UittrekselWeb applications used to simply fetch content from web servers and display those in simple HTML documents. However, nowadays they transitioned into rich Inter- net applications that combine code from different sources. This transition created a need for different more fine-grained tools for securing those applications. The current security mechanisms mostly operate at browser level, those have been found to coarse grained to keep up with the rapid changing web applications development techniques. This results in web applications with a lot of vulnerabilities undermining the security of web applications.
The domain-specific language was validated in two ways, first by express- ing multiple security policies and comparing them to the state of the art libraries. Second we also employed SDSL in an existing application containing vulnera- bilities while not changing the basic architecture of the application. This shows that SDSL allows developers to create security policies to protect objects both on client-side as well as on server-side.
|Datum Prijs||5 sep 2016|
|Begeleider||Elisa Gonzalez Boix (Promotor) & Angel Luis Scull Pupo (Advisor)|