Skip to Main content Skip to Navigation
New interface
Conference papers

An Information Flow Monitor-Inlining Compiler for Securing a Core of JavaScript

José Fragoso Santos 1 Tamara Rezk 1 
1 INDES - Secure Diffuse Programming
CRISAM - Inria Sophia Antipolis - Méditerranée
Abstract : Web application designers and users alike are interested in isolation properties for trusted JavaScript code in order to prevent confi-dential resources from being leaked to untrusted parties. Noninterference provides the mathematical foundation for reasoning precisely about the information flows that take place during the execution of a program. Due to the dynamicity of the language, research on mechanisms for enforcing noninterference in JavaScript has mostly focused on dynamic approaches. We present the first information flow monitor inlining compiler for a re-alistic core of JavaScript. We prove that the proposed compiler enforces termination-insensitive noninterference and we provide an implementa-tion that illustrates its applicability.
Complete list of metadata

Cited literature [11 references]  Display  Hide  Download
Contributor : José Fragoso Santos Connect in order to contact the contributor
Submitted on : Tuesday, November 25, 2014 - 10:20:57 PM
Last modification on : Sunday, May 1, 2022 - 3:14:58 AM
Long-term archiving on: : Thursday, February 26, 2015 - 12:35:33 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



José Fragoso Santos, Tamara Rezk. An Information Flow Monitor-Inlining Compiler for Securing a Core of JavaScript. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakesh, Morocco. pp.278-292, ⟨10.1007/978-3-642-55415-5_23⟩. ⟨hal-01087374⟩



Record views


Files downloads