Closed imnotteixeira closed 3 years ago
Presents some vulnerabilities that can arise from using the HTML5 Local Storage API as is. Also introduces a way of securing data stored using the local storage API, based on the user, not only the domain the data belongs to.
https://www.scopus.com/record/display.uri?eid=2-s2.0-84962284231&origin=resultslist&sort=r-f&src=s&nlo=&nlr=&nls=&sid=11f5326ff2876ac207a7eb8f52534eba&sot=b&sdt=b&sl=33&s=TITLE-ABS-KEY+%28web+local+offline%29&relpos=42&citeCnt=3&searchTerm=
Storage is one of the main services that came with Cloud Computing. It offers to the client the possibility to externalize his data. In this work, we concentrate on the use of HTML5 standard in SaaS cloud Services. In particular, we focus on the local storage APIs that offer to web application the possibility to store user's data and information in browsers. These APIs allow the user to work in offline mode. The problem with HTML5 local storage, besides the lack of security in storage, is the loss of data while moving from one machine to another. Based on the adoption of Digital Safe, the main contributions of our proposal are as follows. First, we add new secure mechanisms to enhance the security in HTML5 local storage APIs. Second, we propose an architecture that ensures a secure synchronization of local data stored with HTML5.