Title: A measurement study of the subresource integrity mechanism on real-world applications

Authors: Ronak Shah; Kailas Patil

Addresses: Department Computer Engineering, Vishwakarma Institute of Information Technology (VIIT), India ' Department of Computer Engineering, Vishwakarma University (VU), Pune, India

Abstract: Today, billions of websites are available to users in just a click to give them required and appropriate service. Most of these websites provide rich functionalities by relying on third-party-hosted resources. Subresource integrity (SRI) is a mechanism that provides ways to examine the integrity of third-party-hosted resources. This paper provides detailed statistics on websites that are using SRI. This research also addresses different aspects of SRI implementation, such as inconsistency in the adoption of SRI and failover management, and it also estimates the amount of effort required to adopt SRI. This research first identifies different issues of SRI implementation and then provides a way to mitigate these issues and make adoption of SRI easier and error-free. We implemented a tool called UserSRI as a browser extension. UserSRI uses dynamic analysis to infer the SRI mechanism, facilitates testing, and gives savvy users the authority to enforce client-side policies on websites.

Keywords: subresource integrity; content restriction; web security; content delivery networks; CDN; cryptographic hash.

DOI: 10.1504/IJSN.2018.092474

International Journal of Security and Networks, 2018 Vol.13 No.2, pp.129 - 138

Received: 26 May 2017
Accepted: 21 Jan 2018

Published online: 21 Jun 2018 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article