Securing Timeout Instructions in Web Applications

Timeout mechanisms are a useful feature for web applications. However, these mechanisms need to be used with care because, if used as-is, they are vulnerable to timing attacks. This paper focuses on internal timing attacks, a particularly dangerous class of timing attacks, where the attacker needs n...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:2009 22nd IEEE Computer Security Foundations Symposium s. 92 - 106
Hlavní autoři: Russo, A., Sabelfeld, A.
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: IEEE 01.07.2009
Témata:
Application software
Clocks
Computer security
Context modeling
Data security
Information security
information-flow
internal timing covert channel
Java
Monitoring
non-interference
Runtime
timeouts
Timing
web security
ISBN:076953712X, 9780769537122
ISSN:1063-6900
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Timeout mechanisms are a useful feature for web applications. However, these mechanisms need to be used with care because, if used as-is, they are vulnerable to timing attacks. This paper focuses on internal timing attacks, a particularly dangerous class of timing attacks, where the attacker needs no access to a clock. In the context of client-side web application security, we present JavaScript-based exploits against the timeout mechanism of the DOM (document object model), supported by the modern browsers. Our experimental findings reveal rather liberal choices for the timeout semantics by different browsers and motivate the need for a general security solution. We propose a foundation for such a solution in the form of a runtime monitor. We illustrate for a simple language that, while being more permissive than a typical static analysis, the monitor enforces termination-insensitive noninterference.
ISBN:076953712X
9780769537122
ISSN:1063-6900
DOI:10.1109/CSF.2009.16