JavaScript is the lingua franca of modern Internet computing. Unlike traditional code, JavaScript is highly dynamic and malleable. While JavaScript is increasingly used in security-critical applications that manipulate sensitive information like banking information and social security numbers, Web browsers' sandboxing mechanism for JavaScript (the "same-origin policy") is too coarse to adequately secure "mashups" that combine code at runtime from mutually distrusting origins.
This project provides tools to secure JavaScript applications from buggy or malicious code by enforcing security policies, written by developers and users, that specify what code should be trusted and what data must be protected.
Faced with dynamic applications like mashups, traditional enforcement mechanisms call for either one incomplete initial analysis or expensive from-scratch re-analysis whenever code is added. This project instead introduces staged program analysis. At each stage, as much analysis as possible is performed as possible given the known code; the remainder of the analysis computation is deferred until more code becomes available.
The system, implemented in a browser and evaluated on real Web sites, must be scalable enough to use with complex, popular sites; precise enough to produce few false positives; efficient enough to run on end users' browsers without noticeable performance degradation; and user-friendly in minimizing user intervention and providing a faithful rendition of protected sites.
For users, the project will make Web 2.0 applications safer and more reliable, without degrading the browsing experience. For developers, it will provide early error detection and the guarantee of safe execution for dynamic Web 2.0 applications.
