{"id":"https://openalex.org/W2053739444","doi":"https://doi.org/10.1145/1772690.1772786","title":"Alhambra","display_name":"Alhambra","publication_year":2010,"publication_date":"2010-04-26","ids":{"openalex":"https://openalex.org/W2053739444","doi":"https://doi.org/10.1145/1772690.1772786","mag":"2053739444"},"language":"en","primary_location":{"id":"doi:10.1145/1772690.1772786","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1772690.1772786","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 19th international conference on World wide web","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5002285642","display_name":"Shuo Tang","orcid":"https://orcid.org/0009-0000-4531-2858"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Shuo Tang","raw_affiliation_strings":["University of Illinois, Urbana-Champaign, Urbana, IL, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois, Urbana-Champaign, Urbana, IL, USA","institution_ids":["https://openalex.org/I157725225"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5108351255","display_name":"Chris Grier","orcid":null},"institutions":[{"id":"https://openalex.org/I95457486","display_name":"University of California, Berkeley","ror":"https://ror.org/01an7q238","country_code":"US","type":"education","lineage":["https://openalex.org/I95457486"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Chris Grier","raw_affiliation_strings":["University of California, Berkeley, Berkeley, CA, USA","University of California, Berkeley, Berkeley, CA USA"],"affiliations":[{"raw_affiliation_string":"University of California, Berkeley, Berkeley, CA, USA","institution_ids":["https://openalex.org/I95457486"]},{"raw_affiliation_string":"University of California, Berkeley, Berkeley, CA USA","institution_ids":["https://openalex.org/I95457486"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5080401502","display_name":"Onur Ac\u0131i\u00e7mez","orcid":null},"institutions":[{"id":"https://openalex.org/I4210101778","display_name":"Samsung (United States)","ror":"https://ror.org/01bfbvm65","country_code":"US","type":"company","lineage":["https://openalex.org/I2250650973","https://openalex.org/I4210101778"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Onur Aciicmez","raw_affiliation_strings":["Samsung Advanced Institute of Technology, San Jose, CA, USA"],"affiliations":[{"raw_affiliation_string":"Samsung Advanced Institute of Technology, San Jose, CA, USA","institution_ids":["https://openalex.org/I4210101778"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5112039412","display_name":"Samuel T. King","orcid":null},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Samuel T. King","raw_affiliation_strings":["University of Illinois, Urbana-Champaign, Urbana, IL, USA"],"affiliations":[{"raw_affiliation_string":"University of Illinois, Urbana-Champaign, Urbana, IL, USA","institution_ids":["https://openalex.org/I157725225"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5002285642"],"corresponding_institution_ids":["https://openalex.org/I157725225"],"apc_list":null,"apc_paid":null,"fwci":6.2433,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.96349046,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"941","last_page":"950"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9944000244140625,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.8964259028434753},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.76990807056427},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.6855186820030212},{"id":"https://openalex.org/keywords/client-side-scripting","display_name":"Client-side scripting","score":0.6360929012298584},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.6035662889480591},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5848534107208252},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.5458590984344482},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.4301244616508484},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3963031768798828},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.37598007917404175},{"id":"https://openalex.org/keywords/web-api","display_name":"Web API","score":0.342315137386322},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.32197821140289307},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.2376832365989685}],"concepts":[{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.8964259028434753},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.76990807056427},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.6855186820030212},{"id":"https://openalex.org/C195274430","wikidata":"https://www.wikidata.org/wiki/Q1650567","display_name":"Client-side scripting","level":5,"score":0.6360929012298584},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.6035662889480591},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5848534107208252},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.5458590984344482},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.4301244616508484},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3963031768798828},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.37598007917404175},{"id":"https://openalex.org/C127613066","wikidata":"https://www.wikidata.org/wiki/Q557770","display_name":"Web API","level":4,"score":0.342315137386322},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.32197821140289307},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.2376832365989685}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1772690.1772786","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1772690.1772786","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 19th international conference on World wide web","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.6899999976158142}],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":23,"referenced_works":["https://openalex.org/W11234669","https://openalex.org/W19730443","https://openalex.org/W72335960","https://openalex.org/W1222699389","https://openalex.org/W1492437080","https://openalex.org/W1543478129","https://openalex.org/W1561387739","https://openalex.org/W1582331515","https://openalex.org/W2072978486","https://openalex.org/W2100189461","https://openalex.org/W2111487235","https://openalex.org/W2122847456","https://openalex.org/W2142892618","https://openalex.org/W2150348590","https://openalex.org/W2151103935","https://openalex.org/W2159079348","https://openalex.org/W2162316255","https://openalex.org/W2168563136","https://openalex.org/W2170920217","https://openalex.org/W2171049321","https://openalex.org/W2171295941","https://openalex.org/W2914982603","https://openalex.org/W4230542187"],"related_works":["https://openalex.org/W187998727","https://openalex.org/W1531015913","https://openalex.org/W2326682353","https://openalex.org/W4244258610","https://openalex.org/W4319431564","https://openalex.org/W3149638606","https://openalex.org/W2046312985","https://openalex.org/W1566985031","https://openalex.org/W3157804828","https://openalex.org/W2185493255"],"abstract_inverted_index":{"Alhambra":[0,18,34,70],"is":[1,19],"a":[2,20,65,94],"browser-based":[3],"system":[4],"designed":[5,85],"to":[6,41,86,97,118],"enforce":[7],"and":[8,32,64,127],"test":[9],"web":[10,29,43,110],"browser":[11,22],"security":[12,25,75],"policies.":[13],"At":[14],"the":[15,42,48,51,56,69,106,109,123,129],"core":[16],"of":[17,50,58,108,125,131],"policy-enhanced":[21],"supporting":[23],"fine-grain":[24],"policies":[26,76,120],"that":[27,77,102,121],"restrict":[28,47,122],"page":[30],"contents":[31,124],"execution.":[33],"requires":[35],"no":[36],"server-side":[37],"modifications":[38],"or":[39],"additions":[40],"application.":[44],"Policies":[45],"can":[46],"construction":[49],"document":[52],"as":[53,55],"well":[54],"execution":[57],"JavaScript":[59],"using":[60,81],"access":[61],"control":[62],"rules":[63],"taint-tracking":[66,95],"engine.":[67],"Using":[68],"browser,":[71],"we":[72,78],"present":[73],"two":[74],"have":[79],"built":[80],"our":[82],"architecture,":[83],"both":[84],"prevent":[87,98,128],"cross-site":[88,99],"scripting.":[89],"The":[90,112],"first":[91],"policy":[92],"uses":[93,115],"engine":[96],"scripting":[100],"attacks":[101],"exploit":[103],"bugs":[104],"in":[105],"client-side":[107],"applications.":[111],"second":[113],"one":[114],"browsing":[116],"history":[117],"create":[119],"documents":[126],"inclusion":[130],"malicious":[132],"content.":[133]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2016,"cited_by_count":2},{"year":2014,"cited_by_count":4},{"year":2013,"cited_by_count":2},{"year":2012,"cited_by_count":4}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2016-06-24T00:00:00"}