{"id":"https://openalex.org/W3153226602","doi":"https://doi.org/10.1145/3412841.3442143","title":"WAIT: protecting the integrity of web applications with binary-equivalent transparency","display_name":"WAIT: protecting the integrity of web applications with binary-equivalent transparency","publication_year":2021,"publication_date":"2021-03-22","ids":{"openalex":"https://openalex.org/W3153226602","doi":"https://doi.org/10.1145/3412841.3442143","mag":"3153226602"},"language":"en","primary_location":{"id":"doi:10.1145/3412841.3442143","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3412841.3442143","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 36th Annual ACM Symposium on Applied Computing","raw_type":"proceedings-article"},"type":"article","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2104.06136","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Echo Mei\u00dfner","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Echo Mei\u00dfner","raw_affiliation_strings":["Ulm University, Germany"],"affiliations":[{"raw_affiliation_string":"Ulm University, Germany","institution_ids":[]}]},{"author_position":"middle","author":{"id":null,"display_name":"Frank Kargl","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Frank Kargl","raw_affiliation_strings":["Ulm University, Germany"],"affiliations":[{"raw_affiliation_string":"Ulm University, Germany","institution_ids":[]}]},{"author_position":"last","author":{"id":null,"display_name":"Benjamin Erb","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Benjamin Erb","raw_affiliation_strings":["Ulm University, Germany"],"affiliations":[{"raw_affiliation_string":"Ulm University, Germany","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.05433175,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1950","last_page":"1953"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9973999857902527,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/transparency","display_name":"Transparency (behavior)","score":0.6929000020027161},{"id":"https://openalex.org/keywords/web-server","display_name":"Web server","score":0.57669997215271},{"id":"https://openalex.org/keywords/verifiable-secret-sharing","display_name":"Verifiable secret sharing","score":0.5392000079154968},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5320000052452087},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.45339998602867126},{"id":"https://openalex.org/keywords/insider","display_name":"Insider","score":0.4390000104904175},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.4361000061035156},{"id":"https://openalex.org/keywords/web-api","display_name":"Web API","score":0.37709999084472656},{"id":"https://openalex.org/keywords/client-side-scripting","display_name":"Client-side scripting","score":0.37290000915527344}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7143999934196472},{"id":"https://openalex.org/C2780233690","wikidata":"https://www.wikidata.org/wiki/Q535347","display_name":"Transparency (behavior)","level":2,"score":0.6929000020027161},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5799999833106995},{"id":"https://openalex.org/C11392498","wikidata":"https://www.wikidata.org/wiki/Q11288","display_name":"Web server","level":3,"score":0.57669997215271},{"id":"https://openalex.org/C85847156","wikidata":"https://www.wikidata.org/wiki/Q59015987","display_name":"Verifiable secret sharing","level":3,"score":0.5392000079154968},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5320000052452087},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.5095999836921692},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.45339998602867126},{"id":"https://openalex.org/C2778971194","wikidata":"https://www.wikidata.org/wiki/Q1664551","display_name":"Insider","level":2,"score":0.4390000104904175},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.4361000061035156},{"id":"https://openalex.org/C127613066","wikidata":"https://www.wikidata.org/wiki/Q557770","display_name":"Web API","level":4,"score":0.37709999084472656},{"id":"https://openalex.org/C195274430","wikidata":"https://www.wikidata.org/wiki/Q1650567","display_name":"Client-side scripting","level":5,"score":0.37290000915527344},{"id":"https://openalex.org/C164554305","wikidata":"https://www.wikidata.org/wiki/Q71550","display_name":"Application server","level":2,"score":0.36629998683929443},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.35850000381469727},{"id":"https://openalex.org/C33762810","wikidata":"https://www.wikidata.org/wiki/Q461671","display_name":"Data integrity","level":2,"score":0.32280001044273376},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.3212999999523163},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.30649998784065247},{"id":"https://openalex.org/C48105269","wikidata":"https://www.wikidata.org/wiki/Q1141160","display_name":"Header","level":2,"score":0.29899999499320984},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.2883000075817108},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.27489998936653137},{"id":"https://openalex.org/C2983909278","wikidata":"https://www.wikidata.org/wiki/Q6368","display_name":"Web browser","level":3,"score":0.27459999918937683},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.27070000767707825},{"id":"https://openalex.org/C2776633304","wikidata":"https://www.wikidata.org/wiki/Q6038026","display_name":"Insider threat","level":3,"score":0.26739999651908875},{"id":"https://openalex.org/C2776007630","wikidata":"https://www.wikidata.org/wiki/Q2798912","display_name":"Accountability","level":2,"score":0.262800008058548},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.25850000977516174},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.25769999623298645},{"id":"https://openalex.org/C103613024","wikidata":"https://www.wikidata.org/wiki/Q230924","display_name":"Stateless protocol","level":3,"score":0.25}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3412841.3442143","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3412841.3442143","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 36th Annual ACM Symposium on Applied Computing","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2104.06136","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2104.06136","pdf_url":"https://arxiv.org/pdf/2104.06136","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2104.06136","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2104.06136","pdf_url":"https://arxiv.org/pdf/2104.06136","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":4,"referenced_works":["https://openalex.org/W2300554752","https://openalex.org/W2962892760","https://openalex.org/W4210531213","https://openalex.org/W4233819588"],"related_works":[],"abstract_inverted_index":{"Modern":[0],"single":[1],"page":[2],"web":[3,80,111,140,161],"applications":[4],"require":[5],"client-side":[6,16,43,160],"executions":[7],"of":[8,39,78,135,169,177],"application":[9,44,81,137,141,162,180],"logic,":[10],"including":[11],"critical":[12],"functionality":[13],"such":[14,20,67],"as":[15,21,45],"cryptography.":[17],"Existing":[18],"mechanisms":[19],"TLS":[22],"and":[23,29,50,70,117,173],"Subresource":[24],"Integrity":[25,91],"secure":[26],"the":[27,35,42,48,51,61,72,76,115,124,129,133],"communication":[28],"provide":[30],"external":[31],"resource":[32],"integrity.":[33],"However,":[34],"browser":[36,73,130],"is":[37],"unaware":[38],"modifications":[40,57,68,149],"to":[41,74],"provided":[46],"by":[47],"server":[49,62],"user":[52],"remains":[53],"vulnerable":[54],"against":[55,184],"malicious":[56],"carried":[58],"out":[59],"on":[60,83,159],"side.":[63],"Our":[64,88],"solution":[65],"makes":[66],"transparent":[69],"empowers":[71],"validate":[75],"integrity":[77,103],"a":[79,84,106,166],"based":[82],"publicly":[85],"verifiable":[86,125],"log.":[87],"Web":[89],"Application":[90],"Transparency":[92],"(WAIT)":[93],"approach":[94,153],"requires":[95],"(1)":[96],"an":[97,174],"extension":[98],"for":[99,101,110,147,171,179],"browsers":[100],"local":[102],"validations,":[104],"(2)":[105],"custom":[107],"HTTP":[108],"header":[109],"servers":[112,121],"that":[113,122],"host":[114],"application,":[116],"(3)":[118],"public":[119],"log":[120],"serve":[123],"logs.":[126],"With":[127],"WAIT,":[128],"can":[131],"disallow":[132],"execution":[134],"undisclosed":[136],"changes.":[138],"Also,":[139],"providers":[142,181],"cannot":[143,154],"dispute":[144],"their":[145],"authorship":[146],"published":[148],"anymore.":[150],"Although":[151],"our":[152],"prevent":[155],"every":[156],"conceivable":[157],"attack":[158],"integrity,":[163],"it":[164],"introduces":[165],"novel":[167],"sense":[168],"transparency":[170],"users":[172],"increased":[175],"level":[176],"accountability":[178],"particularly":[182],"effective":[183],"targeted":[185],"insider":[186],"attacks.":[187]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2021-04-26T00:00:00"}