Abstract
The ubiquitous Flash platform enables programmers to build sophisticated web application “mash-ups” that combine Flash executables loaded from multiple trust domains with complex, asymmetric trust relationships. Flash provides APIs and run-time checks to help programmers declare and enforce trust relationships between different domains, but there is currently no formal security model for Flash.
This paper presents the first formal security model for the Flash platform. Our formal model instantly reveals that the run-time checks performed by the Flash runtime are not sufficient to enforce data integrity – we present simple example programs that are vulnerable to attacks. We then develop a static type system for Flash programs that lets programmers specify fine-grained trust relationships, and we show that, combined with the run-time checks already performed by the Flash runtime, well-typed programs cannot violate data integrity at run-time.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Adobe: Creating more secure SWF web applications, http://www.adobe.com/devnet/flashplayer/articles/secure_swf_apps.html
OWASP: Example Vulnerabilities, https://www.owasp.org/index.php/Category:OWASP_Flash_Security_Project#Example_Vulnerabilities
Adobe: Adobe Flash Platform, http://www.adobe.com/flashplatform/
Siek, J.G., Taha, W.: Gradual Typing for Functional Languages. In: Scheme and Functional Programming Workshop (2006)
Rastogi, A., Chaudhuri, A., Hosmer, B.: The ins and outs of gradual type inference. In: POPL. ACM (2012)
Howell, J., Jackson, C., Wang, H.J., Fan, X.: Mashupos: operating system abstractions for client mashups. In: HotOS. USENIX Association (2007)
DeVries, B.W., Gupta, G., Hamlen, K.W., Moore, S., Sridhar, M.: Actionscript bytecode verification with co-logic programming. In: PLAS. ACM (2009)
Jang, D., Venkataraman, A., Sawka, G.M., Shacham, H.: Analyzing the cross-domain policies of flash applications. In: W2SP (2011)
Flanagan, C.: Hybrid Type Checking. In: POPL, pp. 245–256. ACM (2006)
Chaudhuri, A., Naldurg, P., Rajamani, S.K.: A type system for data-flow integrity on windows vista. In: PLAS. ACM (2008)
Heintze, N., Riecke, J.G.: The slam calculus: programming with secrecy and integrity. In: POPL. ACM (1998)
Myers, A.C.: Jflow: practical mostly-static information flow control. In: POPL. ACM (1999)
Banerjee, A., Naumann, D.A.: Secure information flow and pointer confinement in a java-like language. In: CSF. IEEE Computer Society (2002)
Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rastogi, A., Chaudhuri, A., Johnson, R. (2012). Types and Access Controls for Cross-Domain Security in Flash. In: Jhala, R., Igarashi, A. (eds) Programming Languages and Systems. APLAS 2012. Lecture Notes in Computer Science, vol 7705. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35182-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-642-35182-2_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35181-5
Online ISBN: 978-3-642-35182-2
eBook Packages: Computer ScienceComputer Science (R0)