Title: A measurement study of the subresource integrity mechanism on real-world applications
Authors: Ronak Shah; Kailas Patil
Addresses: Department Computer Engineering, Vishwakarma Institute of Information Technology (VIIT), India ' Department of Computer Engineering, Vishwakarma University (VU), Pune, India
Abstract: Today, billions of websites are available to users in just a click to give them required and appropriate service. Most of these websites provide rich functionalities by relying on third-party-hosted resources. Subresource integrity (SRI) is a mechanism that provides ways to examine the integrity of third-party-hosted resources. This paper provides detailed statistics on websites that are using SRI. This research also addresses different aspects of SRI implementation, such as inconsistency in the adoption of SRI and failover management, and it also estimates the amount of effort required to adopt SRI. This research first identifies different issues of SRI implementation and then provides a way to mitigate these issues and make adoption of SRI easier and error-free. We implemented a tool called UserSRI as a browser extension. UserSRI uses dynamic analysis to infer the SRI mechanism, facilitates testing, and gives savvy users the authority to enforce client-side policies on websites.
Keywords: subresource integrity; content restriction; web security; content delivery networks; CDN; cryptographic hash.
International Journal of Security and Networks, 2018 Vol.13 No.2, pp.129 - 138
Received: 26 May 2017
Accepted: 21 Jan 2018
Published online: 21 Jun 2018 *