Securing Timeout Instructions in Web Applications

Timeout mechanisms are a useful feature for web applications. However, these mechanisms need to be used with care because, if used as-is, they are vulnerable to timing attacks. This paper focuses on internal timing attacks, a particularly dangerous class of timing attacks, where the attacker needs n...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:2009 22nd IEEE Computer Security Foundations Symposium S. 92 - 106
Hauptverfasser: Russo, A., Sabelfeld, A.
Format: Tagungsbericht
Sprache:Englisch
Veröffentlicht: IEEE 01.07.2009
Schlagworte:
Application software
Clocks
Computer security
Context modeling
Data security
Information security
information-flow
internal timing covert channel
Java
Monitoring
non-interference
Runtime
timeouts
Timing
web security
ISBN:076953712X, 9780769537122
ISSN:1063-6900
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Timeout mechanisms are a useful feature for web applications. However, these mechanisms need to be used with care because, if used as-is, they are vulnerable to timing attacks. This paper focuses on internal timing attacks, a particularly dangerous class of timing attacks, where the attacker needs no access to a clock. In the context of client-side web application security, we present JavaScript-based exploits against the timeout mechanism of the DOM (document object model), supported by the modern browsers. Our experimental findings reveal rather liberal choices for the timeout semantics by different browsers and motivate the need for a general security solution. We propose a foundation for such a solution in the form of a runtime monitor. We illustrate for a simple language that, while being more permissive than a typical static analysis, the monitor enforces termination-insensitive noninterference.
ISBN:076953712X
9780769537122
ISSN:1063-6900
DOI:10.1109/CSF.2009.16