SafeJS: Hermetic Sandboxing for JavaScript
Document type :
Rapport de recherche
Title :
SafeJS: Hermetic Sandboxing for JavaScript
Author(s) :
Cassou, Damien [Auteur]
Laboratoire d'Informatique Fondamentale de Lille [LIFL]
Analyses and Languages Constructs for Object-Oriented Application Evolution [RMOD]
Ducasse, Stephane [Auteur]
Analyses and Languages Constructs for Object-Oriented Application Evolution [RMOD]
Petton, Nicolas [Auteur]
Analyses and Languages Constructs for Object-Oriented Application Evolution [RMOD]

Laboratoire d'Informatique Fondamentale de Lille [LIFL]
Analyses and Languages Constructs for Object-Oriented Application Evolution [RMOD]
Ducasse, Stephane [Auteur]

Analyses and Languages Constructs for Object-Oriented Application Evolution [RMOD]
Petton, Nicolas [Auteur]
Analyses and Languages Constructs for Object-Oriented Application Evolution [RMOD]
Publication date :
2013-09-16
English keyword(s) :
sandboxing
javascript
web worker
DOM
isolation
javascript
web worker
DOM
isolation
HAL domain(s) :
Informatique [cs]/Langage de programmation [cs.PL]
Informatique [cs]/Web
Informatique [cs]/Cryptographie et sécurité [cs.CR]
Informatique [cs]/Web
Informatique [cs]/Cryptographie et sécurité [cs.CR]
English abstract : [en]
Isolating programs is an important mechanism to support more secure applications. Isolating program in dynamic languages such as JavaScript is even more challenging since reflective operations can circumvent simple mechanisms ...
Show more >Isolating programs is an important mechanism to support more secure applications. Isolating program in dynamic languages such as JavaScript is even more challenging since reflective operations can circumvent simple mechanisms that could protect program parts. In this article we present SafeJS, an approach and implementation that offers isolation based on separate sandboxes and control of information exchanged between them. In SafeJS, sandboxes based on web workers do not share any data. Data exchanged between sandboxes is solely based on strings. Using different policies, this infrastructure supports the isolation of the different scripts that usually populate web pages. A foreign component cannot modify the main DOM tree in unexpected manner. Our SafeJS implementation is currently being used in an industrial setting in the context of the Resilience FUI 12 project.Show less >
Show more >Isolating programs is an important mechanism to support more secure applications. Isolating program in dynamic languages such as JavaScript is even more challenging since reflective operations can circumvent simple mechanisms that could protect program parts. In this article we present SafeJS, an approach and implementation that offers isolation based on separate sandboxes and control of information exchanged between them. In SafeJS, sandboxes based on web workers do not share any data. Data exchanged between sandboxes is solely based on strings. Using different policies, this infrastructure supports the isolation of the different scripts that usually populate web pages. A foreign component cannot modify the main DOM tree in unexpected manner. Our SafeJS implementation is currently being used in an industrial setting in the context of the Resilience FUI 12 project.Show less >
Language :
Anglais
Collections :
Source :
Files
- https://hal.inria.fr/hal-00862099/document
- Open access
- Access the document
- http://arxiv.org/pdf/1309.3914
- Open access
- Access the document
- https://hal.inria.fr/hal-00862099/document
- Open access
- Access the document
- https://hal.inria.fr/hal-00862099/document
- Open access
- Access the document
- document
- Open access
- Access the document
- main.pdf
- Open access
- Access the document
- 1309.3914
- Open access
- Access the document
- document
- Open access
- Access the document
- main.pdf
- Open access
- Access the document