IBOS: A Correct-By-Construction Modular Browser
نویسندگان
چکیده
Current web browsers are complex, have enormous trusted computing bases, and provide attackers with easy access to computer systems. This makes web browser security a difficult issue that increases in importance as more and more applications move to the web. Our approach for this challenge is to design and build a correct-by-construction web browser, called IBOS, that consists of multiple concurrent components, with a small required trusted computing base. We give a formal specification of the design of this secure-by-construction web browser in rewriting logic. We use formal verification of that specification to prove the desired security properties of the IBOS design, including the address bar correctness and the same-origin policy.
منابع مشابه
Towards Secure Web
The Web is now the dominant platform for delivering interactive applications to hundreds of millions of users. Correspondingly, web browsers have become the de facto operating system for hosting these web-based applications (web apps). Unfortunately, web apps, browsers, and operating systems have all become popular targets for web-based attacks, intensifying the need for secure web browsing sys...
متن کاملTrust and Protection in the Illinois Browser Operating System
Current web browsers are complex, have enormous trusted computing bases, and provide attackers with easy access to modern computer systems. In this paper we introduce the Illinois Browser Operating System (IBOS), a new operating system and a new browser that reduces the trusted computing base for web browsers. In our architecture we expose browser-level abstractions at the lowest software layer...
متن کاملDevelopment of a weighted leanness measurement method in modular construction companies
This paper outlines the development of an improved approach to the use of lean tools and techniques to improve the performance of manufacturing enterprises. Several research studies attempt to measure the overall leanness score of the manufacturing process; however, they failed to consider the interdependent relationships between lean performance metrics and considered all performance measures ...
متن کاملDesigning a High Resistant, High-torque Downhole Drilling Motor (RESEARCH NOTE)
Downhole drilling motors or mud motors are frequently used during the oil and gas well construction, especially for construction of directional and horizontal segments. However, low operation life of the down hole drilling motors and high rate of wear in their working elements may constrain their application due to technical and economical disadvantageousness. In this work, a high-torque modula...
متن کاملModel-Based Testing of Thin-Client Web Applications and Navigation Input
More and more software systems use a browser as the universal graphical user interface. As a consequence these applications inherit browser navigation as part of their interface. Typical browser actions are the use of the backand forward-button and the cloning of windows. Browser navigation is difficult to deal with because it has effects that are noticed indirectly by the application logic. It...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012