{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:23:07Z","timestamp":1750220587189,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":39,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,11,9]],"date-time":"2020-11-09T00:00:00Z","timestamp":1604880000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,11,9]]},"DOI":"10.1145\/3411495.3421364","type":"proceedings-article","created":{"date-parts":[[2020,11,5]],"date-time":"2020-11-05T23:35:56Z","timestamp":1604619356000},"page":"67-76","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["Towards Enabling Secure Web-Based Cloud Services using Client-Side Encryption"],"prefix":"10.1145","author":[{"given":"Martin","family":"Johns","sequence":"first","affiliation":[{"name":"TU Braunschweig, Braunschweig, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Alexandra","family":"Dirksen","sequence":"additional","affiliation":[{"name":"TU Braunschweig, Braunschweig, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,11,9]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"German-based end-to-end encryption solution that integrates seamlessly with dropbox. https:\/\/www.dropbox.com\/app-integrations\/boxcryptor. visited 2020-07-28.  German-based end-to-end encryption solution that integrates seamlessly with dropbox. https:\/\/www.dropbox.com\/app-integrations\/boxcryptor. visited 2020-07-28."},{"key":"e_1_3_2_1_2_1","unstructured":"Communicating securely with mailvelope. https:\/\/www.mailvelope.com\/de. visited 2020-07--28.  Communicating securely with mailvelope. https:\/\/www.mailvelope.com\/de. visited 2020-07--28."},{"key":"e_1_3_2_1_3_1","unstructured":"Priv.ly - share priv(ate).ly. https:\/\/priv.ly\/.  Priv.ly - share priv(ate).ly. https:\/\/priv.ly\/."},{"key":"e_1_3_2_1_4_1","unstructured":"Sendsafely encryption for chrome and gmail. https:\/\/chrome.google.com\/webstore\/detail\/sendsafely-encryption-for\/glpichgelkekjnccdflklcclhnoioblm. visited 2020-07-30.  Sendsafely encryption for chrome and gmail. https:\/\/chrome.google.com\/webstore\/detail\/sendsafely-encryption-for\/glpichgelkekjnccdflklcclhnoioblm. visited 2020-07-30."},{"key":"e_1_3_2_1_5_1","unstructured":"Signal messenger. hhttps:\/\/signal.org.  Signal messenger. hhttps:\/\/signal.org."},{"key":"e_1_3_2_1_6_1","unstructured":"Threema messenger. https:\/\/threema.ch\/.  Threema messenger. https:\/\/threema.ch\/."},{"key":"e_1_3_2_1_7_1","unstructured":"End-to-end encrypted file sync & sharing. https:\/\/www.salesforce.com\/content\/dam\/web\/en_us\/www\/documents\/reports\/wp-platform-encryption-architecture.pdf. visited 2020-04-29.  End-to-end encrypted file sync & sharing. https:\/\/www.salesforce.com\/content\/dam\/web\/en_us\/www\/documents\/reports\/wp-platform-encryption-architecture.pdf. visited 2020-04-29."},{"key":"e_1_3_2_1_8_1","volume-title":"White paper","author":"Whatsapp","year":"2016","unstructured":"Whatsapp encryption overview. White paper , 2016 . Whatsapp encryption overview. White paper, 2016."},{"volume-title":"https:\/\/www.w3.org\/TR\/2011\/WD-html5--20110525\/the-iframe-element.html","year":"2017","key":"e_1_3_2_1_9_1","unstructured":"Html5 - the iframe element. https:\/\/www.w3.org\/TR\/2011\/WD-html5--20110525\/the-iframe-element.html , 2017 . Html5 - the iframe element. https:\/\/www.w3.org\/TR\/2011\/WD-html5--20110525\/the-iframe-element.html, 2017."},{"key":"e_1_3_2_1_10_1","volume-title":"https:\/\/www.google.com\/search?client=safari&rls=en&q=angularjs&ie=UTF-8&oe=UTF-8","author":"Superheroic JS","year":"2020","unstructured":"Angular JS - Superheroic JavaScript MVW Framework . [online] , https:\/\/www.google.com\/search?client=safari&rls=en&q=angularjs&ie=UTF-8&oe=UTF-8 , 2020 . AngularJS - Superheroic JavaScript MVW Framework. [online], https:\/\/www.google.com\/search?client=safari&rls=en&q=angularjs&ie=UTF-8&oe=UTF-8, 2020."