TY - GEN
T1 - CanvasMirror
T2 - 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks: Supplemental Volume, DSN-S 2020
AU - Lee, Jiyeon
N1 - Publisher Copyright:
© 2020 IEEE.
PY - 2020/6
Y1 - 2020/6
N2 - Web technology has evolved to offer 360-degree immersive browsing experiences. This new technology, called WebVR, enables virtual reality by rendering a three-dimensional world on an HTML canvas. Unfortunately, there exists no browser-supported way of sharing this canvas between different parties. As a result, third-party library providers with ill intent (e.g., stealing sensitive information from end-users) can easily distort the entire WebVR site. To mitigate the new threats posed in WebVR, we propose CanvasMirror, which allows publishers to specify the behaviors of third-party libraries and enforce this specification. We show that CanvasMirror effectively separates the third-party context from the host origin by leveraging the privilege separation technique and safely integrates VR contents on a shared canvas.
AB - Web technology has evolved to offer 360-degree immersive browsing experiences. This new technology, called WebVR, enables virtual reality by rendering a three-dimensional world on an HTML canvas. Unfortunately, there exists no browser-supported way of sharing this canvas between different parties. As a result, third-party library providers with ill intent (e.g., stealing sensitive information from end-users) can easily distort the entire WebVR site. To mitigate the new threats posed in WebVR, we propose CanvasMirror, which allows publishers to specify the behaviors of third-party libraries and enforce this specification. We show that CanvasMirror effectively separates the third-party context from the host origin by leveraging the privilege separation technique and safely integrates VR contents on a shared canvas.
KW - Third-party sandboxing
KW - Web security
KW - WebVR
UR - http://www.scopus.com/inward/record.url?scp=85093654820&partnerID=8YFLogxK
U2 - 10.1109/DSN-S50200.2020.00040
DO - 10.1109/DSN-S50200.2020.00040
M3 - Conference contribution
AN - SCOPUS:85093654820
T3 - Proceedings - 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks: Supplemental Volume, DSN-S 2020
SP - 75
EP - 76
BT - Proceedings - 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 29 June 2020 through 2 July 2020
ER -