Software

Limiting Information Leakage in Event-Based Communication

Date Added: Jun 2011
Format: PDF

Event-based communication is a major source of power and flexibility for today's applications. For example, in the context of a web browser, the dynamism of user experience is driven by events: fine-grained interaction of the user with a web application triggers events reactively handled by JavaScript code. This paper explores channels for leaking sensitive information through constructs in a reactive language. The authors propose a general and realizable security framework for preventing information leaks in a reactive setting with such features as new handler creation and hierarchical event structures.