Securing Timeout Instructions in Web Applications

Author

Russo, Alejandro ; Sabelfeld, Andrei

Author_Institution

Dept. of Comput. Sci. & Eng., Chalmers Univ. of Technol., Goteborg, Sweden

fYear

2009

fDate

8-10 July 2009

Firstpage

92

Lastpage

106

Abstract

Timeout mechanisms are a useful feature for web applications. However, these mechanisms need to be used with care because, if used as-is, they are vulnerable to timing attacks. This paper focuses on internal timing attacks, a particularly dangerous class of timing attacks, where the attacker needs no access to a clock. In the context of client-side web application security, we present JavaScript-based exploits against the timeout mechanism of the DOM (document object model), supported by the modern browsers. Our experimental findings reveal rather liberal choices for the timeout semantics by different browsers and motivate the need for a general security solution. We propose a foundation for such a solution in the form of a runtime monitor. We illustrate for a simple language that, while being more permissive than a typical static analysis, the monitor enforces termination-insensitive noninterference.

Keywords

Internet; Java; document handling; security of data; JavaScript; Web application security; document object model; internal timing attacks; static analysis; timeout instructions; Application software; Clocks; Computer security; Context modeling; Data security; Information security; Java; Monitoring; Runtime; Timing; information-flow; internal timing covert channel; non-interference; timeouts; web security;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Foundations Symposium, 2009. CSF '09. 22nd IEEE

Conference_Location

Port Jefferson, NY

ISSN

1940-1434

Print_ISBN

978-0-7695-3712-2

Type

conf

DOI

10.1109/CSF.2009.16

Filename

5230485