SafeJS: Hermetic Sandboxing for JavaScript

Abstract : Isolating programs is an important mechanism to support more secure applications. Isolating program in dynamic languages such as JavaScript is even more challenging since reflective operations can circumvent simple mechanisms that could protect program parts. In this article we present SafeJS, an approach and implementation that offers isolation based on separate sandboxes and control of information exchanged between them. In SafeJS, sandboxes based on web workers do not share any data. Data exchanged between sandboxes is solely based on strings. Using different policies, this infrastructure supports the isolation of the different scripts that usually populate web pages. A foreign component cannot modify the main DOM tree in unexpected manner. Our SafeJS implementation is currently being used in an industrial setting in the context of the Resilience FUI 12 project.
Liste complète des métadonnées

Littérature citée [6 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-00862099
Contributeur : Damien Cassou <>
Soumis le : lundi 16 septembre 2013 - 09:39:23
Dernière modification le : jeudi 11 janvier 2018 - 06:22:25
Document(s) archivé(s) le : vendredi 20 décembre 2013 - 13:41:06

Fichiers

main.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-00862099, version 1
  • ARXIV : 1309.3914

Collections

Citation

Damien Cassou, Stéphane Ducasse, Nicolas Petton. SafeJS: Hermetic Sandboxing for JavaScript. [Technical Report] 2013, pp.7. 〈hal-00862099〉

Partager

Métriques

Consultations de la notice

431

Téléchargements de fichiers

341