Blog: Web Security Tool Copies Apps' Moves; "Ripley," developed by Microsoft Research

Web Security Tool Copies Apps' Moves
Technology Review (11/09/09) Mims, Christopher

Microsoft researchers have developed Ripley, a way to secure Web applications by cloning the user's browser and running the application remotely. Ripley, announced at ACM's Computer and Communications Security Conference, which takes place Nov. 9-13 in Chicago, prevents a remote hacker or malicious user from changing the behavior of code running inside a Web browser by creating an exact copy of the computational environment and running that copy on the server. Ripley also relays all of the user's actions, including mouse clicks, keystrokes, and other inputs, from the client to the server as a compressed event stream. The behavior of the clone code is compared to the behavior of the application running on the user's browser. If any discrepancies occur, Ripley disconnects the client. "You cannot trust anything that happens in the client," says Ripley lead developer Ben Livshits. "It's basically the devil in the browser from the developer's point of view." Livshits says Ripley is completely invisible to the end user and will not affect the normal function of a Web application. Ripley can even enhance the performance of Web applications, because the clone program is written in .Net, which is 10 to 100 times faster than the JavaScript used on the client side. University of California, Berkeley researcher Adam Barth says Ripley is part of a larger trend to protect the integrity of client-side programs. "The work suggests that security would benefit if we validated more than we're validating today," Barth says.

View Full Article