Ankur Taly : 2011 Security Workshop

 

Monday, April 11, 2011
Location: Fisher Conference Center, Arrillaga Alumni Center

"Automated Encapsulation Analysis of Security-Critical JavaScript APIs"
1:30pm - 2:00pm

Abstract:

JavaScript is widely used to provide client-side functionality in Web applications. To provide services ranging from maps to advertisements, Web applications may incorporate untrusted JavaScript code from third parties. The trusted portion of each application may then expose an API to untrusted code, interposing a reference monitor that mediates access to security-critical resources. However, a JavaScript reference monitor can only be effective if it cannot be circumvented through programming tricks or programming language idiosyncrasies. In order to verify complete mediation of critical resources for applications of interest, we define the semantics of a restricted version of JavaScript devised by the ECMA Standards committee for isolation purposes, and develop and test an automated tool that can soundly establish that a given API cannot be circumvented or subverted. Our tool reveals a previously-undiscovered vulnerability in the widely-examined Yahoo! ADSafe filter and verifies confinement of the repaired filter and other examples from the Object-Capability literature.


Joint work with Ulfar Erlingsson, John C. Mitchell, Mark S. Miller and Jasvir Nagra.


Bio:

I am a 4th year Ph.D candidate in the Department of Computer Science at Stanford University, working with Prof. John C. Mitchell. Prior to joining Stanford, I completed my B.Tech in Computer Science from Indian Institute of Technology, Bombay in 2007. My research interests include- web-security, formal methods, programming languages and logic. My thesis project revolves around designing language-based mechanisms for securing JavaScript applications.