mdh.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
App security with JSFlow
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0002-6621-8390
2016 (English)In: Proceedings - International Conference on Mobile Software Engineering and Systems, MOBILESoft 2016, 2016, 289-290 p.Conference paper, Published paper (Refereed)
Abstract [en]

This abstract accompanies a demo of app security using JSFlow [7]. The interested reader is encouraged to try the JSFlow tool [8] and get a full account of the theory and practice behind JSFlow, as detailed in a journal article [9]. The web has transitioned from simple, static pages to full edged applications. When loading a web application, content and scripts may be downloaded from various sources: the 1st party (the application provider), 3rd parties (e.g., library or service providers), as well other users (indirectly, via user generated content). The situation, where either of these sources is untrustworthy or malicious, may lead to attacker controlled code being executed on users' machines. This is particularly problematic, since attacker controlled code allows for complete circumvention of traditional protection mechanisms, and puts the users in the situation, where they cannot trust applications with sensitive information without endangering the con dentiality of the information.

Place, publisher, year, edition, pages
2016. 289-290 p.
Keyword [en]
Abstracting, Application providers, Journal articles, Protection mechanisms, Sensitive informations, Service provider, Theory and practice, User-generated content, WEB application, Software engineering
National Category
Computer and Information Science
Identifiers
URN: urn:nbn:se:mdh:diva-33114DOI: 10.1145/2897073.2897714ISI: 000398537300053Scopus ID: 2-s2.0-84983509303ISBN: 9781450341783 (print)OAI: oai:DiVA.org:mdh-33114DiVA: diva2:967393
Conference
IEEE/ACM International Conference on Mobile Software Engineering and Systems, MobileSoft 2016, 16 May 2016 through 17 May 2016
Available from: 2016-09-08 Created: 2016-09-08 Last updated: 2017-05-19Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Hedin, Daniel
By organisation
Embedded Systems
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar

Altmetric score

Total: 5 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf