The modern web experience is dynamic, providing users with a highly responsive interface through which to interact with the world. Today's mechanisms allow servers---even those which are controlled by an attacker---to download arbitrary programs into a user's browser. It is extraordinarily difficult to secure the web browser (and its user) against attack in this scenario. While tools and techniques are useful to analyze and restrict downloaded code, they are by their very nature incomplete. As a result, the security of web services relies on a series of ad hoc, service-provided techniques. Thus even large organizations routinely outsource too-difficult-to-secure web services.
This project will explore an alternative: A modern, dynamic web experience with a focus on safety. Rather than attempting to make arbitrary code safe, it aims to design a safe interface which is far less complex than today's browser environment. This interface will be analyzed for its security properties. It will result in a more tractable environment in which to secure web applications than exists today. Many security properties will be built in; such properties are not dependent on the server side-efforts to secure them. Thus, when using this interface, visiting web sites will pose a smaller threat to users, even from sites which are under the control of an attacker. The project will develop a new semantic foundation for web security and make available open source tools and educational materials for the next generation of web developers.
