to help each other with their dog walks. It’s main feature is the walkies, which are the user’s.

W alkie Doggie is a web application that allows dog owners to help each other with their dog walks. It’s main feature is the walkies, which are the user’s.
10/20/2009 Loomi Liao.  The problems  Some anti-phishing solutions  The Web Wallet solutions  The Web Wallet User Interface  User study  Discussion.

10/20/2009 Loomi Liao.  The problems  Some anti-phishing solutions  The Web Wallet solutions  The Web Wallet User Interface  User study  Discussion.
Electrical and Computer Engineering Vitaly Gordievsky Alex Trefonas Scott Richard Matt Beckford Final Project Review.

Electrical and Computer Engineering Vitaly Gordievsky Alex Trefonas Scott Richard Matt Beckford Final Project Review.
Graphical User Interface (GUI) Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.

Graphical User Interface (GUI) Nelson Padua-Perez Chau-Wen Tseng Department of Computer Science University of Maryland, College Park.
Web Page Behavior IS 373—Web Standards Todd Will.

Web Page Behavior IS 373—Web Standards Todd Will.
Interpret Application Specifications

Interpret Application Specifications
Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 5 Administering File Resources.
Stanford hci group / cs376 research topics in human-computer interaction I/O Toolkits Scott Klemmer 29 November 2005.

Stanford hci group / cs376 research topics in human-computer interaction I/O Toolkits Scott Klemmer 29 November 2005.
By: Jeremy Smith.  Introduction  Droid Draw  Add XML file  Layouts  LinearLayout  RelativeLayout  Objects  Notifications  Toast  Status Bar.

By: Jeremy Smith.  Introduction  Droid Draw  Add XML file  Layouts  LinearLayout  RelativeLayout  Objects  Notifications  Toast  Status Bar.
Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.

Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.

Similar presentations

Ads by Google