1 / 25

Enhancing Security in Web Applications Through Automatic Code and Data Partitioning

This paper discusses the pivotal role of secure web applications in contemporary infrastructure, highlighting that 69% of internet vulnerabilities stem from these applications. It introduces "Swift," a novel architecture designed to automatically partition code and data, ensuring security-critical components are executed only on the server side for enhanced confidentiality and integrity. The architecture facilitates the development of secure applications while maintaining performance standards. Key elements include the Swift Runtime, the evaluation of its effectiveness, and the implementation of real-world applications demonstrating its capabilities.

kat
Download Presentation

Enhancing Security in Web Applications Through Automatic Code and Data Partitioning

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Web Applications via Automatic Partitioning Stephen Chong, Jed Liu, Andrew C. Meyers, Xin Qi, K. Vikram, Lantian Zheng, Xin Zheng. Cornell University

  2. Outline • Introduction • Swift Architecture • Writing Swift Applications • WebIL • Swift Runtime • Evaluation • Conclusion

  3. Introduction Web applications are a critical part of today’s infrastructure

  4. Introduction • Web applications account for 69% of internet vulnerabilities • Developer dilemma • Performance vs security

  5. Introduction • Guess a number game • Confidentiality requirement • Client cannot see number • Integrity requirement • Client cannot affect number of guesses • Only server can decide if guess is correct • Client side only implementation • Best performance • Client can cheat

  6. Swift • Building web applications that are secure by construction • Automatic partitioning of code and data • Security critical code/data placed on server side only • Code/data placed on client side for performance

  7. Swift Architecture • Jif Source Code • WebIL • WebIL Optimization • Splitting Code • JavaScript and Java Output • Partitioning and Replication

  8. Swift Architecture

  9. Writing Swift Applications • Extensions of Jif programming language • Security policies expressed using labels • Confidentiality and Integrity policies • Labels refer to principals • *(server) and client principals • Compiler statically checks that information flow is consistent with policies • Trust model • Un trusted client • Trusted server

  10. Sample Policies

  11. Guess a number Application

  12. WebIL • Concerned with placement of code and data • Replace Jif labels with placement annotations • Placements chosen to optimize responsiveness without sacrificing security • Partitioning solved as Integer programming problem

  13. Placement Annotations • 9 placement annotations

  14. Guess-a-Number in WebIL

  15. Partitioning Algorithm • Represent control flow as weighted directed graph • Graph nodes are statements • Edge weights are exec. frequencies • Integer programming problem • Reduce to instance of max flow problem • Solution is placements of code/data

  16. Partioning of Guess-a-Number

  17. Swift Runtime • Controls synchronization and communication • JavaScript runs on Client • Java code runs on server • Asymmetric trust model • Execution blocks • Closures • Activation Records

  18. Execution Block • Methods divided into execution blocks • Single entry • Multiple exits • Unique ids • Control transfer message • Branch to block executing on different host

  19. Execution Blocks of Guess-a-Number

  20. Activation Records • Execution blocks run in context of activation records • Client/server have different views of same activation record • Activation record updates forwarding between hosts • Security restrictions of forwarding

  21. Closures • Next execution block id and activation record id • Stack of closures • Correct simulation of method calls/exceptions • Integrity of control flow • Clients invoke high integrity closures in controlled way

  22. Evaluation • Swift Compiler • Jif compiler + 20K LOC • Runtime system = 2.6K LOC • Six web applications implemented

  23. Generated code size

  24. Network messages

  25. Conclusion • Constructing secure web applications • Automatic partitioning of functionality • Enforcement of information security policies • Programmer effort to add annotations

More Related