Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WWW
2008
ACM
2008
ACM
SMash: secure component model for cross-domain mashups on unmodified browsers
Mashup applications mix and merge content (data and code) from multiple content providers in a user's browser, to provide high-value web applications that can rival the user experience provided by desktop applications. Current browser security models were not designed to support such applications and they are therefore implemented with insecure workarounds. In this paper, we present a secure component model, where components are provided by different trust domains, and can interact using a communication abstraction that allows ease of specification of a security policy. We have developed an implementation of this model that works currently in all major browsers, and addresses challenges of communication integrity and frame-phishing. An evaluation of the performance of our implementation shows that this approach is not just feasible but also practical. Categories and Subject Descriptors: D.2.0 [General]: Protection mechanisms, D.2.11 [Software Architectures]: Information hiding, d...
Real-time TrafficBrowser Security Models | Domain-specific General Terms | Internet Technology | Mashup Applications Mix | WWW 2008 |
| Added | 21 Nov 2009 |
| Updated | 21 Nov 2009 |
| Type | Conference |
| Year | 2008 |
| Where | WWW |
| Authors | Frederik De Keukelaere, Sumeer Bhola, Michael Steiner, Suresh Chari, Sachiko Yoshihama |
Comments (0)
Researcher Info
|
