ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2016, Vol. 53 ›› Issue (10): 2163-2172.doi: 10.7544/issn1000-1239.2016.20160686

Special Issue: 2016网络空间共享安全研究进展专题

Previous Articles     Next Articles

Survey of HTML5 New Features Security

Zhang Yuqing1,2, Jia Yan1, Lei Kenan1, Lü Shaoqing3, Yue Hongzhou1   

  1. 1(State Key Laboratory of Integrated Services Networks (Xidian University), Xi’an 710071); 2(National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing 101408); 3(Shaanxi Key Laboratory of Information Communication Network and Security (Xi’an University of Posts and Telecommunications), Xi’an 710121)
  • Online:2016-10-01

Abstract: HTML5 is the latest standard of building Web applications. It introduces many new features to browsers, but also brings new security issues. The security of new features is the essence of HTML5 security. According to the differences in function, we analyze and summarize the security of new features including new label and form, communication, offline and storage, multimedia, performance, device access. The security problems and possible prevention methods are pointed out. Then we summarize existing researches, and classify HTML5 security problems into three categories: extending traditional threats, malicious use and improper use, to provide a new thought for the further study of HTML5 security. At last, four directions of the future work are pointed out: the security of new features, detection of malicious use, cross platform security and new security applications.

Key words: Web security, HTML5, literature review, postMessage, WebSocket, AppCache, WebStorage

CLC Number: