Information Security Seminar  RSS

Sessions

23/11/2010, 16:15 — 17:15 — Amphitheatre Pa2, Mathematics Building
, INRIA, Sophia-Antipolis

Security in Hop web Applications

I will present common security problems related to integrity violations in web applications and work in progress towards providing solutions for applications written in the Hop language. We are interested in providing formal bases to prove that in web applications (and more generally generated mashups): (i) trusted components are code injection free at run-time (ii) t untrusted components influence to trusted components is limited to a set of given authorized resources. We investigate formalizations of these properties by means of web applications abstract semantics and discuss correct implementations to enforce them.
Note Exceptional Day and Room!