Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Keep our web applications safe: A security evaluation of Service Workers
Linköping University, Department of Computer and Information Science, Software and Systems.
Linköping University, Department of Computer and Information Science, Software and Systems.
2019 (English)Independent thesis Basic level (university diploma), 10,5 credits / 16 HE creditsStudent thesis
Abstract [en]

With the ever-expanding internet, finding new ways to increase the user experience are vital in order to keeping concurrent users on your web application. One way to achieve this could be to implement a Service Worker to unlock more capabilities of a web application.

The purpose of this paper is to evaluate what new security vulnerabilities can arise when implementing a Service Worker. This could then be used to evaluate if the technology has evolved far enough to be used by a wider audience of programmers and users. The analysis in this paper will be presented in a security matrix that is based on four experiments and a complementary literature study on web-based attacks. This paper found that some new vulnerabilities must be considered when implementing a Service Worker in a web application. The worst of these is the Living Outside of Scope, which can be used by an attacker to secretly hijack a victim's computer even when the application is shut down. This paper concludes that the technology has evolved far enough so that a secure web application with the use of the Service Worker is possible, but there are still some new vulnerabilities that can become a problem if not considered.

Place, publisher, year, edition, pages
2019. , p. 38
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:liu:diva-161753ISRN: LIU-IDA/LITH-EX-G-19/050-SEOAI: oai:DiVA.org:liu-161753DiVA, id: diva2:1368880
External cooperation
Zenon AB
Subject / course
Computer Programming
Available from: 2019-11-12 Created: 2019-11-08 Last updated: 2019-11-12Bibliographically approved

Open Access in DiVA

fulltext(515 kB)8 downloads
File information
File name FULLTEXT01.pdfFile size 515 kBChecksum SHA-512
b5e3895e9acbca4968585af1fbe2cdf75d64a94bec496e00d8962d6e90a8f090512f4ce5e213cad79a3a1634ea410d72ba9ea0518fc5c29e4e2e9243b653c7fc
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Erickson, AdamNielsen, Oscar
By organisation
Software and Systems
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 8 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 38 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf