English
Related papers

Related papers: Transaction-based Sandboxing for JavaScript

200 papers

Isolating programs is an important mechanism to support more secure applications. Isolating program in dynamic languages such as JavaScript is even more challenging since reflective operations can circumvent simple mechanisms that could…

Programming Languages · Computer Science 2013-09-17 Damien Cassou , Stéphane Ducasse , Nicolas Petton

TreatJS is a language embedded, higher-order contract system for JavaScript which enforces contracts by run-time monitoring. Beyond providing the standard abstractions for building higher-order contracts (base, function, and object…

Programming Languages · Computer Science 2015-05-01 Matthias Keil , Peter Thiemann

Web sites routinely incorporate JavaScript programs from several sources into a single page. These sources must be protected from one another, which requires robust sandboxing. The many entry-points of sandboxes and the subtleties of…

Programming Languages · Computer Science 2015-06-26 Joe Gibbs Politz , Spiridon Eliopoulos , Arjun Guha , Shriram Krishnamurthi

Software transactional memory implementations which allow transactions to work on inconsistent states of shared data, risk to cause application visible errors such as memory access violations or endless loops. Hence, many implementations…

Distributed, Parallel, and Cluster Computing · Computer Science 2014-09-23 Holger Machens

Dependency analysis is a program analysis that determines potential data flow between program points. While it is not a security analysis per se, it is a viable basis for investigating data integrity, for ensuring confidentiality, and for…

Programming Languages · Computer Science 2013-05-30 Matthias Keil , Peter Thiemann

Modern websites heavily rely on JavaScript (JS) to implement legitimate functionality as well as privacy-invasive advertising and tracking. Browser extensions such as NoScript block any script not loaded by a trusted list of endpoints, thus…

Cryptography and Security · Computer Science 2023-03-27 Abdul Haddi Amjad , Zubair Shafiq , Muhammad Ali Gulzar

Remote attestation (RA) authenticates code running in trusted execution environments (TEEs), allowing trusted code to be deployed even on untrusted hosts. However, trust relationships established by one component in a distributed…

Cryptography and Security · Computer Science 2022-02-02 Haofan Zheng , Owen Arden

JavaScript engines inside modern browsers are capable of running sophisticated multi-player games, rendering impressive 3D scenes, and supporting complex, interactive visualizations. Can this processing power be harnessed for information…

Information Retrieval · Computer Science 2014-10-17 Jimmy Lin

Many important security problems in JavaScript, such as browser extension security, untrusted JavaScript libraries and safe integration of mutually distrustful websites (mash-ups), may be effectively addressed using an efficient…

Programming Languages · Computer Science 2015-01-20 Stefan Heule , Deian Stefan , Edward Z. Yang , John C. Mitchell , Alejandro Russo

JSConTest introduced the notions of effect monitoring and dynamic effect inference for JavaScript. It enables the description of effects with path specifications resembling regular expressions. It is implemented by an offline source code…

Programming Languages · Computer Science 2013-12-12 Matthias Keil , Peter Thiemann

Deobfuscating JavaScript (JS) code poses a significant challenge in web security, particularly as obfuscation techniques are frequently used to conceal malicious activities within scripts. While Large Language Models (LLMs) have recently…

Cryptography and Security · Computer Science 2025-06-26 Guoqiang Chen , Xin Jin , Zhiqiang Lin

Blockchains are modern distributed systems that provide decentralized financial capabilities with trustable guarantees. Smart contracts are programs written in specialized programming languages running on a blockchain and govern how tokens…

Cryptography and Security · Computer Science 2022-07-11 Margarita Capretto , Martin Ceresa , Cesar Sanchez

Websites today routinely combine JavaScript from multiple sources, both trusted and untrusted. Hence, JavaScript security is of paramount importance. A specific interesting problem is information flow control (IFC) for JavaScript. In this…

Cryptography and Security · Computer Science 2014-01-22 Abhishek Bichhawat , Vineet Rajani , Deepak Garg , Christian Hammer

Mobile apps can access a wide variety of secure information, such as contacts and location. However, current mobile platforms include only coarse access control mechanisms to protect such data. In this paper, we introduce interaction-based…

Cryptography and Security · Computer Science 2015-07-30 Kristopher Micinski , Jonathan Fetter-Degges , Jinseong Jeon , Jeffrey S. Foster , Michael R. Clarkson

Modern applications often operate on data in multiple administrative domains. In this federated setting, participants may not fully trust each other. These distributed applications use transactions as a core mechanism for ensuring…

Distributed, Parallel, and Cluster Computing · Computer Science 2016-08-23 Isaac Sheff , Tom Magrino , Jed Liu , Andrew C. Myers , Robbert van Renesse

In the standard web browser programming model, third-party scripts included in an application execute with the same privilege as the application's own code. This leaves the application's confidential data vulnerable to theft and leakage by…

Cryptography and Security · Computer Science 2023-05-09 Abhishek Bichhawat , Vineet Rajani , Jinank Jain , Deepak Garg , Christian Hammer

The JSC language is a superset of JavaScript designed to ease the development of large web applications. This language extends JavaScripts own object system by isolating code in a class declaration, simplifying multiple inheritance and…

Programming Languages · Computer Science 2009-12-16 Artur Ventura

Modern websites extensively rely on JavaScript to implement both functionality and tracking. Existing privacy enhancing content blocking tools struggle against mixed scripts, which simultaneously implement both functionality and tracking,…

Cryptography and Security · Computer Science 2024-05-29 Abdul Haddi Amjad , Shaoor Munir , Zubair Shafiq , Muhammad Ali Gulzar

Serverless computing is an approach to cloud computing that allows programmers to run serverless functions in response to external events. Serverless functions are priced at sub-second granularity, support transparent elasticity, and…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-08-05 Emily Herbert , Arjun Guha

Web applications are becoming truly pervasive in all kinds of business models and organizations. Today, most critical systems such as those related to health care, banking, or even emergency response, are relying on these applications. They…

Cryptography and Security · Computer Science 2009-06-01 Joaquin Garcia-Alfaro , Guillermo Navarro-Arribas
‹ Prev 1 2 3 10 Next ›