a secure architecture for untrusted web browser plugins
play

A Secure Architecture for Untrusted Web Browser Plugins Achim - PowerPoint PPT Presentation

Dec 17, 2023 •171 likes •424 views

A Secure Architecture for Untrusted Web Browser Plugins Achim Weimert SECT/TU-Berlin March 18, 2011 Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 1 / 21 Outline Introduction 1 Design 2 3 Implementation

  1. A Secure Architecture for Untrusted Web Browser Plugins Achim Weimert SECT/TU-Berlin March 18, 2011 Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 1 / 21

  2. Outline Introduction 1 Design 2 3 Implementation Evaluation 4 Demo 5 Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 2 / 21

  3. Introduction Web browser: ◮ Display web page ◮ Execute JavaScript Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 3 / 21

  4. Introduction Web browser: ◮ Display web page ◮ Execute JavaScript Plugins: ◮ Extend browser functionality ◮ Provided by third-party ◮ Executed in browser context ◮ Netscape Plugin API (NPAPI) Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 3 / 21

  5. Browser Vulnerabilities Plugins to attack web browser Availability Integrity Confidentiality Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 4 / 21

  6. Browser Vulnerabilities Plugins to attack web browser Availability Integrity Confidentiality Threat model Attacker controls web page, plugin Trusted OS, browser, user Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 4 / 21

  7. Goal Create architecture that... allows for multi-media plugins ◮ low latency ◮ high data throughput ◮ low computation overhead ◮ multiple event sources ◮ threading ◮ prioritization prevents attacks on browser security Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 5 / 21

  8. Design Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 6 / 21

  9. Design Design... ... an interface Checkable information flow ... an architecture Provide interface Enforce interface Facilitate multi-media plugins Overview Execution model, host-client interaction, threading library Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 7 / 21

  10. Execution Model Virtual CPU model (vCPU) Resembles physical CPU Sequential execution model Control flow diversion on events Allows for user level threads Allows for synchronization Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 8 / 21

  11. Execution Model Virtual CPU model (vCPU) Resembles physical CPU Sequential execution model Control flow diversion on events Allows for user level threads Allows for synchronization Host-Client Interaction System calls Events Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 8 / 21

  12. Client Threading Library Multi-threading: ◮ preemption ◮ scheduling ◮ prioritization of events and threads ◮ synchronization Dynamic memory Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 9 / 21

  13. Implementation Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 10 / 21

  14. Implementation Tools Ubuntu Linux 9.10 (64bit) C++ / Assembly Implementation separate from the browser Sandboxing vCPU Preemption Thread priorities Event priorities Synchronization System calls User level resume Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 11 / 21

  15. vCPU System Calls Host waits for client changes using waitpid Segmentation fault at specific address Manipulation of client using ptrace Implemented System Calls exit / sleep / resume / deliver event / get data / display Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 12 / 21

  16. User Level Resume Resume client state without system call high usage of syscall resume repeated switching to host user level implementation ◮ high performance ◮ RET instruction Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 13 / 21

  17. Evaluation Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 14 / 21

  18. Evaluation System Call Roundtrip clock cycles per call time per call relation vCPU ( syscall null ) 37 , 702 ticks ≈ 35 . 671 µs 100 % native (getpid) 248 ticks ≈ 0 . 234 µs 1 % Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 15 / 21

  19. Evaluation cont. Context Switch configuration time per switch relation 1 user level resume ≈ 1 . 0 µs 100 % vCPU 2 syscall resume ≈ 16 . 5 µs 1 , 732 % 3 shared addr. ( clone ) ≈ 2 . 3 µs 237 % 300 % 4 native separate addr. (fork) ≈ 2 . 9 µs 5 separate addr. (clone) ≈ 2 . 9 µs 300 % Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 16 / 21

  20. Evaluation cont. Computation Overhead time relation vCPU 13,733 ms 100 . 0 % native 13,643 ms 99 . 3 % Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 17 / 21

  21. Evaluation cont. Event Latency 10000 Latency of events with parallel data event handling threads 8000 Latency in CPU clock cycles 6000 4000 2000 0 1 2 3 4 5 6 Number of parallel data event handling threads Figure: Latency of events: increasing number of data event handling threads Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 18 / 21

  22. Evaluation cont. Event Latency with parallel events 2.5e+06 Average event latency for HIGH priority handling (1) Average event latency for EQUAL priority handling (2) 2e+06 Average CPU cycles per 100 events 1.5e+06 1e+06 500000 0 0 1 2 3 4 5 Number of parallel data event handling threads Figure: Latency of data events: increasing number of data event handling threads Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 19 / 21

  23. FFmpeg Demo Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 20 / 21

  24. Q & A Thank you! Questions? Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 21 / 21

Recommend

jVPFS: Adding Robustness to a Secure Stacked File System with Untrusted Local Storage Components

jVPFS: Adding Robustness to a Secure Stacked File System with Untrusted Local Storage Components

Department of Computer Science Institute of Systems Architecture, Operating Systems Group jVPFS: Adding Robustness to a Secure Stacked File System with Untrusted Local Storage Components Carsten Weinhold, Hermann Hrtig INTRODUCTION

429 views • 21 slides
Session 1 Session 1 Tool Time Tuesday Tool Time Tuesday Bandwidth, Browser Plugins, WebEx &

Session 1 Session 1 Tool Time Tuesday Tool Time Tuesday Bandwidth, Browser Plugins, WebEx &

Session 1 Session 1 Tool Time Tuesday Tool Time Tuesday Bandwidth, Browser Plugins, WebEx & Skype Guides Bandwidth, Browser Plugins, WebEx & Skype Guides Hello! Hello! Laurissa Gann, MSLS, AHIP Lesli Moore, MLS Research Medical

250 views • 14 slides
ISOLATION DEFENSES GRAD SEC OCT 03 2017 ISOLATION Running untrusted code in a trusted

ISOLATION DEFENSES GRAD SEC OCT 03 2017 ISOLATION Running untrusted code in a trusted

ISOLATION DEFENSES GRAD SEC OCT 03 2017 ISOLATION Running untrusted code in a trusted environment Possibly with multiple tenants Setting OS: users / processes Browser: webpages / browser extensions Cloud: virtual machines (VMs)

272 views • 25 slides
InkTag: Secure Applications on an Untrusted Operating System Paper from The University of Texas

InkTag: Secure Applications on an Untrusted Operating System Paper from The University of Texas

InkTag: Secure Applications on an Untrusted Operating System Paper from The University of Texas at Austin by: Owen S. Hofmann, Kim Sangmann, Alan M. Dunn, Michael Z. Lee, and Emmett Witchel Presented by: Kyle May and Carson Boden Outline

680 views • 26 slides
Router Plugins (Formerly Crossbow) A Software Architecture for Next Generation Routers John

Router Plugins (Formerly Crossbow) A Software Architecture for Next Generation Routers John

Router Plugins (Formerly Crossbow) A Software Architecture for Next Generation Routers John DeHart jdd@arl.wustl.edu Washington January 9, 2001 Router Plugins (Crossbow) 1 WASHINGTON UNIVERSITY IN ST LOUIS Agenda 9:00 - 9:20

551 views • 13 slides
A Secure Softw are A Secure Softw are Architecture Architecture Description Language

A Secure Softw are A Secure Softw are Architecture Architecture Description Language

A Secure Softw are A Secure Softw are Architecture Architecture Description Language Description Language Jie Ren, Richard N. Taylor Department of Informatics University of California, Irvine Software Security Assurance Tools, Techniques,

354 views • 22 slides
Pipelight Windows browser plugins on Linux Michael Mller Sebastian Lackner Erich E. Hoover

Pipelight Windows browser plugins on Linux Michael Mller Sebastian Lackner Erich E. Hoover

Pipelight Windows browser plugins on Linux Michael Mller Sebastian Lackner Erich E. Hoover May 7, 2014 1 / 35 $ whoami Michael Mller (michael@fds-team.de) studying computer science at the university of Heidelberg, Germany Sebastian

1.25k views • 35 slides
Bareos Python Plugins Introduction Stephan Dhr Feb 3, 2017 Agenda Bareos architecture and

Bareos Python Plugins Introduction Stephan Dhr Feb 3, 2017 Agenda Bareos architecture and

Bareos Python Plugins Introduction Stephan Dhr Feb 3, 2017 Agenda Bareos architecture and terminology Introduction Plugin overview (FD, SD, DIR) Detailed View at FileDaemon Plugins FD Plugin Examples Discussion of Plugin

437 views • 43 slides
Secure Architecture Principles Isolation and Least Privilege Access Control Concepts

Secure Architecture Principles Isolation and Least Privilege Access Control Concepts

Secure Architecture Principles Isolation and Least Privilege Access Control Concepts Operating Systems Browser Isolation and Least Privilege Original slides were created by Prof. John Mitchel and Suman Janna Some slides are from

1.03k views • 58 slides
Requirements for Secure Device Authentication Iden&ty in the browser

Requirements for Secure Device Authentication Iden&ty in the browser

Requirements for Secure Device Authentication Iden&ty in the browser workshop, 24-25 May 2011, Mountain View Mark Watson, Mitch Zollinger, Wesley Miaw 1

328 views • 9 slides
InkTag: Secure Applications on an Untrusted Operating System Owen Hofmann, Sangman Kim, Alan

InkTag: Secure Applications on an Untrusted Operating System Owen Hofmann, Sangman Kim, Alan

InkTag: Secure Applications on an Untrusted Operating System Owen Hofmann, Sangman Kim, Alan Dunn, Mike Lee, Emmett Witchel UT Austin You trust your OS... should you? The OS is the software root of trust on most systems The OS is a

1.06k views • 79 slides
Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work

Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work

Proof-Carrying Data: secure computation on untrusted execution platforms Eran Tromer Joint work with Alessandro Chiesa Eli Ben-Sasson Daniel Genkin 1 Technion Cryptoday June 16, 2011 Motivation 3 Motivation INTEGRITY CONFIDENTIALITY

725 views • 50 slides
Plutus: scalable secure file sharing on untrusted storage Mahesh Kallahalla HP Labs Joint work

Plutus: scalable secure file sharing on untrusted storage Mahesh Kallahalla HP Labs Joint work

Plutus: scalable secure file sharing on untrusted storage Mahesh Kallahalla HP Labs Joint work with Erik Riedel (Seagate Research), Ram Swaminathan (HP Labs), Qian Wang (Penn State), Kevin Fu (MIT) March 31 2003 Why care about storage

399 views • 27 slides
Safe Loading A Foundation for Secure Execution of Untrusted Programs Mathias Payer, Tobias

Safe Loading A Foundation for Secure Execution of Untrusted Programs Mathias Payer, Tobias

Safe Loading A Foundation for Secure Execution of Untrusted Programs Mathias Payer, Tobias Hartmann, Thomas R. Gross Department of Computer Science ETH Zurich, Switzerland Motivation Application code Kernel 2 Motivation Application code

483 views • 30 slides
Secure Coding Patterns @andhallberg TrueSec Trust Domain-Driven Security The Untrusted Pa7ern

Secure Coding Patterns @andhallberg TrueSec Trust Domain-Driven Security The Untrusted Pa7ern

Secure Coding Patterns @andhallberg TrueSec Trust Domain-Driven Security The Untrusted Pa7ern Immutability The Inverse Life Coach Pa7ern Trust The founda>on of so?ware security 1. Hello! Im Businessman Bob! 2. Hello! Im the bank!

877 views • 69 slides
Secure Coding Patterns Andreas Hallberg, TrueSec Trust Domain-Driven Security The Untrusted

Secure Coding Patterns Andreas Hallberg, TrueSec Trust Domain-Driven Security The Untrusted

Secure Coding Patterns Andreas Hallberg, TrueSec Trust Domain-Driven Security The Untrusted Pattern Immutability The Inverse Life Coach Pattern Trust The foundation of software security 1. Hello! Im Businessman Bob! 2. Hello! Im the

666 views • 66 slides
Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras Untrusted Programs Untrusted Application Entire Application untrusted Part of application untrusted Modules or library untrusted

797 views • 46 slides
Run Any Software in a Browser NVIDIA GTC, April 7, 2016 What is Frame? Frame is a secure cloud

Run Any Software in a Browser NVIDIA GTC, April 7, 2016 What is Frame? Frame is a secure cloud

Run Any Software in a Browser NVIDIA GTC, April 7, 2016 What is Frame? Frame is a secure cloud platform that lets organizations deliver amazing experiences and workflows to users on all connected devices . Pixels user input Confidential Why

540 views • 21 slides
13 Vim plugins I use every day VimConf 2019 Tatsuhiro Ujihisa 13 Vim plugins I use every day

13 Vim plugins I use every day VimConf 2019 Tatsuhiro Ujihisa 13 Vim plugins I use every day

13 Vim plugins I use every day VimConf 2019 Tatsuhiro Ujihisa 13 Vim plugins I use every day VimConf 2019 Tatsuhiro Ujihisa Abstract I'm going to talk about how I use these plugins to be able to write code effectively as a professional

362 views • 25 slides
Architecture and evolution of the modern web browser Alan Grosskurth, Michael W. Godfrey David

Architecture and evolution of the modern web browser Alan Grosskurth, Michael W. Godfrey David

Architecture and evolution of the modern web browser Alan Grosskurth, Michael W. Godfrey David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON N2L 3G1, Canada Abstract A reference architecture for a domain captures

467 views • 24 slides
Virtels Browser -Based 3270 Terminal Emulation Working from Home: Virtels Secure 3270 TE

Virtels Browser -Based 3270 Terminal Emulation Working from Home: Virtels Secure 3270 TE

Webinar Working from Home with Virtels Browser -Based 3270 Terminal Emulation Working from Home: Virtels Secure 3270 TE Limited Time Offer Shelter-in-place Plan Our Offer Everyone works from home Virtel Web Access = browser-based

219 views • 21 slides
The Browser as a Secure Platform for Loosely Coupled, Private-Data Mashups Ben Adida C enter for

The Browser as a Secure Platform for Loosely Coupled, Private-Data Mashups Ben Adida C enter for

The Browser as a Secure Platform for Loosely Coupled, Private-Data Mashups Ben Adida C enter for R esearch on C omputation and S ociety Harvard University 24 May 2007 web mashups : interesting combinations. Aggressive web 2.0

745 views • 18 slides
xrootd news Paul Millar Zeuthen, dCache workshop xrootd plugins xrootd has plugins that allow

xrootd news Paul Millar Zeuthen, dCache workshop xrootd plugins xrootd has plugins that allow

xrootd news Paul Millar Zeuthen, dCache workshop xrootd plugins xrootd has plugins that allow extension of behaviour Authentication plugins Authorisation / name-space mapping See Gerd's talk Xrootd news | Paul Millar | 2012-04-18 |

522 views • 6 slides
Secure Web Applications with AWA Stphane Carrez FOSDEM 2019 What is a Web Application

Secure Web Applications with AWA Stphane Carrez FOSDEM 2019 What is a Web Application

Secure Web Applications with AWA Stphane Carrez FOSDEM 2019 What is a Web Application Client server program with browser as client Examples: Gmail, Dropbox, Netflix, Zoho,... Server Server Database Client Front Back Browser End

1.09k views • 34 slides

More recommend