You Can't Be Me: Enabling Trusted Paths and User Sub-origins in Web Browsers
نویسندگان
چکیده
Once a web application authenticates a user, it loosely associates all resources owned by the user to the web session established. Consequently, any scripts injected into the victim web session attain unfettered access to user-owned resources, including scripts that commit malicious activities inside a web application. In this paper, we establish the first explicit notion of user sub-origins to defeat such attempts. Based on this notion, we propose a new solution called USERPATH to establish an end-to-end trusted path between web application users and web servers. To evaluate our solution, we implement a prototype in Chromium, and retrofit it to 20 popular web applications. USERPATH reduces the size of client-side TCB that has access to user-owned resources by 8x to 264x, with small developer effort.
منابع مشابه
You Can’t Be Me: Enabling Trusted Paths & User Sub-Origins in Web Browsers
Once a web application authenticates a user, it loosely associates all resources owned by the user to the web session established. Consequently, any scripts injected into the victim web session attain unfettered access to user-owned resources, including scripts that commit malicious activities inside a web application. In this paper, we establish the first explicit notion of user sub-origins to...
متن کاملA Framework for Smart Trusted Indicators for Browsers (STIB)
Web browsers currently have security indicators which provide security features that notify users of malicious or un-trusted websites. Most of these security indicators are normally synced with some black list data base that has a list with known websites that are known to be malicious. When a user surfs a website that is identified in the black list data base, the security indicators then noti...
متن کاملWebShield: Enabling Various Web Defense Techniques without Client Side Modifications
Today, web attacks are increasing in frequency, severity and sophistication. Existing solutions are either hostbased which suffer deployment problems or middlebox approaches that can only accommodate certain security protection mechanisms with limited protection. In this paper, we propose four design principles for general middlebox frameworks of web protection, and apply these principles to de...
متن کاملTrust and Protection in the Illinois Browser Operating System
Current web browsers are complex, have enormous trusted computing bases, and provide attackers with easy access to modern computer systems. In this paper we introduce the Illinois Browser Operating System (IBOS), a new operating system and a new browser that reduces the trusted computing base for web browsers. In our architecture we expose browser-level abstractions at the lowest software layer...
متن کاملA Trusted UI for the Mobile Web
Modern mobile devices come with first class web browsers that rival their desktop counterparts in power and popularity. However, recent publications point out that mobile browsers are particularly susceptible to attacks on web authentication, such as phishing or clickjacking. We analyze those attacks and find that existing countermeasures from desktop computers can not be easily transfered to t...
متن کامل