Mashups mix and merge content (data and code) from multiple content providers in a user’s browser, to provide high-value web applications that can rival the user experience provided by desktop applications. The existing browser security model was not designed for supporting such applications, and therefore they are typically implemented in an insecure manner. In this paper, we present a secure component model, where components are provided by different trust domains, and can interact using a communication abstraction that allows ease of specification of security policy. We have developed an implementation of this model that works for all major current browsers, and addresses challenges of communication integrity and component phishing. To the best of our knowledge, this is the first work that achieves the goal of secure mashups without any modifications to current browsers, and hence has the potential to achieve immediate and widespread adoption.
[1]
Helen J. Wang,et al.
Subspace: secure cross-domain communication for web mashups
,
2007,
WWW '07.
[2]
Ajay Chander,et al.
JavaScript instrumentation for browser security
,
2007,
POPL '07.
[3]
Helen J. Wang,et al.
BrowserShield: vulnerability-driven filtering of dynamic HTML
,
2006,
OSDI '06.
[4]
Jerome H. Saltzer,et al.
The protection of information in computer systems
,
1975,
Proc. IEEE.
[5]
Joe Marini,et al.
Document Object Model
,
2002,
Encyclopedia of GIS.
[6]
Helen J. Wang,et al.
MashupOS: Operating System Abstractions for Client Mashups
,
2007,
HotOS.
[7]
Douglas Crockford,et al.
The application/json Media Type for JavaScript Object Notation (JSON)
,
2006,
RFC.
[8]
Mashup Component Isolation via Server-Side Analysis and Instrumentation
,
2007
.