Beware of Finer-Grained Origins
نویسندگان
چکیده
The security policy of browsers provides no isolation between documents from the same origin (scheme, host, and port), even if those documents have different security characteristics. We show how this lack of isolation leads to origin contamination vulnerabilities in a number of browser security features, such as cookies, encryption, and code signing. A tempting approach to fixing these vulnerabilities is to refine the browser’s notion of origin, leveraging the browser’s built-in isolation between security contexts. We demonstrate that attackers can circumvent these “finergrained origins” using the library import and data export features of browsers. We discuss several approaches to preventing these attacks.
منابع مشابه
Rfc 6959 Savi
The Source Address Validation Improvement (SAVI) effort aims to complement ingress filtering with finer-grained, standardized IP source address validation. This document describes threats enabled by IP source address spoofing both in the global and finer-grained context, describes currently available solutions and challenges, and provides a starting point analysis for finer-grained (host granul...
متن کاملOn the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users
One of the main security mechanisms in Android is the permission system. Previous research has pointed out that this system is too coarse-grained. Hence, several mechanisms have been proposed to address this issue. However, to date, the impact of changes in the current permission system on both end users and software developers has not been studied, and no significant work has been done to dete...
متن کاملRecrystallization texture during ECAP processing of ultrafine/nano grained magnesium alloy
An ultrafine/nano grained AZ31 magnesium alloy was produced through four-pass ECAP processing. TEM microscopy indicated that recrystallized regions included nano grains of 75 nm. Pole figures showed that a fiber basal texture with two-pole peaks was developed after four passes, where a basal pole peak lies parallel to the extrusion direction (ED) and the other ~20° away from the transverse dire...
متن کاملRFC 6959 SAVI Threat Scope May 2013 5 . Topological Challenges Facing SAVI
The Source Address Validation Improvement (SAVI) effort aims to complement ingress filtering with finer-grained, standardized IP source address validation. This document describes threats enabled by IP source address spoofing both in the global and finer-grained context, describes currently available solutions and challenges, and provides a starting point analysis for finer-grained (host granul...
متن کاملToward finer-grained sentiment identification in product reviews through linguistic and ontological analyses
We propose categories of finer-grained polarity for a more effective aspect-based sentiment summary, and describe linguistic and ontological clues that may affect such fine-grained polarity. We argue that relevance for satisfaction, contrastive weight clues, and certain adverbials work to affect the polarity, as evidenced by the statistical analysis.
متن کامل