Object Capabilities and Isolation of Untrusted Web Applications

Download Now Date Added: Mar 2010
Format: PDF

A growing number of current web sites combine active content (applications) from untrusted sources, as in so-called mashups. The object-capability model provides an appealing approach for isolating untrusted content: if separate applications are provided disjoint capabilities, a sound object-capability framework should prevent untrusted applications from interfering with each other, without preventing interaction with the user or the hosting page. In developing language-based foundations for isolation proofs based on object-capability concepts, the authors identify a more general notion of authority safety that also implies resource isolation.