A measurement study of the subresource integrity mechanism on real-world applications Online publication date: Thu, 21-Jun-2018
by Ronak Shah; Kailas Patil
International Journal of Security and Networks (IJSN), Vol. 13, No. 2, 2018
Abstract: Today, billions of websites are available to users in just a click to give them required and appropriate service. Most of these websites provide rich functionalities by relying on third-party-hosted resources. Subresource integrity (SRI) is a mechanism that provides ways to examine the integrity of third-party-hosted resources. This paper provides detailed statistics on websites that are using SRI. This research also addresses different aspects of SRI implementation, such as inconsistency in the adoption of SRI and failover management, and it also estimates the amount of effort required to adopt SRI. This research first identifies different issues of SRI implementation and then provides a way to mitigate these issues and make adoption of SRI easier and error-free. We implemented a tool called UserSRI as a browser extension. UserSRI uses dynamic analysis to infer the SRI mechanism, facilitates testing, and gives savvy users the authority to enforce client-side policies on websites.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Security and Networks (IJSN):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook