Paper Info
Title
Adding security to the JavaScript-based agent middleware SiebogJS
Abstract
JavaScript-based agent middleware frameworks are rare and the security handling of these is uncommon, since JavaScript does not have built-in security mechanisms and due to the lack of external security libraries. This paper gives possible solutions for including security in the SiebogJS, an agent middleware developed using NodeJS and thus implemented in JavaScript. It gives the end user the ability to upload agent files and execute them on the server. However, such actions can cause security problems. In order to prevent security issues, two security mechanisms were implemented and integrated into the SiebogJS: the ESLint library for the static code analysis and the Nodesentry library for securing external libraries that are required by an agent. The ESLint library is used to detect problematic code and the Nodesentry library is used for preventing an agent to execute malicious code during the runtime. In this way, malicious code execution can be prevented within an agent, both before and during the execution. This approach represents a good starting point for implementing security standards for the SiebogJS agent middleware, and therefore it is planned to use these security measures as standard security representation in SiebogJS.
Year
DOI
Venue
2018
10.23919/MIPRO.2018.8400088
2018 41st International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)
Keywords
Field
DocType
agent framework,security,SiebogJS,ESLint,NodeSentry
Middleware,Static program analysis,End user,Computer science,Upload,Computer network,Malware,Operating system,JavaScript
Conference
ISBN
Citations 
PageRank 
978-1-5386-3777-7
0
0.34
References 
Authors
7
5
Name
Order
Citations
PageRank
Aleksandra Aleksic100.34
Mirjana Ivanovic254083.40
Marko Hölbl327619.45
Tatjana Welzer4219120.18
Milan Vidakovic56411.37