{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:22:59Z","timestamp":1750306979579,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":36,"publisher":"ACM","license":[{"start":{"date-parts":[[2013,6,20]],"date-time":"2013-06-20T00:00:00Z","timestamp":1371686400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2013,6,20]]},"DOI":"10.1145\/2465106.2465432","type":"proceedings-article","created":{"date-parts":[[2013,6,11]],"date-time":"2013-06-11T16:03:50Z","timestamp":1370966630000},"page":"71-82","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["GlassTube"],"prefix":"10.1145","author":[{"given":"Per A.","family":"Hallgren","sequence":"first","affiliation":[{"name":"Keyflow AB & Chalmers University of Technology, Gothenburg, Sweden"}]},{"given":"Daniel T.","family":"Mauritzson","sequence":"additional","affiliation":[{"name":"Ericsson AB & Chalmers University of Technology, Gothenburg, Sweden"}]},{"given":"Andrei","family":"Sabelfeld","sequence":"additional","affiliation":[{"name":"Chalmers University of Technology, Gothenburg, Sweden"}]}],"member":"320","published-online":{"date-parts":[[2013,6,20]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1367497.1367568"},{"key":"e_1_3_2_1_2_1","unstructured":"Aung Khant. A Most-Neglected Fact about Cross Site Request Forgery. http:\/\/yehg.net\/lab\/pr0js\/articles\/A_Most-Neglected_Fact_About_CSRF.pdf?1334750354 August 2010.  Aung Khant. A Most-Neglected Fact about Cross Site Request Forgery. http:\/\/yehg.net\/lab\/pr0js\/articles\/A_Most-Neglected_Fact_About_CSRF.pdf?1334750354 August 2010."},{"key":"e_1_3_2_1_3_1","volume-title":"December","author":"Barth A.","year":"2011","unstructured":"A. Barth . The Web Origin Concept. RFC 6454 (Proposed Standard) , December 2011 . A. Barth. The Web Origin Concept. RFC 6454 (Proposed Standard), December 2011."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.5555\/1940366.1940373"},{"key":"e_1_3_2_1_5_1","unstructured":"Eric Butler. Firesheep. http:\/\/codebutler.com\/firesheep.  Eric Butler. Firesheep. http:\/\/codebutler.com\/firesheep."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046734"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCN.2011.6005788"},{"key":"e_1_3_2_1_8_1","first-page":"1","volume-title":"Proc. USENIX Security Symposium","author":"Chong S.","year":"2007","unstructured":"S. Chong , K. Vikram , and A. C. Myers . Sif: Enforcing confidentiality and integrity in web applications . In Proc. USENIX Security Symposium , pages 1 -- 16 , August 2007 . S. Chong, K. Vikram, and A. C. Myers. Sif: Enforcing confidentiality and integrity in web applications. In Proc. USENIX Security Symposium, pages 1--16, August 2007."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1461928.1461949"},{"key":"e_1_3_2_1_10_1","volume-title":"February","author":"Chung C.","year":"2011","unstructured":"C. Chung , A. Kasyanov , J. Livingood , N. Mody , and B. Van Lieu . Comcast's Web Notification System Design. RFC 6108 (Informational) , February 2011 . C. Chung, A. Kasyanov, J. Livingood, N. Mody, and B. Van Lieu. Comcast's Web Notification System Design. RFC 6108 (Informational), February 2011."},{"key":"e_1_3_2_1_11_1","unstructured":"Italo Dacosta Saurabh Chakradeo Mustaque Ahamad and Patrick Traynor. One-time cookies: Preventing session hijacking attacks with stateless authentication tokens. http:\/\/smartech.gatech.edu\/handle\/1853\/42609.  Italo Dacosta Saurabh Chakradeo Mustaque Ahamad and Patrick Traynor. One-time cookies: Preventing session hijacking attacks with stateless authentication tokens. http:\/\/smartech.gatech.edu\/handle\/1853\/42609."},{"key":"e_1_3_2_1_12_1","volume-title":"August","author":"Dierks T.","year":"2008","unstructured":"T. Dierks and E. Rescorla . The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard) , August 2008 . Updated by RFCs 5746, 5878, 6176. T. Dierks and E. Rescorla. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard), August 2008. Updated by RFCs 5746, 5878, 6176."