An Investigation into Possible Attacks on HTML5 IndexedDB and their Prevention

Stefan Kimak, Jeremy Ellman, Christopher Laing

Research output: Contribution to conferencePaperpeer-review

Abstract

over the past 20 years web browsers have changed considerably from being a simple text display to now supporting complex multimedia applications [1]. The client can now enjoy chatting, playing games and Internet banking. All these applications have something in common, they can be run on multiple platforms and in some cases they will run offline. With the introduction of HTML5 this evolution will increase, with browsers offering greater levels of functionality. However, with the introduction of HTML5, new persistent database security vulnerabilities could impact on this functionality. IndexedDB functionality involves storing application data on the client PC. As client data including sensitive information is now stored locally, consequently vulnerabilities within HTML5’s IndexedDB scheme could have devastating consequences. This paper will investigate potential vulnerabilities, and propose security framework for HTML5’s IndexedDB files that could be included as part of an inherited web browser security.
Original languageEnglish
Publication statusPublished - 2012
Event6th Conference on Software, Knowledge, Information Management and Applications (SKIMA 2012) - Chengdu University
Duration: 1 Jan 2012 → …

Conference

Conference6th Conference on Software, Knowledge, Information Management and Applications (SKIMA 2012)
Period1/01/12 → …

Keywords

  • web security
  • HTML5
  • IndexedDB

Fingerprint

Dive into the research topics of 'An Investigation into Possible Attacks on HTML5 IndexedDB and their Prevention'. Together they form a unique fingerprint.

Cite this