Balancing Isolation and Sharing of Data in Third-Party Extensible App Ecosystems
- Cite this paper as:
- Schröder F., Reischuk R.M., Gehrke J. (2015) Balancing Isolation and Sharing of Data in Third-Party Extensible App Ecosystems. In: Cimiano P., Frasincar F., Houben GJ., Schwabe D. (eds) Engineering the Web in the Big Data Era. ICWE 2015. Lecture Notes in Computer Science, vol 9114. Springer, Cham
In the landscape of application ecosystems, today’s cloud users wish to personalize not only their browsers with various extensions or their smartphones with various applications, but also the various extensions and applications themselves. The resulting personalization significantly raises the attractiveness for typical Web 2.0 users, but gives rise to various security risks and privacy concerns, such as unforeseen access to certain critical components, undesired information flow of personal information to untrusted applications, or emerging attack surfaces that were not possible before a personalization has taken place. We propose a novel extensibility mechanism to implement personalization of existing cloud applications towards (possibly untrusted) components in a secure and privacy-friendly manner. More details of the results can be found in the long version  of this paper.
Unable to display preview. Download preview PDF.