高级检索

    HTML5新特性安全研究综述

    Survey of HTML5 New Features Security

    • 摘要: HTML5是构建Web应用的最新标准,它引入许多新特性来赋予浏览器丰富的功能,但因此也引入了新的安全问题.HTML5安全问题实际由各个新特性的安全问题组成.根据功能差异,对HTML5中的标签与表单、通信功能、离线应用与存储、多媒体、性能与表现、设备访问等新特性的安全性进行了详尽的分析、总结和讨论,指出其蕴含的安全问题及可能的防范方法.然后对现有国内外研究工作进行了总结,进一步将HTML5安全问题归纳为3类:传统威胁延伸、恶意利用、使用不当,为进一步研究提供了思路.最后,指出了HTML5安全研究未来有价值的4个方向:新特性安全性、恶意利用检测、跨平台安全性和新安全应用形式.

       

      Abstract: HTML5 is the latest standard of building Web applications. It introduces many new features to browsers, but also brings new security issues. The security of new features is the essence of HTML5 security. According to the differences in function, we analyze and summarize the security of new features including new label and form, communication, offline and storage, multimedia, performance, device access. The security problems and possible prevention methods are pointed out. Then we summarize existing researches, and classify HTML5 security problems into three categories: extending traditional threats, malicious use and improper use, to provide a new thought for the further study of HTML5 security. At last, four directions of the future work are pointed out: the security of new features, detection of malicious use, cross platform security and new security applications.

       

    /

    返回文章
    返回