Jin Song DONG
To address multiple security issues in Web applications.
We have satisfied this project’s objective in two ways. First, we have developed new security primitives in the web platform to enforce mandatory security properties. This solution provides strong and flexible confinement techniques to isolate JavScript-based advertisements.
Second, we have developed several large-scale analysis tools to analyse Web applications in an end-to-end manner, covering both client side and server side. This analysis tools have been used to analyse dynamic information flow properties in PHP and Microsoft .NET Web applications.