Rethinking web platform extensibility

RUcore: Rutgers University Community Repository

Search
- All
- Text
- Images
- Audio
- Video
Advanced Search | Help

Search all content in all RUcore collections.
Services
Collections

Help Contact Us My Account

Home

Resource

Staff View

Rethinking web platform extensibility

Descriptive Metadata

Rights Metadata

Technical Metadata

Descriptive

TitleInfo

Title

Rethinking web platform extensibility

Name (type = personal)

NamePart (type = family)

Dhawan

NamePart (type = given)

Mohan

NamePart (type = date)

1983-

DisplayForm

Mohan Dhawan

Role

RoleTerm (authority = RULIB)

author

Name (type = personal)

NamePart (type = family)

Ganapathy

NamePart (type = given)

Vinod

DisplayForm

Vinod Ganapathy

Affiliation

Advisory Committee

Role

RoleTerm (authority = RULIB)

chair

Name (type = personal)

NamePart (type = family)

Iftode

NamePart (type = given)

Liviu

DisplayForm

Liviu Iftode

Affiliation

Advisory Committee

Role

RoleTerm (authority = RULIB)

internal member

Name (type = personal)

NamePart (type = family)

Kremer

NamePart (type = given)

Ulrich

DisplayForm

Ulrich Kremer

Affiliation

Advisory Committee

Role

RoleTerm (authority = RULIB)

internal member

Name (type = personal)

NamePart (type = family)

Singh

NamePart (type = given)

Kapil

DisplayForm

Kapil Singh

Affiliation

Advisory Committee

Role

RoleTerm (authority = RULIB)

outside member

Name (type = corporate)

NamePart

Rutgers University

Role

RoleTerm (authority = RULIB)

degree grantor

Name (type = corporate)

NamePart

Graduate School - New Brunswick

Role

RoleTerm (authority = RULIB)

school

TypeOfResource

Text

Genre (authority = marcgt)

theses

OriginInfo

DateCreated (qualifier = exact)

2013

DateOther (qualifier = exact); (type = degree)

2013-05

Place

PlaceTerm (type = code)

Language

LanguageTerm (authority = ISO639-2b); (type = code)

eng

Abstract (type = abstract)

The modern Web platform provides an extensible architecture that lets third party extensions, often untrusted, enhance and customize the Web browser and the Web applications. While the prevalence of extensions for both browsers and applications has been instrumental in making the Web browser hugely successful, there are two critical issues that the designers of the modern Web platform have not yet tackled in a principled manner. First, both the third party extensions and the extensible components of the Web platform include numerous vulnerabilities, which can compromise the security and privacy of end users. Second, the black-box and opaque nature of the Web platform limits the extent of extensibility achievable for Web developers, thereby hampering the development of novel browser-based user applications. This dissertation develops new tools and techniques to address the problem of insecure extensibility in the Web platform, proposes novel language and system level solutions to make extensibility a first class primitive for developing Web software, and demonstrates that these methods are applicable to real-world Web applications and Web browser extensions. Specifically, this dissertation makes the following three contributions. First, it studies and characterizes the problem of insecure JavaScript-based Web browser extensions using a specialized program analysis system, Sabre, which leverages JavaScript-level information flow mechanism to detect violations in client’s confidentiality and integrity arising from execution of untrusted extensions. Second, it formalizes the concept of transactions for JavaScript and implements Transcript, a language runtime system that allows hosting principals, i.e., Web browser and Web applications, to isolate untrusted JavaScript-based extensions using speculative execution. Lastly, this dissertation presents the design and implementation of Atlantis, a novel, extensible browser architecture that allows Web applications to define their own runtime environment and become more secure and robust. Atlantis enables developers with primitives to manage the Web application’s security and privacy, and removes their dependence on opaque, legacy Web interfaces.

Subject (authority = RUETD)

Topic

Computer Science

RelatedItem (type = host)

TitleInfo

Title

Rutgers University Electronic Theses and Dissertations

Identifier (type = RULIB)

ETD

Identifier

ETD_4561

PhysicalDescription

Form (authority = gmd)

electronic resource

InternetMediaType

application/pdf

InternetMediaType

text/xml

Extent

vii, 139 p. : ill.

Note (type = degree)

Ph.D.

Note (type = bibliography)

Includes bibliographical references

Note (type = statement of responsibility)

by Mohan Dhawan

Subject (authority = ETD-LCSH)

Topic

Browsers (Computer programs)

Subject (authority = ETD-LCSH)

Topic

Computing platforms

Identifier (type = hdl)

http://hdl.rutgers.edu/1782.1/rucore10001600001.ETD.000068836

RelatedItem (type = host)

TitleInfo

Title

Graduate School - New Brunswick Electronic Theses and Dissertations

Identifier (type = local)

rucore19991600001

Location

PhysicalLocation (authority = marcorg); (displayLabel = Rutgers, The State University of New Jersey)

NjNbRU

Identifier (type = doi)

doi:10.7282/T38P5Z39

Genre (authority = ExL-Esploro)

ETD doctoral

Back to the top

Rights

RightsDeclaration (ID = rulibRdec0006)

The author owns the copyright to this work.

RightsHolder (type = personal)

Name

FamilyName

Dhawan

GivenName

Mohan

Role

RightsEvent

Type

Permission or license

DateTime (encoding = w3cdtf); (qualifier = exact); (point = start)

2013-03-29 08:34:51

AssociatedEntity

Name

Mohan Dhawan

Role

Affiliation

Rutgers University. Graduate School - New Brunswick

AssociatedObject

Type

License

Name

Author Agreement License

Detail

I hereby grant to the Rutgers University Libraries and to my school the non-exclusive right to archive, reproduce and distribute my thesis or dissertation, in whole or in part, and/or my abstract, in whole or in part, in and from an electronic format, subject to the release date subsequently stipulated in this submittal form and approved by my school. I represent and stipulate that the thesis or dissertation and its abstract are my original work, that they do not infringe or violate any rights of others, and that I make these grants as the sole owner of the rights to my thesis or dissertation and its abstract. I represent that I have obtained written permissions, when necessary, from the owner(s) of each third party copyrighted matter to be included in my thesis or dissertation and will supply copies of such upon request by my school. I acknowledge that RU ETD and my school will not distribute my thesis or dissertation or its abstract if, in their reasonable judgment, they believe all such rights have not been secured. I acknowledge that I retain ownership rights to the copyright of my work. I also retain the right to use all or part of this thesis or dissertation in future works, such as articles or books.

Status

Availability

Status

Open

Reason

Permission or license

Back to the top

Technical

RULTechMD (ID = TECHNICAL1)

ContentModel

ETD

OperatingSystem (VERSION = 5.1)

windows xp

Back to the top

Version 8.5.5