Building data-centric security mechanisms for web applications
MetadataShow full item record
Data loss from web applications at different points of compromise has become a major liability in recent years. Existing security guidelines, policies, and tools fail often, ostensibly for reasons stemming from blatant disregard of common practice to subtle exploits originating from complex interactions between components. Current security mechanisms focus on “how to stop illicit data transfer”(i.e., the “syntax”), and many tools achieve that goal in principle. Yet, the practice of securing data additionally depends on allowing administrators to clearly specify “what data should be secured” (i.e., the “semantics”). Currently, translation from “security semantics” to “security syntax” is manual, timeconsuming, and ad hoc. Even a slight oversight in the translation process could render the entire system insecure. Security semantics frequently need modifications due to changes in various external factors such as policy changes, user reclassification, and even code refactoring. This dissertation hypothesizes that adaptation to such changes would be faster and less error prone if the tools also focused on automating translation from semantics to syntax, in addition to simply executing the syntax. With this approach, we build following low maintenance security tools that prevent unauthorized sensitive data transfer at various vantage points in the World Wide Web ecosystem. We show how the security tools can take advantage of inherent properties of the sensitive information in each case, making the translation process automatic and faster: ● Appu, a tool that automatically finds personal information(semantics) spread across web services, and suggests actions(syntax) to minimize data loss risks. ● Newton, a tool that formalizes the access control model using web cookies. Using this formal approach, it improves the security of the existing session management techniques by detecting(semantics) and protecting(syntax) privileged cookies without requiring input from the site administrator. ● SilverLine, a system for cloudbased web services that automatically derives data exfiltration rules(syntax) from the information about sensitive database tables & intertable relationships(semantics). Then, it executes these rules using information flow control mechanism.