Data-Confined HTML5 Applications View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2013

AUTHORS

Devdatta Akhawe , Frank Li , Warren He , Prateek Saxena , Dawn Song

ABSTRACT

Rich client-side applications written in HTML5 proliferate on diverse platforms, access sensitive data, and need to maintain data-confinement invariants. Applications currently enforce these invariants using implicit, ad-hoc mechanisms. We propose a new primitive called a data-confined sandbox or DCS. A DCS enables complete mediation of communication channels with a small TCB. Our primitive extends currently standardized primitives and has negligible performance overhead and a modest compatibility cost. We retrofit our design on four real-world HTML5 applications and demonstrate that a small amount of effort enables strong data-confinement guarantees. More... »

PAGES

736-754

Book

TITLE

Computer Security – ESORICS 2013

ISBN

978-3-642-40202-9
978-3-642-40203-6

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-642-40203-6_41

DOI

http://dx.doi.org/10.1007/978-3-642-40203-6_41

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1049483063


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0806", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information Systems", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "University of California, Berkeley, Berkeley, CA, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "University of California, Berkeley, Berkeley, CA, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Akhawe", 
        "givenName": "Devdatta", 
        "id": "sg:person.010626452425.17", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010626452425.17"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "University of California, Berkeley, Berkeley, CA, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "University of California, Berkeley, Berkeley, CA, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Li", 
        "givenName": "Frank", 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "University of California, Berkeley, Berkeley, CA, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "University of California, Berkeley, Berkeley, CA, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "He", 
        "givenName": "Warren", 
        "id": "sg:person.014411735025.19", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014411735025.19"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "National University of Singapore, Singapore", 
          "id": "http://www.grid.ac/institutes/grid.4280.e", 
          "name": [
            "National University of Singapore, Singapore"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Saxena", 
        "givenName": "Prateek", 
        "id": "sg:person.013754547627.79", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013754547627.79"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "University of California, Berkeley, Berkeley, CA, USA", 
          "id": "http://www.grid.ac/institutes/grid.47840.3f", 
          "name": [
            "University of California, Berkeley, Berkeley, CA, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Song", 
        "givenName": "Dawn", 
        "id": "sg:person.01143152610.86", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01143152610.86"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2013", 
    "datePublishedReg": "2013-01-01", 
    "description": "Rich client-side applications written in HTML5 proliferate on diverse platforms, access sensitive data, and need to maintain data-confinement invariants. Applications currently enforce these invariants using implicit, ad-hoc mechanisms. We propose a new primitive called a data-confined sandbox or DCS. A DCS enables complete mediation of communication channels with a small TCB. Our primitive extends currently standardized primitives and has negligible performance overhead and a modest compatibility cost. We retrofit our design on four real-world HTML5 applications and demonstrate that a small amount of effort enables strong data-confinement guarantees.", 
    "editor": [
      {
        "familyName": "Crampton", 
        "givenName": "Jason", 
        "type": "Person"
      }, 
      {
        "familyName": "Jajodia", 
        "givenName": "Sushil", 
        "type": "Person"
      }, 
      {
        "familyName": "Mayes", 
        "givenName": "Keith", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-642-40203-6_41", 
    "inLanguage": "en", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-642-40202-9", 
        "978-3-642-40203-6"
      ], 
      "name": "Computer Security \u2013 ESORICS 2013", 
      "type": "Book"
    }, 
    "keywords": [
      "HTML5 applications", 
      "client-side applications", 
      "small TCB", 
      "sensitive data", 
      "new primitive", 
      "negligible performance", 
      "compatibility costs", 
      "diverse platforms", 
      "communication channels", 
      "primitives", 
      "HTML5", 
      "applications", 
      "complete mediation", 
      "sandbox", 
      "guarantees", 
      "platform", 
      "AD", 
      "DCS", 
      "invariants", 
      "data", 
      "performance", 
      "cost", 
      "design", 
      "TCB", 
      "efforts", 
      "channels", 
      "amount", 
      "small amount", 
      "mechanism", 
      "mediation"
    ], 
    "name": "Data-Confined HTML5 Applications", 
    "pagination": "736-754", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1049483063"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-642-40203-6_41"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-642-40203-6_41", 
      "https://app.dimensions.ai/details/publication/pub.1049483063"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-10T10:55", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220509/entities/gbq_results/chapter/chapter_64.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-642-40203-6_41"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-40203-6_41'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-40203-6_41'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-40203-6_41'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-642-40203-6_41'


 

This table displays all metadata directly associated to this object as RDF triples.

130 TRIPLES      23 PREDICATES      56 URIs      49 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-642-40203-6_41 schema:about anzsrc-for:08
2 anzsrc-for:0806
3 schema:author N6d2147d96d134f3d9469de34284c1aff
4 schema:datePublished 2013
5 schema:datePublishedReg 2013-01-01
6 schema:description Rich client-side applications written in HTML5 proliferate on diverse platforms, access sensitive data, and need to maintain data-confinement invariants. Applications currently enforce these invariants using implicit, ad-hoc mechanisms. We propose a new primitive called a data-confined sandbox or DCS. A DCS enables complete mediation of communication channels with a small TCB. Our primitive extends currently standardized primitives and has negligible performance overhead and a modest compatibility cost. We retrofit our design on four real-world HTML5 applications and demonstrate that a small amount of effort enables strong data-confinement guarantees.
7 schema:editor N0e3b95bea8754400bd3a839fe0c37f8e
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree false
11 schema:isPartOf Nf5326569847c405ea4eca275d0cb18f4
12 schema:keywords AD
13 DCS
14 HTML5
15 HTML5 applications
16 TCB
17 amount
18 applications
19 channels
20 client-side applications
21 communication channels
22 compatibility costs
23 complete mediation
24 cost
25 data
26 design
27 diverse platforms
28 efforts
29 guarantees
30 invariants
31 mechanism
32 mediation
33 negligible performance
34 new primitive
35 performance
36 platform
37 primitives
38 sandbox
39 sensitive data
40 small TCB
41 small amount
42 schema:name Data-Confined HTML5 Applications
43 schema:pagination 736-754
44 schema:productId N9f57444c97d04261a8a3ecb37be0a131
45 Nbb411aeff79044969eeeecd71ebac3e6
46 schema:publisher N682dd9cca7024017a9ea848bc116b0b0
47 schema:sameAs https://app.dimensions.ai/details/publication/pub.1049483063
48 https://doi.org/10.1007/978-3-642-40203-6_41
49 schema:sdDatePublished 2022-05-10T10:55
50 schema:sdLicense https://scigraph.springernature.com/explorer/license/
51 schema:sdPublisher N898ce0694fbd43a79a4a7fbc1d89ab2f
52 schema:url https://doi.org/10.1007/978-3-642-40203-6_41
53 sgo:license sg:explorer/license/
54 sgo:sdDataset chapters
55 rdf:type schema:Chapter
56 N012e93b926e24af3ad1ed34b5f5c783b schema:familyName Mayes
57 schema:givenName Keith
58 rdf:type schema:Person
59 N03849ffd9b0e4851839c98b1bc04db81 schema:affiliation grid-institutes:grid.47840.3f
60 schema:familyName Li
61 schema:givenName Frank
62 rdf:type schema:Person
63 N0cd982beb83f4b218d41957e771d2ed9 rdf:first sg:person.014411735025.19
64 rdf:rest N5779897c12ae4f689552ec2158d586d4
65 N0e3b95bea8754400bd3a839fe0c37f8e rdf:first N412351584c9c48b087b3bb7e957a32d0
66 rdf:rest N4b257f684c7b4db5a37bb8af591fc3d9
67 N288296b7ef5c4c109c2f6fcc55b6f181 rdf:first N012e93b926e24af3ad1ed34b5f5c783b
68 rdf:rest rdf:nil
69 N412351584c9c48b087b3bb7e957a32d0 schema:familyName Crampton
70 schema:givenName Jason
71 rdf:type schema:Person
72 N4b257f684c7b4db5a37bb8af591fc3d9 rdf:first N9826eb5b1e3b48409958747b121e043b
73 rdf:rest N288296b7ef5c4c109c2f6fcc55b6f181
74 N5779897c12ae4f689552ec2158d586d4 rdf:first sg:person.013754547627.79
75 rdf:rest Ne03393f5c3d043f78a1f1c62288bdb2d
76 N67ca02b798a24f1ca1c431af438249e0 rdf:first N03849ffd9b0e4851839c98b1bc04db81
77 rdf:rest N0cd982beb83f4b218d41957e771d2ed9
78 N682dd9cca7024017a9ea848bc116b0b0 schema:name Springer Nature
79 rdf:type schema:Organisation
80 N6d2147d96d134f3d9469de34284c1aff rdf:first sg:person.010626452425.17
81 rdf:rest N67ca02b798a24f1ca1c431af438249e0
82 N898ce0694fbd43a79a4a7fbc1d89ab2f schema:name Springer Nature - SN SciGraph project
83 rdf:type schema:Organization
84 N9826eb5b1e3b48409958747b121e043b schema:familyName Jajodia
85 schema:givenName Sushil
86 rdf:type schema:Person
87 N9f57444c97d04261a8a3ecb37be0a131 schema:name doi
88 schema:value 10.1007/978-3-642-40203-6_41
89 rdf:type schema:PropertyValue
90 Nbb411aeff79044969eeeecd71ebac3e6 schema:name dimensions_id
91 schema:value pub.1049483063
92 rdf:type schema:PropertyValue
93 Ne03393f5c3d043f78a1f1c62288bdb2d rdf:first sg:person.01143152610.86
94 rdf:rest rdf:nil
95 Nf5326569847c405ea4eca275d0cb18f4 schema:isbn 978-3-642-40202-9
96 978-3-642-40203-6
97 schema:name Computer Security – ESORICS 2013
98 rdf:type schema:Book
99 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
100 schema:name Information and Computing Sciences
101 rdf:type schema:DefinedTerm
102 anzsrc-for:0806 schema:inDefinedTermSet anzsrc-for:
103 schema:name Information Systems
104 rdf:type schema:DefinedTerm
105 sg:person.010626452425.17 schema:affiliation grid-institutes:grid.47840.3f
106 schema:familyName Akhawe
107 schema:givenName Devdatta
108 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.010626452425.17
109 rdf:type schema:Person
110 sg:person.01143152610.86 schema:affiliation grid-institutes:grid.47840.3f
111 schema:familyName Song
112 schema:givenName Dawn
113 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01143152610.86
114 rdf:type schema:Person
115 sg:person.013754547627.79 schema:affiliation grid-institutes:grid.4280.e
116 schema:familyName Saxena
117 schema:givenName Prateek
118 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013754547627.79
119 rdf:type schema:Person
120 sg:person.014411735025.19 schema:affiliation grid-institutes:grid.47840.3f
121 schema:familyName He
122 schema:givenName Warren
123 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014411735025.19
124 rdf:type schema:Person
125 grid-institutes:grid.4280.e schema:alternateName National University of Singapore, Singapore
126 schema:name National University of Singapore, Singapore
127 rdf:type schema:Organization
128 grid-institutes:grid.47840.3f schema:alternateName University of California, Berkeley, Berkeley, CA, USA
129 schema:name University of California, Berkeley, Berkeley, CA, USA
130 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...