Towards Enabling Secure Web-Based Cloud Services using Client-Side Encryption
| Autor: | Martin Johns, Alexandra Dirksen |
|---|---|
| Rok vydání: | 2020 |
| Předmět: |
050101 languages & linguistics
business.industry Computer science 05 social sciences Interoperability Client-side encryption Cloud computing 02 engineering and technology JavaScript Web application security Computer security computer.software_genre Encryption Browser security 0202 electrical engineering electronic engineering information engineering Web application 020201 artificial intelligence & image processing 0501 psychology and cognitive sciences business computer computer.programming_language |
| Zdroj: | CCSW@CCS |
| Popis: | The recent years have brought an influx of privacy conscious applications, that enable strong security guarantees for end-users via end-to-end or client-side encryption. Unfortunately, this application paradigm is not easily transferable to web-based cloud applications. The reason for this lies within adversary's enhanced control over client-side computing through application provided JavaScript. In this paper, we propose CryptoMembranes - a set of native client-side components that allow the development of web applications which provide a robust isolation layer between the client-side encrypted user data and the potentially untrusted JavaScript, while maintaining full interoperability with current client-side development practices. In addition, to enable a realistic transition phase, we show how CryptoMembranes can be realized for currently existing web browsers via a standard browser extension. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|