Strong User Isolation for Scalable Web Applications
Web applications are a frequent target of successful attacks. The damage is amplified by the fact that application code is responsible for security enforcement in most web frameworks. In this paper we design and implement Radiatus, a web framework where all application-specific computation running on the server is executed within a sandbox with the privileges of the end-user. By strongly isolating users we protect user data and service availability from application vulnerabilities.
To make Radiatus practical, we introduce a distributed capabilities system to protect data at scale across the many distributed services that compose a modern web application. We show how this model protects applications from a large classes of vulnerabilities, without compromising performance