},{"key":"e_1_3_2_1_11_1","volume-title":"https:\/\/cloud.google.com\/blog\/products\/identity-security\/introducing-google-cloud-confidential-computing-with-confidential-vms","author":"Introducing","year":"2020","unstructured":"Introducing google cloud confidential computing with confidential vms. https:\/\/cloud.google.com\/blog\/products\/identity-security\/introducing-google-cloud-confidential-computing-with-confidential-vms , 2020 . Introducing google cloud confidential computing with confidential vms. https:\/\/cloud.google.com\/blog\/products\/identity-security\/introducing-google-cloud-confidential-computing-with-confidential-vms, 2020."},{"volume-title":"Do More","year":"2020","key":"e_1_3_2_1_12_1","unstructured":"jQuery : The Write Less , Do More , JavaScript Library . [software], https:\/\/jquery.com, 2020 . visited 2020-04--29. jQuery: The Write Less, Do More, JavaScript Library. [software], https:\/\/jquery.com, 2020. visited 2020-04--29."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1007568.1007632"},{"key":"e_1_3_2_1_14_1","volume-title":"Shadow dom v1: Self-contained web components. https:\/\/developers.google.com\/web\/fundamentals\/web-components\/shadowdom","author":"Bidelman Eric","year":"2017","unstructured":"Eric Bidelman . Shadow dom v1: Self-contained web components. https:\/\/developers.google.com\/web\/fundamentals\/web-components\/shadowdom , 2017 . Eric Bidelman. Shadow dom v1: Self-contained web components. https:\/\/developers.google.com\/web\/fundamentals\/web-components\/shadowdom, 2017."},{"key":"e_1_3_2_1_15_1","volume-title":"W2SP","author":"Chen Eric Y.","year":"2012","unstructured":"Eric Y. Chen , Sergey Gorbaty , Astha Singhal , and Collin Jackson . Self-Exfiltration: The Dangers of Browser-Enforced Information Flow Control . In W2SP , 2012 . URL http:\/\/www.w2spconf.com\/2012\/papers\/w2sp12-final11.pdf. Eric Y. Chen, Sergey Gorbaty, Astha Singhal, and Collin Jackson. Self-Exfiltration: The Dangers of Browser-Enforced Information Flow Control. In W2SP, 2012. URL http:\/\/www.w2spconf.com\/2012\/papers\/w2sp12-final11.pdf."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/CLOUD.2012.122"},{"key":"e_1_3_2_1_17_1","volume-title":"Proceedings on Privacy Enhancing Technologies, 2018","author":"Freyberger Michael","year":"2018","unstructured":"Michael Freyberger , Warren He , Devdatta Akhawe , Michelle L Mazurek , and Prateek Mittal . Cracking shadowcrypt : Exploring the limitations of secure i\/o systems in internet browsers . Proceedings on Privacy Enhancing Technologies, 2018 (2): 47--63, 2018 . Michael Freyberger, Warren He, Devdatta Akhawe, Michelle L Mazurek, and Prateek Mittal. Cracking shadowcrypt: Exploring the limitations of secure i\/o systems in internet browsers. Proceedings on Privacy Enhancing Technologies, 2018 (2): 47--63, 2018."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2996429.2996438"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1536414.1536440"},{"key":"e_1_3_2_1_20_1","volume-title":"Shadow dom. working draft, w3c, june","author":"Glazkov Dimitri","year":"2014","unstructured":"Dimitri Glazkov and Hayato Ito . Shadow dom. working draft, w3c, june 2014 , 2015. Dimitri Glazkov and Hayato Ito. Shadow dom. working draft, w3c, june 2014, 2015."},{"key":"e_1_3_2_1_21_1","volume-title":"Wouter Joosen. Request and Conquer: Exposing Cross-Origin Resource Size. In 25th USENIX Security Symposium (USENIX Security)","author":"Goethem Tom Van","year":"2016","unstructured":"Tom Van Goethem , Mathy Vanhoef , Frank Piessens , and Wouter Joosen. Request and Conquer: Exposing Cross-Origin Resource Size. In 25th USENIX Security Symposium (USENIX Security) , 2016 . Tom Van Goethem, Mathy Vanhoef, Frank Piessens, and Wouter Joosen. Request and Conquer: Exposing Cross-Origin Resource Size. In 25th USENIX Security Symposium (USENIX Security), 2016."