Ciência_Iscte Publicações Descrição Detalhada da Publicação Exportar

Exportar Publicação

A publicação pode ser exportada nos seguintes formatos: referência da APA (American Psychological Association), referência do IEEE (Institute of Electrical and Electronics Engineers), BibTeX e RIS.

Exportar Referência (APA)

Serrão, C. & Rocha, D. (2016). Secure and trustworthy remote JavaScript execution. In Piet Kommers, Pedro Isaías (Ed.), Proceedings of the IADIS International Conference e-Society. Vilamoura: Iadis.

Exportar Referência (IEEE)

C. J. Serrão and D. Rocha,  "Secure and trustworthy remote JavaScript execution", in Proc. of the IADIS Int. Conf. e-Society, Piet Kommers, Pedro Isaías, Ed., Vilamoura, Iadis, 2016

Exportar BibTeX

@inproceedings{serrão2016_1766220856657,
	author = "Serrão, C. and Rocha, D.",
	title = "Secure and trustworthy remote JavaScript execution",
	booktitle = "Proceedings of the IADIS International Conference e-Society",
	year = "2016",
	editor = "Piet Kommers, Pedro Isaías",
	volume = "",
	number = "",
	series = "",
	publisher = "Iadis",
	address = "Vilamoura",
	organization = "Iadis",
	url = "http://esociety-conf.org/oldconferences/2016/"
}

Exportar RIS

TY  - CPAPER
TI  - Secure and trustworthy remote JavaScript execution
T2  - Proceedings of the IADIS International Conference e-Society
AU  - Serrão, C.
AU  - Rocha, D.
PY  - 2016
CY  - Vilamoura
UR  - http://esociety-conf.org/oldconferences/2016/
AB  - Javascript is used more and more as a programming language to develop web applications in order to increase the user experience and application interactivity. Although Javascript is a powerful technology that offers these characteristics, it is also a potential web application attack vector that can be exploited to impact the end-user, since it can be maliciously intercepted and modified. Today, web browsers act as worldwide open windows, executing, on a given user machine (computer, smartphone, tablet or any other), remote code. Therefore, it is important to ensure the trust on the execution of this remote code. This trust should be ensured at the JavaScript remote code producer, during transport and also locally before being executed on the end-user web-browser. In this paper, the authors propose and present a mechanism that allows the secure production and verification of web-applications JavaScript code. The paper also presents a set of tools that were developed to offer JavaScript code protection and ensure its trust at the production stage, but also a proxy-based mechanism that ensures end-users the un-modified nature and source validation of the remote JavaScript code prior to its execution by the end-user browser.

ER  -