The Dangers of Third Party Content课件.ppt

Login page! On the whole, we need more control over what active content gets run on our sites. There aren’t good solutions to many of these problems and the content providers seem to be going out of their way to make it difficult. I bring them up so that you will be aware of the potential dangers when you’re faced with these decisions in your organizations. And so that you can lean on your content providers to provide you with a better security model. The Dangers of Third Party Content Tom Stripling Senior Consultant Security PS tstripling@ (913) 888-2111 Introduction What are we talking about today? More and more organizations are using third parties (users, business partners, etc.) to provide active content for their sites. “Third party active content” is anything on your site that you didn’t create that can change the way the site functions For today, we’ll focus on JavaScript, but other types have similar risks This can be a Bad Thing? if users or application owners get false assumptions about trust. The “Circle of Trust” The “Amorphous Blob of Trust” 3 Factors of Control Who is allowed to put content (JavaScript, HTML, Flash, CSS, etc.) on your page? What could be accomplished if it were malicious? Can you prevent unexpected changes in content? Scenario 1: User-Provided Content Site customization Intended to customize look and feel for user pages, but can often do more Examples: Myspace, Blogger, etc. User-provided features Uses JavaScript/Flash/whatever to create gizmos, gadgets, mini-apps, etc. Examples: Google gadgets, Google OpenSocial, Facebook, etc. Introduction to iGoogle Google Gadget Approval Process I create a gadget and put it on my server I submit the gadget to Google Gadget is approved? Yes No Uploaded to Google servers, displayed in content directory and loadable on users’ homepages with 1 click Uploaded to Google servers, displayed somewhere else and loadable on users’ homepages with 2 clicks Google Gadget Security Model Whether my gadg