you can t touch this
play

You Cant Touch This WG2.8 meeting 2012 Albert-Ludwigs-Universit at - PowerPoint PPT Presentation

Feb 06, 2024 •288 likes •591 views

You Cant Touch This WG2.8 meeting 2012 Albert-Ludwigs-Universit at Freiburg Peter Thiemann Manuel Geffken Phillip Heidegger University of Freiburg thiemann@informatik.uni-freiburg.de 07 November 2012 Motivation 92% of all websites

  1. You Can’t Touch This WG2.8 meeting 2012 Albert-Ludwigs-Universit¨ at Freiburg Peter Thiemann Manuel Geffken Phillip Heidegger University of Freiburg thiemann@informatik.uni-freiburg.de 07 November 2012

  2. Motivation 92% of all websites use JavaScript according to: http://w3techs.com/ , 30/09/12 Thiemann You Can’t Touch This 07/11/12 2 / 20

  3. Thesis The Full Employment Theorem for Research on JavaScript There will always be another JavaScript feature Thiemann You Can’t Touch This 07/11/12 3 / 20

  4. Situation of a Web Programmer Thiemann You Can’t Touch This 07/11/12 4 / 20

  5. Situation of a Web Programmer Thiemann You Can’t Touch This 07/11/12 4 / 20

  6. Situation of a Web Programmer Thiemann You Can’t Touch This 07/11/12 4 / 20

  7. Situation of a Web Programmer Thiemann You Can’t Touch This 07/11/12 4 / 20

  8. Situation of a Web Programmer Thiemann You Can’t Touch This 07/11/12 4 / 20

  9. Visualization of the Code Mashup Mashup Mashup Base Application Thiemann You Can’t Touch This 07/11/12 5 / 20

  10. Visualization of the Code Mashup Mashup Mashup Base Application Thiemann You Can’t Touch This 07/11/12 6 / 20

  11. Visualization of the Code Mashup Mashup Mashup Base Application Thiemann You Can’t Touch This 07/11/12 7 / 20

  12. Visualization of the Code Mashup Mashup Mashup Base Application Thiemann You Can’t Touch This 07/11/12 8 / 20

  13. Problem (Mandatory) Access Control for Mashups No access to private data of the client No access to sensitive resources Thiemann You Can’t Touch This 07/11/12 9 / 20

  14. Problem (Mandatory) Access Control for Mashups No access to private data of the client No access to sensitive resources What is Needed? Demarcation between trusted and untrusted code Mashup-specific access-control policies Enforcement of these policies Thiemann You Can’t Touch This 07/11/12 9 / 20

  15. Observation In JavaScript, every resource is controlled by reading or writing a property in scope. Examples document.location , document.cookie , . . . document.write() , . . . window.onload , window.onkeypress , . . . window.alert() , window.open() , . . . node.data , node.innerHtml , . . . myData.contacts.JohnDoe.email , . . . Thiemann You Can’t Touch This 07/11/12 10 / 20

  16. Controlling Access to Properties is Key! Access Permissions — sets of object references Perm (document , "location|cookie|write "); Perm (window , "/on .*/"); Perm (window , "alert|open "); Perm (document.documentElement , "*./ data|innerHtml /"); Perm (myData , "*. email "); Thiemann You Can’t Touch This 07/11/12 11 / 20

  17. Controlling Access to Properties is Key! Access Permissions — sets of object references Perm (document , "location|cookie|write "); Perm (window , "/on .*/"); Perm (window , "alert|open "); Perm (document.documentElement , "*./ data|innerHtml /"); Perm (myData , "*. email "); Building blocks ::= Perm ( e , path ) anchored path set p | p ∪ p | p ∩ p | ¬ p boolean operations | Ω universal permission Thiemann You Can’t Touch This 07/11/12 11 / 20

  18. Enforcing Restrictions Enforcing Restrictions ENFORCE( Deny (Perm (...) , Perm (...)) , function () { // scope of enforcement }); Thiemann You Can’t Touch This 07/11/12 12 / 20

  19. Alternative: Permitted Accesses Access Permissions /* constructor for person */ function Person(nick , pass , mail) { this.nickname = nick; this.password = pass; this.email = mail; } function base_functionality () { var p = new Person (" honda", "t243v3r", "mh@t2.com "); ... ENFORCE( Allow (Perm (p, "nickname ")), function () { mashup1 (p); }); ... var out = document. getElementById (" for_mashup "); ENFORCE( Allow (Perm (out , "*")) , function () { mashup2 (out, ...); }); } Thiemann You Can’t Touch This 07/11/12 13 / 20

  20. Discussion: Scope of Enforcement function mash(x, my) { ... my.secret ... } var r = ENFORCE( Deny(my , "secret "), function () { mash(x, my); }); Thiemann You Can’t Touch This 07/11/12 14 / 20

  21. Discussion: Scope of Enforcement function mash(x, my) { Lexical Scope ... my.secret ... Restriction applies only to } subphrases of mash(x, my) var r = ENFORCE( Does not impose proper Deny(my , "secret "), demarcation : function () { untrusted body of mash mash(x, my); runs without restriction. }); Thiemann You Can’t Touch This 07/11/12 14 / 20

  22. Discussion: Scope of Enforcement function mash(x, my) { Dynamic Scope ... my.secret ... Restriction applies } throughout execution of var r = ENFORCE( mash . Deny(my , "secret "), Semantics of access function () { permission contracts mash(x, my); [POPL2012] }); Thiemann You Can’t Touch This 07/11/12 15 / 20

  23. Discussion: Scope of Enforcement function mash(x, my) { Dynamic Scope return function() { Restriction applies ... my.secret ... throughout execution of } mash . } Semantics of access permission contracts var r = ENFORCE( Deny(my , "secret "), [POPL2012] function () { Does not impose proper mash(x, my); demarcation : }); If the untrusted mash returned a function, then r();// may access my.secret r() , i.e., code produced by mash , would run without restriction. Thiemann You Can’t Touch This 07/11/12 15 / 20

  24. Discussion: Scope of Enforcement function mash(x, my) { Wrapper Semantics return function() { The restriction applies to ... my.secret ... the execution of } mash(x, y) and to all } functions and objects produced by it, recursively. var r = ENFORCE( If mash(x, y) returns a Deny(my , "secret "), function () { function, then the function mash(x, my); call r() runs with (at least) the same restriction as }); mash . r(); Fits the requirements. // no access to my.secret Thiemann You Can’t Touch This 07/11/12 16 / 20

  25. Discussion: Scope of Enforcement function Wrapper Semantics for mash(x, my) { ... x() ... Higher-Order Functions } Suppose x is a function, var r = ENFORCE( which is called in mash ’s Deny(my , "secret "), body. function () { Which restriction applies to mash(x, my); the execution of x(...) ? }); Choice#1 (system call): // @syscall x ’s creation-time restriction function x() { ... my.secret ... } Thiemann You Can’t Touch This 07/11/12 17 / 20

  26. Discussion: Scope of Enforcement function Wrapper Semantics for mash(x, my) { Higher-Order Functions ... x()... } Suppose x is a function, var r = ENFORCE( which is called in mash ’s Deny(my , "secret "), body. function () { Which restriction applies to mash(x, my); the execution of x(...) ? }); Choice#1 (system call): x ’s creation-time restriction // @callback function x() { Choice#2 (callback): ... my.secret ... same plus the call-site’s } restriction Thiemann You Can’t Touch This 07/11/12 17 / 20

  27. Who Should Use Access Restrictions? Implementer of base application wants to restrict mashups to guarantee confidentiality of the end user’s data. Explicit. Instrumenting script tags. End user wants to restrict applications. Global restriction. Mapping: URL → restrictions. Mapping prepared by third party; might be too complicated / tedious for end user. Implementer of mashup provides access restrictions: run time can check compatibility before executing Thiemann You Can’t Touch This 07/11/12 18 / 20

  28. Project Status Formal, mechanized semantics Properties of the semantics Correctness of implementation Ongoing implementations in Rhino & Firefox Security application requires total interposition Only achievable in the JS engine (Thank you, eval & friends!) Corresponding gradual type system Thiemann You Can’t Touch This 07/11/12 19 / 20

  29. The End Questions? Thiemann You Can’t Touch This 07/11/12 20 / 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Hi Tech Hi Touch Hebrews 10:24-25 Consecrate: Hi Tech Hi Touch Hi Tech Hi Touch

Hi Tech Hi Touch Hebrews 10:24-25 Consecrate: Hi Tech Hi Touch Hi Tech Hi Touch

3/20/2018 Hi Tech Hi Touch Hebrews 10:24-25 Consecrate: Hi Tech Hi Touch Hi Tech Hi Touch Smart Phones to Make or declare Toys Tools A Terror? Tablets something sacred, Laptop Computers that is to purposefully

414 views • 7 slides
Touch Interaction and Touch Gestures Types of Touch All have very different interaction

Touch Interaction and Touch Gestures Types of Touch All have very different interaction

Touch Interaction and Touch Gestures Types of Touch All have very different interaction properties: l Single touch l Multitouch: multiple fingers on the same hand l Multihand: multiple fingers on different hands l

593 views • 58 slides
GRCCs In Touch Project Katie Lake In Touch Project Manager What is the In Touch project? * In

GRCCs In Touch Project Katie Lake In Touch Project Manager What is the In Touch project? * In

GRCCs In Touch Project Katie Lake In Touch Project Manager What is the In Touch project? * In Touch supports all health and social activities for people over the age of 50 who live in Gloucestershire. This is to improve health and wellbeing

474 views • 20 slides
Touch & Haptics Blind and deaf people have been using touch to substitute vision or hearing

Touch & Haptics Blind and deaf people have been using touch to substitute vision or hearing

1/26/2016 Touch & High Information Transfer Rate Touch & Haptics Blind and deaf people have been using touch to substitute vision or hearing for a very long time, and successfully. OPTACON Hong Z Tan Purdue University & 12

572 views • 8 slides
Touch Interfaces Multi-touch displays Input & interaction Mobile design 1 CS349 -- Touch

Touch Interfaces Multi-touch displays Input & interaction Mobile design 1 CS349 -- Touch

Touch Interfaces Multi-touch displays Input & interaction Mobile design 1 CS349 -- Touch Interfaces Touch Interfaces In this course, we have mostly discussed the development of computer interfaces that rely on standard input devices

552 views • 40 slides
Sales presentation Training contents 1. Why FR 30 TOUCH 2. FR 30 TOUCH platform 3. Basic

Sales presentation Training contents 1. Why FR 30 TOUCH 2. FR 30 TOUCH platform 3. Basic

Sales presentation Training contents 1. Why FR 30 TOUCH 2. FR 30 TOUCH platform 3. Basic specifications 4. Who uses this machine? 5. What does it best? 6. TOP FIVE FEATURES 7. Key selling points: - Preparing FR 30 TOUCH - Using FR

270 views • 23 slides
Mechanosensation Touch and tactile exploration Central Representation of Touch Vibration

Mechanosensation Touch and tactile exploration Central Representation of Touch Vibration

Mechanosensation Touch and tactile exploration Central Representation of Touch Vibration and pressure sensations; important for clinical testing Limb position sense Stereognosia: identify 3-D shapes of grasped objects John

261 views • 7 slides
Day 1: Play to connect and get in touch with what excites us and get in touch with what excites

Day 1: Play to connect and get in touch with what excites us and get in touch with what excites

Day 1: Play to connect and get in touch with what excites us and get in touch with what excites us With colla ges, paint & clay we b egan to seed the futur e. We spoke of many things and compacted them into the seed of Day 1 . Our

490 views • 12 slides
Single Touch Payroll Tax professional presentation What you need to know right now Single Touch

Single Touch Payroll Tax professional presentation What you need to know right now Single Touch

Single Touch Payroll Tax professional presentation What you need to know right now Single Touch Payroll is coming from 1 July 2018. If you report payroll and super information to the Australian Taxation Office (ATO) on behalf of clients with

398 views • 8 slides
XYZ Insurance Touch Point Evaluation Study 1 XYZ Insurance Touch Point Evaluation Study

XYZ Insurance Touch Point Evaluation Study 1 XYZ Insurance Touch Point Evaluation Study

XYZ Insurance Touch Point Evaluation Study 1 XYZ Insurance Touch Point Evaluation Study Presentation_V1 Performance - KPI Snapshot Zonal Split Overall North East West South Overall Experience 48% 12% 12% 12% 12% (Top 3 Box%) Likely

225 views • 10 slides
Keeping Out of Touch: The Role of High Touch Surfaces in Home and Community Settings and the

Keeping Out of Touch: The Role of High Touch Surfaces in Home and Community Settings and the

Keeping Out of Touch: The Role of High Touch Surfaces in Home and Community Settings and the Implications for Cleaning and Disinfection Elizabeth Scott Simmons College, Boston Simmons Center for Hygiene and Health in Home and Community.

474 views • 29 slides
Apples 3D-Touch Technology and its Impact on User Experience Nicolas Suarez-Canton Trueba

Apples 3D-Touch Technology and its Impact on User Experience Nicolas Suarez-Canton Trueba

Apples 3D-Touch Technology and its Impact on User Experience Nicolas Suarez-Canton Trueba Advisor: Chris Fernandes CSC-499 Winter 2017 3D-Touch Pressure sensitive touchscreen technology. Goal: evaluate the usefulness of 3D Touch

329 views • 14 slides
SAMBA TOUCH Machine Presentation HIGHLIGHTS 7 touch screen Electronic Tray Labels

SAMBA TOUCH Machine Presentation HIGHLIGHTS 7 touch screen Electronic Tray Labels

SAMBA TOUCH Machine Presentation HIGHLIGHTS 7 touch screen Electronic Tray Labels as standard Large capacity glass fronted machine with flexible layout Impressive capacity, with the ability to offer a wide range of

126 views • 11 slides
Single Touch Payroll Solution provider presentation What you need to know right now. Single

Single Touch Payroll Solution provider presentation What you need to know right now. Single

