Please use this identifier to cite or link to this item:
Author(s): Serrão, C.
Rocha, D.
Editor: Piet Kommers, Pedro Isaías
Date: 2016
Title: Secure and trustworthy remote JavaScript execution
ISBN: 978-989-8533-48-7
Keywords: Web applications
Abstract: Javascript is used more and more as a programming language to develop web applications in order to increase the user experience and application interactivity. Although Javascript is a powerful technology that offers these characteristics, it is also a potential web application attack vector that can be exploited to impact the end-user, since it can be maliciously intercepted and modified. Today, web browsers act as worldwide open windows, executing, on a given user machine (computer, smartphone, tablet or any other), remote code. Therefore, it is important to ensure the trust on the execution of this remote code. This trust should be ensured at the JavaScript remote code producer, during transport and also locally before being executed on the end-user web-browser. In this paper, the authors propose and present a mechanism that allows the secure production and verification of web-applications JavaScript code. The paper also presents a set of tools that were developed to offer JavaScript code protection and ensure its trust at the production stage, but also a proxy-based mechanism that ensures end-users the un-modified nature and source validation of the remote JavaScript code prior to its execution by the end-user browser.
Peerreviewed: yes
Access type: Open Access
Appears in Collections:ISTAR-CRI - Comunicações a conferências internacionais

Files in This Item:
File Description SizeFormat 
conferenceobject_30214.pdfVersão Aceite448,77 kBAdobe PDFView/Open

FacebookTwitterDeliciousLinkedInDiggGoogle BookmarksMySpaceOrkut
Formato BibTex mendeley Endnote Logotipo do DeGóis Logotipo do Orcid 

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.