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.1976.1055638"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1007\/BF00124891"},{"key":"e_1_3_2_1_15_1","volume-title":"June","author":"Fielding R.","year":"1999","unstructured":"R. Fielding , J. Gettys , J. Mogul , H. Frystyk , L. Masinter , P. Leach , and T. Berners-Lee . Hypertext Transfer Protocol -- HTTP\/1.1. RFC 2616 (Draft Standard) , June 1999 . Updated by RFCs 2817, 5785, 6266. R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee. Hypertext Transfer Protocol -- HTTP\/1.1. RFC 2616 (Draft Standard), June 1999. Updated by RFCs 2817, 5785, 6266."},{"key":"e_1_3_2_1_16_1","volume-title":"Computer Security","author":"Gollmann D.","year":"2006","unstructured":"D. Gollmann . Computer Security ( 2 nd Edition). Wiley , 2006 . D. Gollmann. Computer Security (2nd Edition). Wiley, 2006.","edition":"2"},{"key":"e_1_3_2_1_17_1","unstructured":"Google. Google Web Toolkit. https:\/\/developers.google.com\/web-toolkit\/.  Google. Google Web Toolkit. https:\/\/developers.google.com\/web-toolkit\/."},{"key":"e_1_3_2_1_18_1","volume-title":"Ubiquity and Security","author":"Guttman J.","year":"2007","unstructured":"J. Guttman . Invited tutorial: Integrity . Presentation at the Dagstuhl Seminar on Mobility , Ubiquity and Security , February 2007 . http:\/\/www.dagstuhl.de\/07091\/. Slides at http:\/\/web.cs.wpi.edu\/ guttman\/. J. Guttman. Invited tutorial: Integrity. Presentation at the Dagstuhl Seminar on Mobility, Ubiquity and Security, February 2007. http:\/\/www.dagstuhl.de\/07091\/. Slides at http:\/\/web.cs.wpi.edu\/ guttman\/."},{"key":"e_1_3_2_1_19_1","volume-title":"April","author":"Hammer-Lahav E.","year":"2010","unstructured":"E. Hammer-Lahav . The OAuth 1.0 Protocol. RFC 5849 (Informational) , April 2010 . E. Hammer-Lahav. The OAuth 1.0 Protocol. RFC 5849 (Informational), April 2010."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1982185.1982511"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420977"},{"key":"e_1_3_2_1_22_1","volume-title":"March","author":"Urushima Kenji","year":"2010","unstructured":"Kenji Urushima . SSL\/ TLS Supported Cipher Suites . http:\/\/www9.atwiki.jp\/kurushima\/pub\/pkimisc\/SSLTLS_CipherSuite_Support_Table_.html , March 2010 . Kenji Urushima. SSL\/TLS Supported Cipher Suites. http:\/\/www9.atwiki.jp\/kurushima\/pub\/pkimisc\/SSLTLS_CipherSuite_Support_Table_.html, March 2010."},{"key":"e_1_3_2_1_23_1","volume-title":"5th conference on \"Sicherheit, Schutz und Zuverl\u00e4ssigkeit\" (GI Sicherheit 2012)","author":"Lekies Sebastian","year":"2012","unstructured":"Sebastian Lekies , Walter Tighzert , and Martin Johns . Towards stateless, client-side driven cross-site request forgery protection for web applications . In 5th conference on \"Sicherheit, Schutz und Zuverl\u00e4ssigkeit\" (GI Sicherheit 2012) , 2012 . Sebastian Lekies, Walter Tighzert, and Martin Johns. Towards stateless, client-side driven cross-site request forgery protection for web applications. In 5th conference on \"Sicherheit, Schutz und Zuverl\u00e4ssigkeit\" (GI Sicherheit 2012), 2012."},{"key":"e_1_3_2_1_24_1","volume-title":"Workshop on Formal Aspects in Security and Trust (FAST'03)","author":"Li P.","year":"2003","unstructured":"P. Li , Y. Mao , and S. Zdancewic . Information integrity policies . In Workshop on Formal Aspects in Security and Trust (FAST'03) , 2003 . P. Li, Y. Mao, and S. Zdancewic. Information integrity policies. In Workshop on Formal Aspects in Security and Trust (FAST'03), 2003."},{"key":"e_1_3_2_1_25_1","volume-title":"August","author":"Masinter L.","year":"1998","unstructured":"L. Masinter . The \"data\" URL scheme. RFC 2397 (Proposed Standard) , August 1998 . L. Masinter. The \"data\" URL scheme. RFC 2397 (Proposed Standard), August 1998."},{"key":"e_1_3_2_1_27_1","volume-title":"July","author":"Myers A. C.","year":"2001","unstructured":"A. C. Myers , L. Zheng , S. Zdancewic , S. Chong , and N. Nystrom . Jif: Java information flow. Software release. Located at http:\/\/www.cs.cornell.edu\/jif , July 2001 . A. C. Myers, L. Zheng, S. Zdancewic, S. Chong, and N. Nystrom. Jif: Java information flow. Software release. Located at http:\/\/www.cs.cornell.edu\/jif, July 2001."