TWC: Small: New Foundations for Secure JavaScript

TWC：小型：安全 JavaScript 的新基础

• 批准号: 1223850
• 负责人: Ranjit Jhala
• 金额: $ 40万
• 依托单位: University of California-San Diego
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2012
• 资助国家: 美国
• 起止时间: 2012-09-01 至 2017-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1223850&HistoricalAwards=false
• 关键词: TWC; Small; New; Foundations; Secure

JavaScript has transformed the way in which software systems are developed, deployed and extended. It is now used to build complex, security sensitive applications for communications, retail, and banking, and is even a primary building block of web browsers themselves. Unfortunately, the advent of JavaScript has also opened the door to new classes of security vulnerabilities, as applications manipulate security critical client information like browsing history, passwords, bank account numbers, social security numbers and so on. Worse, the absence of language-level isolation mechanisms makes it hard to establish confidentiality and integrity of key software components.We believe that the key to making the web more secure is to develop a practical, precise and expressive type system for JavaScript and to use it as a foundation for developing security policies, analyses and enforcement mechanisms for JavaScript browser extensions and applications. Thus, we propose to develop a type system for JavaScript that is expressive enough to support JavaScript's dynamic idioms, practical enough to require minimal programmer intervention and hence, be capable of highly automated analysis of large code bases, and easily extensible enough to allow developers to specify and enforce different kinds of fine-grained security policies.Our research will lead to the following contributions: End Users will be able to freely run extensions, plugins and rich browser applications from trusted sites, without having to suffer the plagues of code-injection, information exfiltration or the unpalatable cures of fully dynamic enforcement whose overhead can render sites unusable. Developers will be able to fully enjoy the fruits of static verification, in a familiar package: namely types. Types will allow developers to specify at the right granularity, the permissions required for some functionality, and will prevent the inadvertent vulnerabilities that are introduced by overprovisioning, or under-sanitization of data. Curators that aggregate third party applications (e.g. ``app stores" for various mobile platforms) will be able to use type-based certificates to quickly vet applications, thereby determining if an application is safe to host without compromising the reputation of the platform.

JavaScript改变了软件系统的开发、部署和扩展方式。它现在被用来为通信、零售和银行构建复杂的、安全敏感的应用程序，甚至是web浏览器本身的主要构建块。不幸的是，JavaScript的出现也为新的安全漏洞类别打开了大门，因为应用程序操纵安全关键的客户端信息，如浏览历史、密码、银行账号、社会保险号等。更糟糕的是，缺乏语言级隔离机制使得建立关键软件组件的保密性和完整性变得困难。我们相信，使网络更安全的关键是为JavaScript开发一个实用、精确和富有表现力的类型系统，并将其作为开发JavaScript浏览器扩展和应用程序的安全策略、分析和执行机制的基础。因此，我们建议为JavaScript开发一种类型系统，它具有足够的表现力以支持JavaScript的动态习惯，足够实用以最少的程序员干预，因此能够高度自动化地分析大型代码库，并且易于扩展以允许开发人员指定和执行不同类型的细粒度安全策略。我们的研究将带来以下贡献：终端用户将能够在可信站点上自由运行扩展、插件和富浏览器应用程序，而不必遭受代码注入、信息泄露或完全动态执行的令人讨厌的治疗方法的困扰，这些方法的开销可能会导致站点无法使用。开发人员将能够在一个熟悉的包中充分享受静态验证的成果：即类型。类型将允许开发人员以正确的粒度指定某些功能所需的权限，并将防止由于过度供应或数据处理不足而引入的无意漏洞。聚合第三方应用程序(例如；“应用商店”（适用于各种移动平台）将能够使用基于类型的证书来快速审查应用程序，从而确定应用程序是否可以安全托管，而不会损害平台的声誉。