TY - JOUR
T1 - WebC
T2 - toward a portable framework for deploying legacy code in web browsers
AU - Yin, Jie
AU - Tan, Gang
AU - Bai, Xiao Long
AU - Hu, Shi Min
N1 - Publisher Copyright:
© 2015, Science China Press and Springer-Verlag Berlin Heidelberg.
Copyright:
Copyright 2017 Elsevier B.V., All rights reserved.
PY - 2015/7/1
Y1 - 2015/7/1
N2 - For security, most web applications are developed in some type-safe language, such as JavaScriptor Java. However, there is a huge amount of legacy codes developed in unsafe languages, which provide richfunctionality and are more efficient than their type-safe counterparts. To allow browsers to incorporate type-safecomponents in a secure way, previous approaches use the software-based fault isolation (SFI) to isolate untrustedlegacy code. The SFI approach performs machine-code transformation for security, but the downside is the lossof architecture independence. We propose WebC, a system that allows legacy code transmitted over the web viathe Low Level Virtual Machine (LLVM) bitcode format. The untrusted bitcode is transformed by WebC intocode in the WebC security language, which enforces both memory isolation and control-flow integrity. Comparedwith previous approaches, WebC is more portable, provides stronger security, and allows more flexible memorymanagement. Experimental results show that the average runtime overhead of WebC is modest.
AB - For security, most web applications are developed in some type-safe language, such as JavaScriptor Java. However, there is a huge amount of legacy codes developed in unsafe languages, which provide richfunctionality and are more efficient than their type-safe counterparts. To allow browsers to incorporate type-safecomponents in a secure way, previous approaches use the software-based fault isolation (SFI) to isolate untrustedlegacy code. The SFI approach performs machine-code transformation for security, but the downside is the lossof architecture independence. We propose WebC, a system that allows legacy code transmitted over the web viathe Low Level Virtual Machine (LLVM) bitcode format. The untrusted bitcode is transformed by WebC intocode in the WebC security language, which enforces both memory isolation and control-flow integrity. Comparedwith previous approaches, WebC is more portable, provides stronger security, and allows more flexible memorymanagement. Experimental results show that the average runtime overhead of WebC is modest.
UR - http://www.scopus.com/inward/record.url?scp=84933672258&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84933672258&partnerID=8YFLogxK
U2 - 10.1007/s11432-015-5285-y
DO - 10.1007/s11432-015-5285-y
M3 - Article
AN - SCOPUS:84933672258
VL - 58
JO - Science in China, Series F: Information Sciences
JF - Science in China, Series F: Information Sciences
SN - 1009-2757
IS - 7
ER -