},{"key":"e_1_3_2_1_28_1","unstructured":"National Institute of Standards and Technology. Cryptographic Algorithm Object Registration. http:\/\/csrc.nist.gov\/groups\/ST\/crypto_apps_infra\/csor\/algorithms.html February 2011.  National Institute of Standards and Technology. Cryptographic Algorithm Object Registration. http:\/\/csrc.nist.gov\/groups\/ST\/crypto_apps_infra\/csor\/algorithms.html February 2011."},{"key":"e_1_3_2_1_29_1","volume-title":"Mobile Network Tracing. RFC 2041 (Informational)","author":"Noble B.","year":"1996","unstructured":"B. Noble , G. Nguyen , M. Satyanarayanan , and R. Katz . Mobile Network Tracing. RFC 2041 (Informational) , October 1996 . B. Noble, G. Nguyen, M. Satyanarayanan, and R. Katz. Mobile Network Tracing. RFC 2041 (Informational), October 1996."},{"key":"e_1_3_2_1_30_1","volume-title":"Pfleeger and Shari Lawrence Pfleeger. Security in Computing","author":"Charles","year":"2006","unstructured":"Charles P. Pfleeger and Shari Lawrence Pfleeger. Security in Computing ( 4 th Edition). Prentice Hall , 2006 . Charles P. Pfleeger and Shari Lawrence Pfleeger. Security in Computing (4th Edition). Prentice Hall, 2006.","edition":"4"},{"key":"e_1_3_2_1_31_1","series-title":"LNCS","doi-asserted-by":"crossref","first-page":"147","DOI":"10.1007\/10720107_21","volume-title":"Security Protocols","author":"Roe M.","year":"2000","unstructured":"M. Roe . Performance of protocols. In Security Protocols , volume 1796 of LNCS , pages 147 -- 152 , 2000 . M. Roe. Performance of protocols. In Security Protocols, volume 1796 of LNCS, pages 147--152, 2000."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2002.806121"},{"key":"e_1_3_2_1_33_1","volume-title":"Proceedings of the IFIP WG11","author":"Sandhu Ravi S.","year":"1994","unstructured":"Ravi S. Sandhu . On five definitions of data integrity . In Proceedings of the IFIP WG11 .3 Working Conference on Database Security VII, pages 257--267 , 1994 . Ravi S. Sandhu. On five definitions of data integrity. In Proceedings of the IFIP WG11.3 Working Conference on Database Security VII, pages 257--267, 1994."},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2187836.2187926"},{"key":"e_1_3_2_1_35_1","volume-title":"Cryptography and Network Security. Pearson Education","author":"Stallings William","year":"2011","unstructured":"William Stallings . Cryptography and Network Security. Pearson Education , fifth edition, 2011 . William Stallings. Cryptography and Network Security. Pearson Education, fifth edition, 2011."},{"key":"e_1_3_2_1_36_1","unstructured":"W3C Web Cryptography Working Group. Group charter. http:\/\/www.w3.org\/2011\/11\/webcryptography-charter.html.  W3C Web Cryptography Working Group. Group charter. http:\/\/www.w3.org\/2011\/11\/webcryptography-charter.html."},{"key":"e_1_3_2_1_37_1","unstructured":"World Wide Web Consortium. Cross-Origin Resource Sharing. http:\/\/www.w3.org\/TR\/2012\/WD-cors-20120403\/ April 2012.  World Wide Web Consortium. Cross-Origin Resource Sharing. http:\/\/www.w3.org\/TR\/2012\/WD-cors-20120403\/ April 2012."}],"event":{"name":"PLDI '13: ACM SIGPLAN Conference on Programming Language Design and Implementation","sponsor":["SIGPLAN ACM Special Interest Group on Programming Languages"],"location":"Seattle Washington USA","acronym":"PLDI '13"},"container-title":["Proceedings of the Eighth ACM SIGPLAN workshop on Programming languages and analysis for security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2465106.2465432","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2465106.2465432","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T08:39:36Z","timestamp":1750235976000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2465106.2465432"}},"subtitle":["a lightweight approach to web application integrity"],"short-title":[],"issued":{"date-parts":[[2013,6,20]]},"references-count":36,"alternative-id":["10.1145\/2465106.2465432","10.1145\/2465106"],"URL":"https:\/\/doi.org\/10.1145\/2465106.2465432","relation":{},"subject":[],"published":{"date-parts":[[2013,6,20]]},"assertion":[{"value":"2013-06-20","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}