Toward Principled Browser Security
نویسندگان
چکیده
To ensure the confidentiality and integrity of web content, modern web browsers enforce isolation between content and scripts from different domains with the same-origin policy (SOP). However, many web applications require cross-origin sharing of code and data. This conflict between isolation and sharing has led to an ad hoc implementation of the SOP that has proven vulnerable to such attacks as cross-site scripting, cross-site request forgery, and browser privacy leaks. In this paper, we argue that information flow control (IFC) not only subsumes the same-origin policy but is also more flexible and sound. IFC not only provides stronger confidentiality and integrity for today’s web sites, but also better supports complex sites such as mashups, which are notoriously difficult to implement securely under the SOP.
منابع مشابه
Rethinking Web Platform Extensibility
OF THE DISSERTATION RETHINKING WEB PLATFORM EXTENSIBILITY by MOHAN DHAWAN Dissertation Director: Vinod Ganapathy The modern Web platform provides an extensible architecture that lets third party extensions, often untrusted, enhance and customize the Web browser and the Web applications. While the prevalence of extensions for both browsers and applications has been instrumental in making the Web...
متن کاملBrowser security
The past decade has shown that the browser is a vulnerable application. Vulnerabilities are still frequently being discovered for all browsers. Besides this, a typical browser has more than one plug-in installed and through the vulnerabilities associated with plug-ins fully patched browsers are at risk. Even if a browser and its plug-ins are patched and no vulnerabilities are known, the browser...
متن کاملVehicle Traffic Driven Camera Placement for Better Metropolis Security Surveillance
Security surveillance is one of the most important issues in smart cities, especially in an era of terrorism. Deploying a number of (video) cameras is a common surveillance approach. Given the never-ending power offered by vehicles to metropolises, exploiting vehicle traffic to design camera placement strategies could potentially facilitate security surveillance. This article constitutes the fi...
متن کاملCritical Vulnerability in Browser Security Metrics
Every time a browser vendor releases a patch for a critical vulnerability, the popular news media publishes a slew of negative press article detailing the security holes that have been announced in the product. Users who read these articles often decide to switch to a “safer” browser. The negative press associated with security patch releases has a number of unhealthy effects on the industry. W...
متن کاملBrowser Model for Security Analysis of Browser-Based Protocols
Currently, many industrial initiatives focus on web-based applications. In this context an important requirement is that the user should only rely on a standard web browser. Hence the underlying security services also rely solely on a browser for interaction with the user. Browser-based identity federation is a prominent example of such a protocol. Unfortunately, very little is still known abou...
متن کامل