},{"key":"e_1_3_2_1_22_1","first-page":"1028","volume-title":"Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14","author":"He Warren","year":"2014","unstructured":"Warren He , Devdatta Akhawe , Sumeet Jain , Elaine Shi , and Dawn Song . Shadowcrypt : Encrypted web applications for everyone . In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14 , pages 1028 -- 1039 , New York, NY, USA , 2014 . ACM. ISBN 978-1-4503-2957-6. 10.1145\/2660267.2660326. URL http:\/\/doi.acm.org\/10.1145\/2660267.2660326. Warren He, Devdatta Akhawe, Sumeet Jain, Elaine Shi, and Dawn Song. Shadowcrypt: Encrypted web applications for everyone. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14, pages 1028--1039, New York, NY, USA, 2014. ACM. ISBN 978-1-4503-2957-6. 10.1145\/2660267.2660326. URL http:\/\/doi.acm.org\/10.1145\/2660267.2660326."},{"key":"e_1_3_2_1_23_1","unstructured":"Ian Hickson. The Web Sockets API. W3C Working Draft WD-websockets-20091222 http:\/\/www.w3.org\/TR\/2009\/WD-websockets-20091222\/ December 2009. URL http:\/\/www.w3.org\/TR\/2009\/WD-websockets-20091222\/.  Ian Hickson. The Web Sockets API. W3C Working Draft WD-websockets-20091222 http:\/\/www.w3.org\/TR\/2009\/WD-websockets-20091222\/ December 2009. URL http:\/\/www.w3.org\/TR\/2009\/WD-websockets-20091222\/."},{"key":"e_1_3_2_1_24_1","volume-title":"Add closed flag to createshadowroot (bugzilla: 20144). https:\/\/github.com\/w3c\/webcomponents\/issues\/100","author":"Ito Hayato","year":"2015","unstructured":"Hayato Ito . Add closed flag to createshadowroot (bugzilla: 20144). https:\/\/github.com\/w3c\/webcomponents\/issues\/100 , 2015 . Hayato Ito. Add closed flag to createshadowroot (bugzilla: 20144). https:\/\/github.com\/w3c\/webcomponents\/issues\/100, 2015."},{"key":"e_1_3_2_1_25_1","unstructured":"Joseph Menn. Facebook to expand encryption drive despite warnings over crime. https:\/\/www.reuters.com\/article\/us-facebook-privacy-encryption\/facebook-will-widen-access-to-encryption-feature-test-safety-measures-idUSKBN1XF2MJ 2019.  Joseph Menn. Facebook to expand encryption drive despite warnings over crime. https:\/\/www.reuters.com\/article\/us-facebook-privacy-encryption\/facebook-will-widen-access-to-encryption-feature-test-safety-measures-idUSKBN1XF2MJ 2019."},{"key":"e_1_3_2_1_26_1","volume-title":"Proc. of ACM Asia Conference on Computer and Communications Security (ASIA CCS)","author":"Musch Marius","year":"2019","unstructured":"Marius Musch , Marius Steffens , Sebastian Roth , Ben Stock , and Martin Johns . Scriptprotect : mitigating unsafe third-party javascript practices . In Proc. of ACM Asia Conference on Computer and Communications Security (ASIA CCS) , 2019 . Marius Musch, Marius Steffens, Sebastian Roth, Ben Stock, and Martin Johns. Scriptprotect: mitigating unsafe third-party javascript practices. In Proc. of ACM Asia Conference on Computer and Communications Security (ASIA CCS), 2019."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043566"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2038916.2038926"},{"key":"e_1_3_2_1_29_1","unstructured":"Jesse Ruderman. The Same Origin Policy. [online] http:\/\/www.mozilla.org\/projects\/security\/components\/same-origin.html (01\/10\/06) August 2001. URL http:\/\/www.mozilla.org\/projects\/security\/components\/same-origin.html.  Jesse Ruderman. The Same Origin Policy. [online] http:\/\/www.mozilla.org\/projects\/security\/components\/same-origin.html (01\/10\/06) August 2001. URL http:\/\/www.mozilla.org\/projects\/security\/components\/same-origin.html."