Balancing Isolation and Sharing of Data in Third-Party Extensible App Ecosystems
In the landscape of application ecosystems, today’s cloud users wish to personalize not only their browsers with various extensions or their smartphones with various applications, but also the various extensions and applications themselves. The resulting personalization significantly raises the attractiveness for typical Web 2.0 users, but gives rise to various security risks and privacy concerns, such as unforeseen access to certain critical components, undesired information flow of personal information to untrusted applications, or emerging attack surfaces that were not possible before a personalization has taken place. We propose a novel extensibility mechanism to implement personalization of existing cloud applications towards (possibly untrusted) components in a secure and privacy-friendly manner. More details of the results can be found in the long version  of this paper.
KeywordsData Item Output Table Extensibility Mechanism Access Control Policy Input Table
Unable to display preview. Download preview PDF.
- 2.Jørstad, I., Thanh, D.V., Dustdar, S.: Personalisation of next generation mobile services. In: Norrie, M.C., Dustdar, S., Gall, H.C. (eds.) UMICS 2006 (2007)Google Scholar
- 3.Reischuk, R.M., Backes, M., Gehrke, J.: SAFE extensibility for data-driven web applications. In: 21st Int. Conf. on World Wide Web, pp. 799–808. ACM (2012)Google Scholar
- 4.Schröder, F., Reischuk, R.M., Gehrke, J.: Balancing isolation and sharing of data for third-party extensible app ecosystems (2015). http://arxiv.org/abs/1412.7641