article

Secure web applications via automatic partitioning

Authors:

Andrew C. Myers,

Lantian Zheng, and

Xin ZhengAuthors Info & Claims

ACM SIGOPS Operating Systems Review, Volume 41, Issue 6

Pages 31 - 44

https://doi.org/10.1145/1323293.1294265

Published: 14 October 2007 Publication History

Abstract

Swift is a new, principled approach to building web applications that are secure by construction. In modern web applications, some application functionality is usually implemented as client-side code written in JavaScript. Moving code and data to the client can create security vulnerabilities, but currently there are no good methods for deciding when it is secure to do so. Swift automatically partitions application code while providing assurance that the resulting placement is secure and efficient. Application code is written as Java-like code annotated with information flow policies that specify the confidentiality and integrity of web application information. The compiler uses these policies to automatically partition the program into JavaScript code running in the browser, and Java code running on the server. To improve interactive performance, code and data are placed on the client side. However, security-critical code and data are always placed on the server. Code and data can also be replicated across the client and server, to obtain both security and performance. A max-flow algorithm is used to place code and data in a way that minimizes client-server communication.

Supplementary Material

index.html (index.html)

Slides from the presentation

Download
.97 KB

ZIP File (p31-slides.zip)

Supplemental material for Secure web applications via automatic partitioning

Download
23.96 MB

Audio only (1294265.mp3)

Download
13.18 MB

Video (1294265.mp4)

Download
182.24 MB

References

[1]

Hans Bergsten. JavaServer Pages. O'Reilly & Associates, Inc., 3rd edition, 2003.

Digital Library

[2]

Stephen Chong and Andrew C. Myers. Decentralized robustness. In Proc. 19th IEEE Computer Security Foundations Workshop, pages 242--253, July 2006.

Digital Library

[3]

Stephen Chong, K. Vikram, and Andrew C. Myers. SIF: Enforcing confidentiality and integrity in web applications. In Proc. 16th USENIX Security Symposium, August 2007.

Digital Library

[4]

Ezra Cooper, Sam Lindley, Philip Wadler, and Jeremy Yallop. Links: Web programming without tiers. In Proc. 5th International Symposium on Formal Methods for Components and Objects, November 2006.

Digital Library

[5]

Thomas A. Cormen, Charles E. Leiserson, and Ronald L. Rivest. Introduction to Algorithms. MIT Press, 1990.

Digital Library

[6]

Dorothy E. Denning and Peter J. Denning. Certification of programs for secure information flow. Comm. of the ACM, 20(7):504--513, July 1977.

Digital Library

[7]

U. Derigs and W. Meier. Implementing Goldberg's max-flow algorithm -- a computational investigation. ZOR -- Methods and Models of Operations Research, 33:383--403, 1989.

[8]

David Flanagan. JavaScript: The Definitive Guide. O'Reilly, 4th edition, 2002.

Digital Library

[9]

Google Web Toolkit. http://code.google.com/webtoolkit/.

[10]

W. Halfond and A. Orso. AMNESIA: Analysis and monitoring for neutralizing SQL-injection attacks. In Proc. International Conference on Automated Software Engineering (ASE'05), pages 174--183, November 2005.

Digital Library

[11]

Yao-Wen Huang, Fang Yu, Christian Hang, Chung-Hung Tsai, Der-Tsai Lee, and Sy-Yen Kuo. Securing web application code by static analysis and runtime protection. In Proc. 13th International World Wide Web Conference (WWW'04), pages 40--52, May 2004.

Digital Library

[12]

N. Jovanovic, C. Kruegel, and E. Kirda. Pixy: A static analysis tool for detecting web application vulnerabilities. In Proc. IEEE Symposium on Security and Privacy, pages 258--263, May 2006.

Digital Library

[13]

Dahlia Malkhi, Noam Nisan, Benny Pinkas, and Yaron Sella. Fairplay--a secure two-party computation system. In Proc. 13th Usenix Security Symposium, pages 287--302, San Diego, CA, August 2004.

Digital Library

[14]

Andrew C. Myers. JFlow: Practical mostly-static information flow control. In Proc. 26th ACM Symp. on Principles of Programming Languages (POPL), pages 228--241, January 1999.

Digital Library

[15]

Andrew C. Myers and Barbara Liskov. Protecting privacy using the decentralized label model. ACM Transactions on Software Engineering and Methodology, 9(4):410--442, October 2000.

Digital Library

[16]

Andrew C. Myers, Lantian Zheng, Steve Zdancewic, Stephen Chong, and Nathaniel Nystrom. Jif: Java information flow. Software release, http://www.cs.cornell.edu/jif, July 2001.

[17]

A. Nguyen-Tuong, S. Guarneri, D. Greene, and D. Evans. Automatically hardening web applications using precise tainting. In Proc. 20th International Information Security Conference, pages 372--382, May 2005.

[18]

Nathaniel Nystrom, Michael R. Clarkson, and Andrew C. Myers. Polyglot: An extensible compiler framework for Java. In Proc. 12th International Compiler Construction Conference (CC'03), pages 138--152, April 2003. LNCS 2622.

Digital Library

[19]

PHP: hypertext processor. http://www.php.net.

[20]

John C. Reynolds. Definitional interpreters for higher--order programming languages. In ACM '72: Proceedings of the ACM annual conference, pages 717--740, 1972.

Digital Library

[21]

M. Serrano, E. Gallesio, and F. Loitsch. HOP, a language for programming the Web 2.0. In Proc. 1st Dynamic Languages Symposium, pages 975--985, October 2006.

Digital Library

[22]

Guy L. Steele, Jr. RABBIT: A compiler for Scheme. Technical Report AITR--474, MIT AI Laboratory, Cambridge, MA, May 1978.

Digital Library

[23]

Java Swing (Java Foundation Classes) http://java.sun.com/javase/technologies/desktop.

[24]

Symantec Internet security threat report, volume X. Symantec Corporation, September 2006.

[25]

Dave Thomas, Chad Fowler, and Andy Hunt. Programming Ruby: The Pragmatic Programmers' Guide. The Pragmatic Programmers, 2nd edition, 2004. ISBN 0-974-51405-5.

Digital Library

[26]

Dennis Volpano and Geoffrey Smith. A type-based approach to program security. In Proc. 7th International Joint Conference on the Theory and Practice of Software Development, pages 607--621, 1997.

Digital Library

[27]

Yichen Xie and Alex Aiken. Static detection of security vulnerabilities in scripting languages. In Proc. 15th USENIX Security Symposium, pages 179--192, July 2006.

Digital Library

[28]

Wei Xu, Sandeep Bhatkar, and R. Sekar. Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks. In Proc. 15th USENIX Security Symposium, pages 121--136, August 2006.

Digital Library

[29]

Fan Yang, Nitin Gupta, Nicholas Gerner, Xin Qi, Alan Demers, Johannes Gehrke, and Jayavel Shanmugasundaram. A unified platform for data driven web applictions with automatic client-server partitioning. In Proc. 16th International World Wide Web Conference (WWW'07), pages 341--350, 2007.

Digital Library

[30]

Fan Yang, Jayavel Shanmugasundaram, Mirek Riedewald, and Johannes Gehrke. Hilda: A high-level language for data-driven web applications. In Proc. 22nd International Conference on Data Engineering (ICDE'06), pages 32--43, Washington, DC, USA, 2006. IEEE Computer Society.

Digital Library

[31]

Dachuan Yu, Ajay Chander, Nayeem Islam, and Igor Serikov. JavaScript instrumentation for browser security. In Proc. 34th ACM Symp. on Principles of Programming Languages (POPL), pages 237--249, January 2007.

Digital Library

[32]

Steve Zdancewic, Lantian Zheng, Nathaniel Nystrom, and Andrew C. Myers. Secure program partitioning. ACM Transactions on Computer Systems, 20(3):283--328, August 2002.

Digital Library

[33]

Lantian Zheng, Stephen Chong, Andrew C. Myers, and Steve Zdancewic. Using replication and partitioning to build secure distributed systems. In Proc. IEEE Symposium on Security and Privacy, pages 236--250, Oakland, California, May 2003.

Digital Library

Cited By

Venkatakrishnan V(2024)Applications of Formal Methods to Web Application SecurityEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-642-27739-9_856-2(1-3)Online publication date: 14-Feb-2024
https://doi.org/10.1007/978-3-642-27739-9_856-2
Ahad AWang GKim CJana SLin ZKwon YAamodt TSwift MJerger N(2023)FreePart: Hardening Data Processing Software via Framework-based Partitioning and IsolationProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 410.1145/3623278.3624760(169-188)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3623278.3624760
Lubbers MKoopman PRamsingh ASinger JTrinder P(2023)Could Tierless Languages Reduce IoT Development Grief?ACM Transactions on Internet of Things10.1145/35729014:1(1-35)Online publication date: 23-Feb-2023
https://dl.acm.org/doi/10.1145/3572901
Show More Cited By

Index Terms

Secure web applications via automatic partitioning
1. Security and privacy
  1. Systems security
    1. Information flow control
    2. Operating systems security
2. Software and its engineering
  1. Software notations and tools
    1. General programming languages
      1. Language features
        Frameworks

Recommendations

Building secure web applications with automatic partitioning
Inspiring Women in Computing

Swift is a new, principled approach to building Web applications that are secure by construction. Modern Web applications typically implement some functionality as client-side JavaScript code, for improved interactivity. Moving code and data to the ...
Read More
Securing web application code by static analysis and runtime protection
WWW '04: Proceedings of the 13th international conference on World Wide Web

Security remains a major roadblock to universal acceptance of the Web for many kinds of transactions, especially since the recent sharp increase in remotely exploitable vulnerabilities have been attributed to Web application bugs. Many verification ...
Read More
Secure program partitioning

This paper presents secure program partitioning, a language-based technique for protecting confidential data during computation in distributed systems containing mutually untrusted hosts. Confidentiality and integrity policies can be expressed by ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM SIGOPS Operating Systems Review

ACM SIGOPS Operating Systems Review Volume 41, Issue 6

SOSP '07

December 2007

363 pages

ISSN:0163-5980

DOI:10.1145/1323293

Issue’s Table of Contents

SOSP '07: Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
October 2007
378 pages
ISBN:9781595935915
DOI:10.1145/1294261
General Chair:
Thomas C. Bressoud
Denison University, USA
,
Program Chair:
M. Frans Kaashoek
Massachusetts Institute of Technology, USA

Copyright © 2007 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 October 2007

Published in SIGOPS Volume 41, Issue 6

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

195
Total Citations
View Citations
1,832
Total Downloads

Downloads (Last 12 months)33
Downloads (Last 6 weeks)6

Other Metrics

View Author Metrics

Citations

Cited By

Venkatakrishnan V(2024)Applications of Formal Methods to Web Application SecurityEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-642-27739-9_856-2(1-3)Online publication date: 14-Feb-2024
https://doi.org/10.1007/978-3-642-27739-9_856-2
Ahad AWang GKim CJana SLin ZKwon YAamodt TSwift MJerger N(2023)FreePart: Hardening Data Processing Software via Framework-based Partitioning and IsolationProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 410.1145/3623278.3624760(169-188)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3623278.3624760
Lubbers MKoopman PRamsingh ASinger JTrinder P(2023)Could Tierless Languages Reduce IoT Development Grief?ACM Transactions on Internet of Things10.1145/35729014:1(1-35)Online publication date: 23-Feb-2023
https://dl.acm.org/doi/10.1145/3572901
Liang KTan JZeng DHuang YHuang XTan G(2023)ABSLearn: a GNN-based framework for aliasing and buffer-size information retrievalPattern Analysis and Applications10.1007/s10044-023-01142-226:3(1171-1189)Online publication date: 19-Feb-2023
https://doi.org/10.1007/s10044-023-01142-2
Qiang WLuo H(2022)AutoSlicer: Automatic Program Partitioning for Securing Sensitive Data Based-on Data Dependency Analysis and Code Refactoring2022 IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom56396.2022.00042(239-247)Online publication date: Dec-2022
https://doi.org/10.1109/TrustCom56396.2022.00042
Li XHoushmand FLesani M(2022)HAMRAZ: Resilient Partitioning and Replication2022 IEEE Symposium on Security and Privacy (SP)10.1109/SP46214.2022.9833661(2267-2284)Online publication date: May-2022
https://doi.org/10.1109/SP46214.2022.9833661
Renner JSanchez-Stern ABrown FLerner SStefan DFreund SYahav E(2021)Scooter & Sidecar: a domain-specific approach to writing secure database migrationsProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454072(710-724)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454072
Kushwah SDesai ASubramanyan PSeshia SCao JHo Au MLin ZYung M(2021)PSec: Programming Secure Distributed Systems using EnclavesProceedings of the 2021 ACM Asia Conference on Computer and Communications Security10.1145/3433210.3453113(802-816)Online publication date: 24-May-2021
https://dl.acm.org/doi/10.1145/3433210.3453113
Weisenburger PWirth JSalvaneschi G(2020)A Survey of Multitier ProgrammingACM Computing Surveys10.1145/339749553:4(1-35)Online publication date: 26-Sep-2020
https://dl.acm.org/doi/10.1145/3397495
Wang DZhang XChen TLi J(2019)Discovering Vulnerabilities in COTS IoT Devices through Blackbox Fuzzing Web Management InterfaceSecurity and Communication Networks10.1155/2019/50763242019Online publication date: 4-Nov-2019
https://dl.acm.org/doi/10.1155/2019/5076324
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents