synapse india complaints on secure web applications

10
Synapse India Complaints on SECURE WEB APPLICATIONS VIA AUTOMATIC PARTITIONING

Upload: synapseindiacomplaints

Post on 12-Jul-2015

75 views

Category:

Education


0 download

TRANSCRIPT

Page 1: Synapse india complaints on secure web applications

Synapse India Complaints on SECURE WEB APPLICATIONS

VIA AUTOMATIC PARTITIONING

Page 2: Synapse india complaints on secure web applications

Designers of web applicationsWant to push as much as possible application

functionality into the clients Must protect application integrity against

rogue clientsPaper presents a “principled approach” to

building secure web applications“Secure by construction”

Page 3: Synapse india complaints on secure web applications

Servers can be trustedClients cannot

We cannot update ourselves the balances of our bank accounts

Page 4: Synapse india complaints on secure web applications

Swift enforces security by controlling information flow

Prevents release of information toless secure consumers

Will not accept information fromless trusted sources

Page 5: Synapse india complaints on secure web applications

Applications are written in a higher-level programming language that details all security

requirements as annotationsCompiler uses these annotations to decide whether an application and its data can run

on the clientPartitions code and data at the level of individual expressions and object fields

Page 6: Synapse india complaints on secure web applications
Page 7: Synapse india complaints on secure web applications

Written in an extension of Jif 3.0 programming language

Jif is itself an extension of Java with specific mechanisms for information flow control and

access controlExpressed in Jif as labels attached to

program variables

Page 8: Synapse india complaints on secure web applications

Intermediate language with much simpler annotations

S means annotated code/data must be placed on the server

S?C means annotated code/data must be placed on the server but can be replicated on

the client

Page 9: Synapse india complaints on secure web applications

Second phase produces exact placement and replication of code and data

Satisfying all security requirementsMinimizing costs and avoiding unnecessary

network messages

Page 10: Synapse india complaints on secure web applications

Fine grain transformationSome statements within a specific method

may run on the client while other statements must remain on the server