Skip to main content

Modular Monitor Extensions for Information Flow Security in JavaScript

  • Conference paper
  • First Online:
Trustworthy Global Computing (TGC 2015)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 9533))

Included in the following conference series:

  • 650 Accesses

Abstract

Client-side JavaScript programs often interact with the web page into which they are included, as well as with the browser itself, through APIs such as the DOM API, the XMLHttpRequest API, and the W3C Geolocation API. Precise reasoning about JavaScript security must therefore take API invocation into account. However, the continuous emergence of new APIs, and the heterogeneity of their forms and features, renders API behavior a moving target that is particularly hard to capture. To tackle this problem, we propose a methodology for modularly extending sound JavaScript information flow monitors with a generic API. Hence, to verify whether an extended monitor complies with the proposed noninterference property requires only to prove that the API satisfies a predefined set of conditions. In order to illustrate the practicality of our methodology, we show how an information flow monitor-inlining compiler can take into account the invocation of arbitrary APIs, without changing the code or the proofs of the original compiler. We provide an implementation of such a compiler with an extension for handling a fragment of the DOM Core Level 1 API. Furthermore, our implementation supports the addition of monitor extensions for new APIs at runtime.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. The 5.1th edition of ECMA 262, ECMAScript Language Specification. Technical report, ECMA 2011, June 2011

    Google Scholar 

  2. Almeida-Matos, A., Fragoso Santos, J., Rezk, T.: An information flow monitor for a core of DOM. In: Maffei, M., Tuosto, E. (eds.) TGC 2014. LNCS, vol. 8902, pp. 1–16. Springer, Heidelberg (2014)

    Google Scholar 

  3. Austin, T.H., Flanagan, C.: Efficient purely-dynamic information flow analysis. In: PLAS (2009)

    Google Scholar 

  4. Austin, T.H., Flanagan, C.: Permissive dynamic information flow analysis. In: PLAS (2010)

    Google Scholar 

  5. Austin, T.H., Flanagan, C.: Multiple facets for dynamic information flow. In: POPL (2012)

    Google Scholar 

  6. Banerjee, A., Naumann, D.A.: Secure information flow and pointer confinement in a java-like language. In: CSFW (2002)

    Google Scholar 

  7. Bielova, N.: Survey on javascript security policies and their enforcement mechanisms in a web browser. Special Issue on Automated Specification and Verification of Web Systems of JLAP (2013)

    Google Scholar 

  8. Chudnov, A., Naumann, D.A.: Information flow monitor inlining. In: CSF (2010)

    Google Scholar 

  9. Denning, D.E.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  10. Santos, J.F., Rezk, T.: An information flow monitor-inlining compiler for securing a core of javascript. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Abou El Kalam, A., Sans, T. (eds.) SEC 2014. IFIP AICT, vol. 428, pp. 278–292. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  11. Gardner, P., Smith, G., Wheelhouse, M.J., Zarfaty, U.: Dom: Towards a formal specification. In: PLAN-X (2008)

    Google Scholar 

  12. Le Guernic, G.: Confidentiality Enforcement Using Dynamic Information Flow Analyses. Ph.D. thesis, Kansas State University (2007)

    Google Scholar 

  13. Guha, A., Lerner, B., Gibbs Politz, J., Krishnamurthi, S.: Web API verification: Results and challenges. In: Analysis of Security APIs (2012)

    Google Scholar 

  14. Hedin, D., Birgisson, A., Bello, L., Sabelfeld, A.: JSFlow: Tracking information flow in JavaScript and its APIs. In: SAC (2014)

    Google Scholar 

  15. Hedin, D., Sabelfeld, A.: Information-flow security for a core of javascript. In: CSF (2012)

    Google Scholar 

  16. Magazinius, J., Russo, A., Sabelfeld, A.: On-the-fly inlining of dynamic security monitors. Comput. Secur. 31, 827–843 (2012)

    Article  Google Scholar 

  17. W3C Recommendation. DOM: Document Object Model (DOM). Technical report, W3C (2005)

    Google Scholar 

  18. Russo, A., Sabelfeld, A., Chudnov, A.: Tracking information flow in dynamic tree structures. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 86–103. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  19. Sabelfeld, A., Myers, A.C.: Language-based information-flow security. J. Sel. Areas Commun. 21, 5–19 (2003)

    Article  Google Scholar 

  20. Santos, J.F., Rezk, T.: Information flow monitor-inlining compiler. http://www-sop.inria.fr/indes/ifJS/

  21. Taly, A., Erlingsson, U., Mitchell, J.C., Miller, M.S., Nagra, J.: Automated analysis of security-critical javascript apis. In: SP (2011)

    Google Scholar 

  22. Venkatakrishnan, V.N., Xu, W., DuVarney, D.C., Sekar, R.: Provably correct runtime enforcement of non-interference properties. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 332–351. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  23. Garg, D., Rajani, V., Bichhawat, A., Hammer, C.: Information Flow control for Event Handling and the DOM in Web Browsers. In: CSF (2015). to appear

    Google Scholar 

Download references

Acknowledgments

Fragoso Santos acknowledges funding from the EPSRC grant reference EP/K032089/1. No new data was collected in the course of this research.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to José Fragoso Santos .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Fragoso Santos, J., Rezk, T., Matos, A.A. (2016). Modular Monitor Extensions for Information Flow Security in JavaScript. In: Ganty, P., Loreti, M. (eds) Trustworthy Global Computing. TGC 2015. Lecture Notes in Computer Science(), vol 9533. Springer, Cham. https://doi.org/10.1007/978-3-319-28766-9_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-28766-9_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-28765-2

  • Online ISBN: 978-3-319-28766-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics