A Lattice-based Approach to Mashup Security
A web mashup is a web application that integrates content from different providers to create a new service, not offered by the content providers. As mashups grow in popularity, the problem of securing information flow between mashup components becomes increasingly important. This paper presents a security lattice-based approach to mashup secu rity, where the origins of the different components of the mashup are used as levels in the security lattice. Declas sification allows controlled information release between the components. We formalize a notion of composite delimited release policy and provide considerations for practical (static as well as runtime) enforcement of mashup information-flow security policies in a web browser.
Web mashups security policies lattices information flow declassification noninterference
Jonas Magazinius Asian Askarov Andrei Sabelfeld
Cornell University
国际会议
北京
英文
15-23
2010-04-13(万方平台首次上网日期,不代表论文的发表时间)