swMATH ID: 35844
Software Authors: Willem De Groef, Fabio Massacci, Frank Piessens
Description: Node.js is a popular JavaScript server-side frame-work with an efficient runtime for cloud-based event-driven architectures. Its strength is the presence of thousands of third party libraries which allow developers to quickly build and deploy applications.These very libraries are a source of security threats as a vulnerability in one library can (and in some cases did) compromise one’s entire server. In order to support the least-privilege integration of libraries we develop NodeSentry, the first security architecture for server-side JavaScript. Our policy enforcement infrastructure supports an easy deployment of web-hardening techniques and access control policies on interactions between libraries and their environment, including any dependent library
Homepage: https://www.npmjs.com/package/nodesentry
Source Code:  https://github.com/WillemDeGroef/nodesentry
Dependencies: JavaScript
Related Software: Retire.js; ConflictJS; Synode; Node.js; npm; BreakApp; Codejail; ESLint; Caja; Pivot; Joe-E; Pyronia; EnclaveDom; Sandcrust; Privman; Closure Library; Deno; Privtrans; Salus; JSand
Cited in: 0 Publications