Advanced Web and E-Voting Security

Hi all, 

I will be presenting the paper about building secure mashups using object oriented technology called OMash 

http://www.cs.ucdavis.edu/~hchen/paper/ccs08.pdf

though the problem faced in this research work is similar to the previous 3 papers, the solution provided aims at covering both provider - integrator communication and provider - provider communication. The research also has a broad scope of satisfying all the trust relationships and backward compatability with SOP.

some interesting points to think about would be

-> how useful is the backward compatability to SOP 

->what would happen if some websites decide not to follow the model and some do?

->how would an attacker find loopholes in this model.

and some more

-thanks

Hello

           I will be presenting the paper on SMash which is an implementation by IBM to answer the problem of secure cross domain mashups. There is an additional paper written by the authors called a research report which goes into some more detail on the implementation. It is linked on this web page below

http://domino.research.ibm.com/library/cyberdig.nsf/1e4115aea78b6e7c85256b360066f0d4/0ee2d79f8be461ce8525731b0009404d?OpenDocument

Also there is an updated version of the conference paper we are reading. There only difference I can see with the updated version is that they add a few paragraphs addressing a criticism of their link integrity given by Barth et al in Securing Frame Communication in Browsers

http://domino.research.ibm.com/comm/research_projects.nsf/pages/web_2.0_security.smash.html/$FILE/fp332-dekeukelaere.long.pdf

IBM has donated SMash to the Open Ajax Alliance which has not yet integrated it into their Open Ajax Hub but the source code and some demos can be found here:

http://openajaxallianc.svn.sourceforge.net/viewvc/openajaxallianc/hub/trunk/sandbox/smash/src/

Thanks

Here is a link to the conference paper on MashupOS as discussed in class on Wednesday, which goes into more detail on the <sandbox> and <opensandbox> elements:

Protection and Communication Abstractions for Web Browsers in MashupOS
Helen J. Wang, Xiaofeng Fan, Jon Howell, and Collin Jackson
In Proc. of the 21st ACM Symposium on Operating Systems Principles (SOSP 2007)

Hello All,

My name is Prithvi Bisht and I will present the paper titled “Analyzing Websites for User-Visible Security Design Flaws” on Wednesday, 4 March.

The main question asked in this paper is “Do legitimate websites assist in making secure decisions?”

a.       What flaws (design level) exist that facilitate attacks like Phishing, Social engineering?

b.      How these flaws can be removed?

This paper presents a survey of financial websites for security relevant flaws and recommends several remedies. In the class we will take an in-depth look at the design flaws, perform security and usability analysis of the recommendations, and discuss issues/solutions for designing secure web applications.

Note:  An equally important question “Do users make secure decisions” is covered in prior works like the following –

[1] Why Phishing Works – R. Dhamija et al., SICHI 2006

[2] The emperor’s new security indicators: An evaluation of website authentication and the effect of role playing on usability studies – S. Schechter et al., IEEE S&P 2007

Hi,

I am Himanshu Sharma and will be presenting this paper in class on Monday 03/02.

Purpose of the paper: Questioning and Detection of webpage integrity  on the  way from server to client browser, by using Web tripwires.
Web Tripwires: Client side JavaScript code that detects any change in the HTML Source Code.

It addresses the following issues:

- Why we need web tripwires.

- Who can cause the changes to web pages in transit.

- Purpose behind those changes.

- Bugs/ Vulnerabilities generated because of the changes

The paper proposes 5 web tripwire designs based on JavaScript with their pros and cons. It also compares the costs associated between tripwires and HTTPS.

The researchers have also published an open source toolkit for publishers to use with their websites, with the ability to make certain policy decisions. It uses the best of the 5  techniques implemented by the researchers - ” XHR on Self”.

The paper’s language is easy and descriptive and i hope the discussion on Monday will be beneficial for all in understanding it.

Hi all,

I am karthik and I will be presenting the paper “SpyProxy: Execution-based Detection of Malicious Web Content” on Wednesday, Feb 25,2009. This paper explores the use of execution-based Web content analysis to protect users from Internet-borne malware. Many anti-malware tools use signatures to identify malware infections on a user’s PC. In contrast, the authors approach is to render and observe active Web content in a disposable virtual machine before it reaches the user’s browser, identifying and blocking pages whose behavior is suspicious. Execution-based analysis can defend against undiscovered threats and zero-day attacks. However, it cannot identify cross site scripting and the authors approach faces challenges, such as achieving good interactive performance, and limitations, such as defending against malicious Web content that contains non-determinism.

Hi all. Am Guru. I will be presenting the paper on “A Safety-Oriented Platform forWeb Applications” here we will be concentrating on ‘Tahoma web browser’

We will go through the Tahoma Browser architecture and discuss how secure this browser is and also the pros and cons of this architecture. Tahoma architecture is based on the concept of users expectation of having a browser behave and be trustworthy like a real OS running on your PC.

Tahoma incorporates the following

- Isolates Web Applications
- Isolates Web browsers from the host operating system

Tahoma uses

- Xen Virtual machine on Linux OS
- Konqueror Web Browser

Here are some useful links for further reading.

http://en.wikipedia.org/wiki/Xen
http://en.wikipedia.org/wiki/Konqueror
http://www.cl.cam.ac.uk/research/srg/netos/xen/
http://www.vmware.com/pdf/asplos235_adams.pdf

Also this is a linkt to paper published by microsoft which critics the OP webbroswer, Chrome and Tahoma which uses ‘Browser Kernel’ as basic browser design and proposes a new browser called ‘Gazelle’. It was real fun to read.

http://research.microsoft.com/pubs/79655/gazelle.pdf

Thanks.

Gazelle is a new concept browser from Microsoft. I found this paper interesting, given the fact we just analyzed Doppelganger, OP and Chromium, with Tahoma on the horizon. You can find the paper here: http://research.microsoft.com/pubs/79655/gazelle.pdf.

Hi,
I am Kalpana Gondi, and I will be discussing the paper on “The Security Architecture of the Chromium Browser” on Wednesday, Feb 18,2009. The paper discusses the design of Google’s chrome browser from the security perspective. It is interesting to know that, chrome browser grabbed 3% share of the market within a month of its release in Sep 2008.
Chrome browser also uses a modular approach similar to OP browser (discussed in the last class). The key design goal for this browser is to prevent execution of arbitrary code in the browser code base (through exploitation of unpatched / zero day vulnerabilities). Threat model doesn’t cover – phishing, web site vulnerabilities (XSS, XSRF). As there is a production quality browser available, it seems more stable than OP.
Through sandboxing most browser code, and controlling access to OS resources, Chrome browser seems to reasonably achieve the design goals and can avoid  -

• persistent Malware
• Transient Keylogger
• File theft

Google chrome browser consists of two modules -

1. Rendering Engine (acts on behalf of the web)
2. Browser Kernel (acts on behalf of the user)

Rendering Engine is run in a sandbox which limits attackers’ abilities to compromise the user system. You can get more details about the sandbox design followed by google chrome at (mentioned in the references) http://dev.chromium.org/developers/design-documents/sandbox.
We will discuss in detail the architecture given in the paper and the security implications of the same. Also, a discussion on what security aspects to look for in browsers would be fruitful.