MSc Dissertation: An investigation of JavaScript isolation mechanisms: Sandboxing implementations

Efthymia Viopoulou

Research output: Book/ReportOther report

50 Downloads (Pure)

Abstract

Web developers have been relying more and more on the features of JavaScript for deploying a range of applications, from online banking and email services to digital media delivery and gaming, rendering it the assembly language of the Internet. Since it allows external scripts from untrusted third-parties to access the application's content, it has become an attractive target for cyber attackers. This untested and untrusted by the application's true author code cannot only damage the content of the application it runs within, but also obtain access and modify other applications running on the same browser, or even the host system.
In this paper, we compare implementations that operate as Sandboxes in order to isolate JavaScript from untrusted third-parties, so that they have limited privileges over the application. We use specific metrics to compare them, and afterwards we evaluate those results after testing them on an x64 machine.
Original languageEnglish
Place of PublicationBath U.K.
PublisherDepartment of Computer Science
Number of pages106
Publication statusPublished - Oct 2014

Publication series

NameDepartment of Computer Science Technical Report Series
No.CSBU-2014-03
ISSN (Print)1740-9497
ISSN (Electronic)1740-9497

    Fingerprint

Keywords

  • Security
  • Javascript
  • Sandboxing

Cite this

Viopoulou, E. (2014). MSc Dissertation: An investigation of JavaScript isolation mechanisms: Sandboxing implementations. (Department of Computer Science Technical Report Series; No. CSBU-2014-03). Bath U.K.: Department of Computer Science.