Today's web applications remain vulnerable to cross-site scripting attacks that enable data theft. Information flow tracking in the JavaScript VM of a web engine can track data flows through the web application and prevent the communication of sensitive data to unintended recipients, thereby stopping data theft. Existing solutions have focused on the incorporating information flow into the JS interpreter, rather than the just-in-time compiler, rendering the resulting performance non-competitive.This thesis presents an implementation of information flow tracking that works with the just-in-time compiler, outperforming all previous interpreter-based information flow tracking engines by more than a factor of two. The JIT-based engine (i) has t...
Data usage control is a concept that extends access control to also protect data after it has been ...
Tracking information flow in dynamic languages remains an important and intricate problem. This pape...
There are several techniques supporting the imple- mentation of a secure data and information flow i...
Abstract. The widespread use of JavaScript (JS) as the dominant web program-ming language opens the ...
ModernWeb 2.0 pages combine scripts from several sources into a single client-side JavaScript progra...
International audienceWeb-browser security with emphasis on JavaScript security, is one of the impor...
Abstract. Websites today routinely combine JavaScript from multi-ple sources, both trusted and untru...
Information flow analysis prevents secret or untrusted data from flowing into public or trusted sink...
The Web is evolving into a melting pot of content coming from multiple stakeholders. In this mutuall...
JavaScript drives the evolution of the web into a powerful application platform. Increasingly, web a...
JavaScript drives the evolution of the web into a powerful application platform. Increasingly, web a...
Websites today routinely combine JavaScript from multiple sources, both trusted and untrusted. Hence...
JavaScript has become a central technology of the web, but it is also the source of many security pr...
Secure integration of third-party code is one of the prime challenges for securing today\u27s web. R...
High-performance,flexible and scalable JavaScript platforms are becoming popular for server-side app...
Data usage control is a concept that extends access control to also protect data after it has been ...
Tracking information flow in dynamic languages remains an important and intricate problem. This pape...
There are several techniques supporting the imple- mentation of a secure data and information flow i...
Abstract. The widespread use of JavaScript (JS) as the dominant web program-ming language opens the ...
ModernWeb 2.0 pages combine scripts from several sources into a single client-side JavaScript progra...
International audienceWeb-browser security with emphasis on JavaScript security, is one of the impor...
Abstract. Websites today routinely combine JavaScript from multi-ple sources, both trusted and untru...
Information flow analysis prevents secret or untrusted data from flowing into public or trusted sink...
The Web is evolving into a melting pot of content coming from multiple stakeholders. In this mutuall...
JavaScript drives the evolution of the web into a powerful application platform. Increasingly, web a...
JavaScript drives the evolution of the web into a powerful application platform. Increasingly, web a...
Websites today routinely combine JavaScript from multiple sources, both trusted and untrusted. Hence...
JavaScript has become a central technology of the web, but it is also the source of many security pr...
Secure integration of third-party code is one of the prime challenges for securing today\u27s web. R...
High-performance,flexible and scalable JavaScript platforms are becoming popular for server-side app...
Data usage control is a concept that extends access control to also protect data after it has been ...
Tracking information flow in dynamic languages remains an important and intricate problem. This pape...
There are several techniques supporting the imple- mentation of a secure data and information flow i...