Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
NDSS
2015
IEEE
2015
IEEE
Run-time Monitoring and Formal Analysis of Information Flows in Chromium
—Web browsers are a key enabler of a wide range of online services, from shopping and email to banking and health services. Because these services frequently involve handling sensitive data, a wide range of web browser security policies and mechanisms has been implemented or proposed to mitigate the dangers posed by malicious code and sites. This paper describes an approach for specifying and enforcing flexible information-flow policies on the Chromium web browser. Complementing efforts that focus on information-flow enforcement on JavaScript, our approach focuses on an existing browser and encompasses a broad range of browser features, from pages and scripts to DOM elements, events, persistent state, and extensions. In our approach, which is a coarse-grained, light-weight implementation of taint tracking, entities in the browser are annotated with information-flow labels that specify policy and track information flows. We develop a detailed formal model of our approach, for whi...
Real-time Traffic| Added | 15 Apr 2016 |
| Updated | 15 Apr 2016 |
| Type | Journal |
| Year | 2015 |
| Where | NDSS |
| Authors | Lujo Bauer, Shaoying Cai, Limin Jia, Timothy Passaro, Michael Stroucken, Yuan Tian |
Comments (0)
Researcher Info
|
