Gatekeeper: Mostly static enforcement of security and reliability policies for JavaScript code

Proceedings of the 18th USENIX Security Symposium

Volumn , Issue , 2009, Pages 151-168

  Guarnieri, Salvatore ^a   Livshits, Benjamin ^b  

^a UNIVERSITY OF WASHINGTON   (United States)

^b MICROSOFT RESEARCH   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

HIGH LEVEL LANGUAGES;

EXTENSIBLE SYSTEMS; FALSE NEGATIVES; FALSE POSITIVE; JAVASCRIPT PROGRAMS; POLICY LANGUAGE; SECURITY AND RELIABILITIES; SECURITY POLICY; STATIC APPROACH;

RELIABILITY;

EID: 84890883068     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (35)

1. A. V. Aho, M. Lam, R. Sethi, and J. D. Ullman. Compilers: Principles, Techniques, and Tools. Addison-Wesley, 2007.
2. Ajaxian. Facebook JavaScript and security. http://ajaxian.com/archives/facebook-javascript-and-security, Aug. 2007.
3. L. O. Andersen. Program analysis and specialization for the C programming language. Technical report, University of Copenhagen, 1994.
4. C. Anderson and P. Giannini. Type checking for JavaScript. In In WOOD 04, volume WOOD of ENTCS. Elsevier, 2004. http://www.binarylord.com/ work/js0wood.pdf, 2004.
5. C. Anderson, P. Giannini, and S. Drossopoulou. Towards type inference for JavaScript. In In Proceedings of the European Conference on Object-Oriented Programming, pages 429–452, July 2005.
6. D. Avots, M. Dalton, B. Livshits, and M. S. Lam. Improving software security with a C pointer analysis. In Proceedings of the International Conference on Software Engineering, pages 332–341, May 2005.
7. T. Ball, E. Bounimova, B. Cook, V. Levin, J. Lichtenberg, C. Mc-Garvey, B. Ondrusek, S. K. Rajamani, and A. Ustuner. Thorough static analysis of device drivers. In European Conference on Computer Systems, pages 73–85, 2006.
8. R. Cartwright and M. Fagan. Soft typing. ACM SIGPLAN Notices, 39(4):412–428, 2004.
9. B. Chess, Y. T. O’Neil, and J. West. JavaScript hijacking. www.fortifysoftware.com/servlet/downloads/public/ JavaScript Hijacking.pdf, Mar. 2007.
10. R. Chugh, J. A. Meister, R. Jhala, and S. Lerner. Staged information flow for JavaScript. In Proceedings of the Conference on Programming Language Design and Implementation, June 2009.
11. D. Crockford. Globals are evil. http://yuiblog.com/blog/2006/06/01/global-domination/, June 2006.
12. D. Crockford. JavaScript: the good parts. 2008.
13. D. Crockford. AdSafe: Making JavaScript safe for advertising. http://www.adsafe.org, 2009.
14. ECMA. Ecma-262: Ecma/tc39/2009/025, 5th edition, final draft. http://www.ecma-international.org/publications/files/drafts/tc39-2009-025.pdf, Apr. 2009.
15. Facebook, Inc. Fbjs. http://wiki.developers.facebook.com/index.php/FBJS, 2007.
16. A. Felt, P. Hooimeijer, D. Evans, and W. Weimer. Talking to strangers without taking their candy: isolating proxied content. In Proceedings of the Workshop on Social Network Systems, pages 25–30, 2008.
17. Finjan Inc. Web security trends report. http://www.finjan.com/GetObject.aspx?ObjId=506.
18. J. Howell, C. Jackson, H. J. Wang, and X. Fan. MashupOS: Operating system abstractions for client mashups. In Proceedings of the Workshop on Hot Topics in Operating Systems, May 2007.
19. javascript-reference.info. JavaScript obfuscators review. http://javascript-reference.info/javascript-obfuscators-review.htm, 2008.
20. E. Kıcıman and B. Livshits. AjaxScope: a platform for remotely monitoring the client-side behavior of Web 2.0 applications. In Proceedings of Symposium on Operating Systems Principles, Oct. 2007.
21. M. S. Lam, J. Whaley, B. Livshits, M. C. Martin, D. Avots, M. Carbin, and C. Unkel. Context-sensitive program analysis as database queries. In Proceedings of the Symposium on Principles of Database Systems, June 2005.
22. B. Livshits and S. Guarnieri. Gatekeeper: Mostly static enforcement of security and reliability policies for JavaScript code. Technical Report MSR-TR-2009-43, Microsoft Research, Feb. 2009.
23. B. Livshits and M. S. Lam. Finding security errors in Java programs with static analysis. In Proceedings of the Usenix Security Symposium, pages 271–286, Aug. 2005.
24. Microsoft Corporation. Static driver verifier. http://www.microsoft.com/whdc/devtools/tools/SDV.mspx, 2005.
25. Microsoft Live Labs. Live Labs Websandbox. http://websandbox.org, 2008.
26. Microsoft Live Labs. Quality of service (QoS) protections. http://websandbox.livelabs.com/documentation/useqos.aspx, 2008.
27. Microsoft Security Bulletin. Vulnerabilities in Windows gadgets could allow remote code execution (938123). http://www.microsoft.com/technet/security/Bulletin/MS07-048.mspx, 2007.
28. M. S. Miller. Is it possible to mix ExtJS and google-caja to enhance security. http://extjs.com/forum/showthread.php?p= 268731#post268731, Jan. 2009.
29. M. S. Miller, M. Samuel, B. Laurie, I. Awad, and M. Stay. Caja: Safe active content in sanitized JavaScript. http://google-caja.googlecode.com/files/caja-2007.pdf, 2007.
30. C. Reis, J. Dunagan, H. Wang, O. Dubrovsky, and S. Esmeir. BrowserShield: Vulnerability-driven filtering of dynamic HTML. In Proceedings of the Symposium on Operating Systems Design and Implementation, 2006.
31. P. Thiemann. Towards a type system for analyzing JavaScript programs. 2005.
32. J. Whaley, D. Avots, M. Carbin, and M. S. Lam. Using Datalog and binary decision diagrams for program analysis. In Proceedings of the Asian Symposium on Programming Languages and Systems, Nov. 2005.
33. J. Whaley and M. S. Lam. Cloning-based context-sensitive pointer alias analysis using binary decision diagrams. In Proceedings of the Conference on Programming Language Design and Implementation, pages 131–144, June 2004.
34. Windows Live. Windows live gadget developer checklist. http://dev.live.com/gadgets/sdk/docs/checklist.htm, 2008.
35. D. Yu, A. Chander, N. Islam, and I. Serikov. JavaScript instrumentation for browser security. In Proceedings of Conference on Principles of Programming Languages, Jan. 2007.