kth.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
SandTrap: Securing JavaScript-driven Trigger-Action Platforms
Chalmers Univ Technol, Gothenburg, Sweden..
Chalmers Univ Technol, Gothenburg, Sweden.;Mälardalen Univ, Västerås, Sweden..
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Theoretical Computer Science, TCS.ORCID iD: 0000-0001-6005-5992
Chalmers Univ Technol, Gothenburg, Sweden..
Show others and affiliations
2021 (English)In: Proceedings Of The 30Th USENIX Security Symposium, USENIX ASSOC , 2021, p. 2899-2916Conference paper, Published paper (Refereed)
Abstract [en]

Trigger-Action Platforms (TAPs) seamlessly connect a wide variety of otherwise unconnected devices and services, ranging from IoT devices to cloud services and social networks. TAPs raise critical security and privacy concerns because a TAP is effectively a "person-in-the-middle" between trigger and action services. Third-party code, routinely deployed as "apps" on TAPs, further exacerbates these concerns. This paper focuses on JavaScript-driven TAPs. We show that the popular IFTTT and Zapier platforms and an open-source alternative Node-RED are susceptible to attacks ranging from exfiltrating data from unsuspecting users to taking over the entire platform. We report on the changes by the platforms in response to our findings and present an empirical study to assess the implications for Node-RED. Motivated by the need for a secure yet flexible way to integrate third-party JavaScript apps, we propose SandTrap, a novel JavaScript monitor that securely combines the Node.js vm module with fully structural proxy-based two-sided membranes to enforce fine-grained access control policies. To aid developers, SandTrap includes a policy generation mechanism. We instantiate SandTrap to IFTTT, Zapier, and Node-RED and illustrate on a set of benchmarks how SandTrap enforces a variety of policies while incurring a tolerable runtime overhead.

Place, publisher, year, edition, pages
USENIX ASSOC , 2021. p. 2899-2916
National Category
Computer Systems Computer Sciences
Identifiers
URN: urn:nbn:se:kth:diva-307027ISI: 000722006803010Scopus ID: 2-s2.0-85114467109OAI: oai:DiVA.org:kth-307027DiVA, id: diva2:1626403
Conference
30th USENIX Security Symposium, AUG 11-13, 2021, ELECTR NETWORK
Note

Part of proceedings :ISBN 978-1-939133-24-3, QC 20230118

Available from: 2022-01-11 Created: 2022-01-11 Last updated: 2023-01-18Bibliographically approved

Open Access in DiVA

No full text in DiVA

Scopus

Authority records

Balliu, Musard

Search in DiVA

By author/editor
Balliu, Musard
By organisation
Theoretical Computer Science, TCS
Computer SystemsComputer Sciences

Search outside of DiVA

GoogleGoogle Scholar

urn-nbn

Altmetric score

urn-nbn
Total: 72 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf