A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2013; you can also visit the original URL.
The file type is application/pdf
.
Automated Analysis of Security-Critical JavaScript APIs
2011
2011 IEEE Symposium on Security and Privacy
JavaScript is widely used to provide client-side functionality in Web applications. To provide services ranging from maps to advertisements, Web applications may incorporate untrusted JavaScript code from third parties. The trusted portion of each application may then expose an API to untrusted code, interposing a reference monitor that mediates access to security-critical resources. However, a JavaScript reference monitor can only be effective if it cannot be circumvented through programming
doi:10.1109/sp.2011.39
dblp:conf/sp/TalyEMMN11
fatcat:37kond372vbipk2updqjb5iaxm