Protection and communication abstractions for web browsers in MashupOS

Abstract — Web browsers have evolved from a single-principal platform on which users browse one site at a time into a multi-principal platform on which data and code from mutually distrusting sites interact programmatically in a single page on the client side, enabling feature-rich “Web 2.0 ” applications (or mashups) that offer close-to-desktop experiences. However, the protection and communication abstractions offered by today’s browsers remain suitable only for a single principal system — either no trust through complete isolation between principals (sites) or full trust by incorporating third party code as libraries. In this paper, we address this deficiency by providing the missing abstractions to enable robust and secure Web applica-tions on a rich multi-principal platform. We draw an analogy between Web sites ’ sharing of browser resources and users’ sharing of operating system resources, and we use this analogy as a guide to develop protection and communication abstractions for Web browsers. Our abstractions are designed to match the trust relationship in Web service provisioning and integration so that they can enhance both security and ease in Web service creation. For example, our abstractions can be used to prevent Cross Site Scripting (XSS) vulnerabilities in Web services in a fundamental way, addressing a prominent threat in today’s Web. Furthermore, we have designed our abstractions to be backward compatible and easily adoptable. We have built a prototype system that realizes almost all of our abstractions and their associated properties. Our evaluation shows that our abstractions make it easy to build more secure and robust client-side Web mashups and can be easily implemented with negligible performance overhead. I