Single Touch Payroll Solution provider presentation What you need to know right now. Single Touch Payroll is coming and you will need to be ready by 1 July 2018. We understand you may need to talk to your clients about Single Touch Payroll. We

275 views • 10 slides
Commission: Out of touch, out of date, out of pocket April 2017 Commission: Out of touch, out of

Commission: Out of touch, out of date, out of pocket April 2017 Commission: Out of touch, out of

Commission: Out of touch, out of date, out of pocket April 2017 Commission: Out of touch, out of date, out of pocket | April 2017 1 Its a truth universally accepted House prices have soared by 253% in the last Michael Bruce, CEO,

204 views • 7 slides
62b Deep Tissue: Touch Assessment 62b Deep Tissue: Touch Assessment Class Outline Print

62b Deep Tissue: Touch Assessment 62b Deep Tissue: Touch Assessment Class Outline Print

62b Deep Tissue: Touch Assessment 62b Deep Tissue: Touch Assessment Class Outline Print out the Lesson Plan to see the timeline for this class. 62b Deep Tissue: Touch Assessment Class Reminders ABMP Exam Coach Access your ABMP

413 views • 7 slides
prosody in Ekegusii (Kisii) narratives Daniel W. Hieber Discourse Workshop University of

prosody in Ekegusii (Kisii) narratives Daniel W. Hieber Discourse Workshop University of

The cohesive function of prosody in Ekegusii (Kisii) narratives Daniel W. Hieber Discourse Workshop University of California, Santa Barbara Nov. 14, 2016 What is prosody? suprasegmental (Fox 2000) hierarchical phonological

695 views • 41 slides
Topography From the Andes Mts . and extended 2,500 miles down the pacific coast Major

Topography From the Andes Mts . and extended 2,500 miles down the pacific coast Major

Latin America Review Maya MesoAmerica 300 -900 C.E. (Middle America) - Bloody sacrifices to make gods happy . -Farmed and traded maize (corn) and cocoa. - Predicted end of the world-December 23, 2012 -Giant pyramid temples, picture system of

127 views • 9 slides
5G infrastructure Hiroaki Kamoda Director for Policy Planning, Cybersecurity Division G

5G infrastructure Hiroaki Kamoda Director for Policy Planning, Cybersecurity Division G

Towards the construction of reliable 5G infrastructure Hiroaki Kamoda Director for Policy Planning, Cybersecurity Division G infrastructure Cyber/Physical Security Framework (CPSF) 1 Risks from Cybersecurity Viewpoints in 5G

290 views • 24 slides
What is an inconsistent truth table? Zach Weber (University of Otago) NCM Prague - June 2015

What is an inconsistent truth table? Zach Weber (University of Otago) NCM Prague - June 2015

What is an inconsistent truth table? Zach Weber (University of Otago) NCM Prague - June 2015 Joint work with G Badia (Otago) and P Girard (Auckland) Introduction: Non-classical logic, top to bottom Elements of a (paraconsistent) metatheory

951 views • 84 slides
Citizen science and science communication Nico Pitrelli Sissa International School for

Citizen science and science communication Nico Pitrelli Sissa International School for

Citizen science and science communication Nico Pitrelli Sissa International School for Advanced Studies, Trieste Joint ICTP IAEA Workshop on Environmental Mapping: Mobilising Trust in Measurements and Engaging Scientific Citizenry ICTP,

479 views • 23 slides
EECS Seminars Developing Android Location-aware Apps Victor Matos Cleveland State University

EECS Seminars Developing Android Location-aware Apps Victor Matos Cleveland State University

Lesson 24 EECS Seminars Developing Android Location-aware Apps Victor Matos Cleveland State University Portions of this presentation are reproduced from work created and shared by Google and used according to terms described in the Creative

462 views • 33 slides
NSI Implementation Task Force GL IF T ec hnic al Wor king Gr oup Meeting Winter 2012

NSI Implementation Task Force GL IF T ec hnic al Wor king Gr oup Meeting Winter 2012

NSI Implementation Task Force GL IF T ec hnic al Wor king Gr oup Meeting Winter 2012 Baton Rouge, L A Inde r Mong a John Ma c Aule y 26/ 01/ 2012 1 GOAL OGF NSI Standards Best Practices/Impl. Agree. GL IF Prototype/Interop

200 views • 17 slides
INTRODUCTION TO GENETIC EPIDEMIOLOGY (EPID0754) Prof. Dr. Dr. K. Van Steen Introduction to

INTRODUCTION TO GENETIC EPIDEMIOLOGY (EPID0754) Prof. Dr. Dr. K. Van Steen Introduction to

INTRODUCTION TO GENETIC EPIDEMIOLOGY (EPID0754) Prof. Dr. Dr. K. Van Steen Introduction to Genetic Epidemiology CHAPTER 3: Different faces of genetic

1.34k views • 103 slides

More recommend