TY - GEN
T1 - Blockaid
T2 - 16th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2022
AU - Zhang, Wen
AU - Sheng, Eric
AU - Chang, Michael
AU - Panda, Aurojit
AU - Sagiv, Mooly
AU - Shenker, Scott
N1 - Funding Information:
We are grateful to Alin Deutsch and Victor Vianu for the many discussions about query determinacy, and to Nikolaj Bjørner, Alvin Cheung, Vivian Fang, and members of the Berkeley Net-Sys Lab for their help with the project. We also thank the anonymous reviewers and our shepherd Malte Schwarzkopf for their helpful comments. This research was funded in part by NSF grants 1817116 and 2145471, and gifts from Intel and VMware.
Publisher Copyright:
© 2022 by The USENIX Association. All rights reserved.
PY - 2022
Y1 - 2022
N2 - Modern web applications serve large amounts of sensitive user data, access to which is typically governed by data-access policies. Enforcing such policies is crucial to preventing improper data access, and prior work has proposed many enforcement mechanisms. However, these prior methods either alter application semantics or require adopting a new programming model; the former can result in unexpected application behavior, while the latter cannot be used with existing web frameworks. Blockaid is an access-policy enforcement system that preserves application semantics and is compatible with existing web frameworks. It intercepts database queries from the application, attempts to verify that each query is policy-compliant, and blocks queries that are not. It verifies policy compliance using SMT solvers and generalizes and caches previous compliance decisions for better performance. We show that Blockaid supports existing web applications while requiring minimal code changes and adding only modest overheads.
AB - Modern web applications serve large amounts of sensitive user data, access to which is typically governed by data-access policies. Enforcing such policies is crucial to preventing improper data access, and prior work has proposed many enforcement mechanisms. However, these prior methods either alter application semantics or require adopting a new programming model; the former can result in unexpected application behavior, while the latter cannot be used with existing web frameworks. Blockaid is an access-policy enforcement system that preserves application semantics and is compatible with existing web frameworks. It intercepts database queries from the application, attempts to verify that each query is policy-compliant, and blocks queries that are not. It verifies policy compliance using SMT solvers and generalizes and caches previous compliance decisions for better performance. We show that Blockaid supports existing web applications while requiring minimal code changes and adding only modest overheads.
UR - http://www.scopus.com/inward/record.url?scp=85141067788&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85141067788&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85141067788
T3 - Proceedings of the 16th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2022
SP - 701
EP - 718
BT - Proceedings of the 16th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2022
PB - USENIX Association
Y2 - 11 July 2022 through 13 July 2022
ER -