},{"key":"e_1_3_2_1_30_1","volume-title":"W3C Working Draft","author":"Russell Alex","year":"2017","unstructured":"Alex Russell , Jungkee Song , Jake Archibald , and Marijn Kruisselbrink . Service Workers . W3C Working Draft , 2 November 2017 , https:\/\/www.w3.org\/TR\/service-workers-1\/, 2017. Alex Russell, Jungkee Song, Jake Archibald, and Marijn Kruisselbrink. Service Workers. W3C Working Draft, 2 November 2017, https:\/\/www.w3.org\/TR\/service-workers-1\/, 2017."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/CCGrid.2013.109"},{"key":"e_1_3_2_1_32_1","volume-title":"October","author":"Shepherd Eric","year":"2011","unstructured":"Eric Shepherd . window.postmessage. [online], https:\/\/developer.mozilla.org\/en\/DOM\/window.postMessage, last accessed 02\/12\/12 , October 2011 . URL https:\/\/developer.mozilla.org\/en\/DOM\/window.postMessage. Eric Shepherd. window.postmessage. [online], https:\/\/developer.mozilla.org\/en\/DOM\/window.postMessage, last accessed 02\/12\/12, October 2011. URL https:\/\/developer.mozilla.org\/en\/DOM\/window.postMessage."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2000.848445"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897899"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813632"},{"key":"e_1_3_2_1_36_1","unstructured":"Anne van Kesteren. The XMLHttpRequest Object. W3C Working Draft http:\/\/www.w3.org\/TR\/XMLHttpRequest April 2008. URL http:\/\/www.w3.org\/TR\/XMLHttpRequest\/.  Anne van Kesteren. The XMLHttpRequest Object. W3C Working Draft http:\/\/www.w3.org\/TR\/XMLHttpRequest April 2008. URL http:\/\/www.w3.org\/TR\/XMLHttpRequest\/."},{"key":"e_1_3_2_1_37_1","volume-title":"W3C Editor","author":"Security Policy C. Content Content","year":"2017","unstructured":"W3 C. Content Content Security Policy Level 3. W3C Editor 's Draft, 10 May 2017 , https:\/\/w3c.github.io\/webappsec-csp\/, May 2017. URL https:\/\/w3c.github.io\/webappsec-csp\/. W3C. Content Content Security Policy Level 3. W3C Editor's Draft, 10 May 2017, https:\/\/w3c.github.io\/webappsec-csp\/, May 2017. URL https:\/\/w3c.github.io\/webappsec-csp\/."},{"key":"e_1_3_2_1_38_1","volume-title":"https:\/\/github.com\/w3c\/webcomponents\/issues\/100","author":"C. Web","year":"2019","unstructured":"W3 C. Web components. https:\/\/github.com\/w3c\/webcomponents\/issues\/100 , 2019 . visited 2020-07-23. W3C. Web components. https:\/\/github.com\/w3c\/webcomponents\/issues\/100, 2019. visited 2020-07-23."},{"key":"e_1_3_2_1_39_1","volume-title":"End to end encryption update. https:\/\/blog.zoom.us\/end-to-end-encryption-update\/","author":"Yuan Eric S.","year":"2020","unstructured":"Eric S. Yuan . End to end encryption update. https:\/\/blog.zoom.us\/end-to-end-encryption-update\/ , 2020 . Eric S. Yuan. End to end encryption update. https:\/\/blog.zoom.us\/end-to-end-encryption-update\/, 2020."}],"event":{"name":"CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Virtual Event USA","acronym":"CCS '20"},"container-title":["Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3411495.3421364","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3411495.3421364","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T21:31:41Z","timestamp":1750195901000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3411495.3421364"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,11,9]]},"references-count":39,"alternative-id":["10.1145\/3411495.3421364","10.1145\/3411495"],"URL":"https:\/\/doi.org\/10.1145\/3411495.3421364","relation":{},"subject":[],"published":{"date-parts":[[2020,11,9]]},"assertion":[{"value":"2020-11-09","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}