@conference {300596, title = {Gibraltar: Exposing Hardware Devices to Web Pages Using AJAX}, booktitle = {USENIX WebApps}, year = {2012}, address = {Boston, MA}, abstract = {Gibraltar is a new framework for exposing hardware devices\ to web pages. Gibraltar{\textquoteright}s fundamental insight is that JavaScript{\textquoteright}s AJAX facility can be used as a hardware access protocol.\ Instead of relying on the browser to mediate device interactions,\ Gibraltar sandboxes the browser and uses a small\ device server to handle hardware requests. The server uses\ native code to interact with devices, and it exports a standard\ web server interface on the localhost. To access hardware,\ web pages send device commands to the server using\ HTTP requests; the server returns hardware data via HTTP\ responses. Using a client-side JavaScript library, we build a simple\ yet powerful device API atop this HTTP transfer protocol.\ The API is particularly useful to developers of mobile web\ pages, since mobile platforms like cell phones have an increasingly\ wide array of sensors that, prior to Gibraltar, were\ only accessible via native code plugins or the limited, inconsistent\ APIs provided by HTML5. Our implementation of\ Gibraltar on Android shows that Gibraltar provides stronger\ security guarantees than HTML5; furthermore, it shows that\ HTTP is responsive enough to support interactive web pages\ that perform frequent hardware accesses. Gibraltar also supports\ an HTML5 compatibility layer that implements the\ HTML5 interface but provides Gibraltar{\textquoteright}s stronger security.}, url = {http://scholar.harvard.edu/files/mickens/files/gibraltar.pdf}, author = {Kaisen Lin and David Chu and James Mickens and Li Zhuang and Feng Zhao and Jian Qiu} }