Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WWW
2008
ACM
2008
ACM
Forcehttps: protecting high-security web sites from network attacks
As wireless networks proliferate, web browsers operate in an increasingly hostile network environment. The HTTPS protocol has the potential to protect web users from network attackers, but real-world deployments must cope with misconfigured servers, causing imperfect web sites and users to compromise browsing sessions inadvertently. ForceHTTPS is a simple browser security mechanism that web sites or users can use to opt in to stricter error processing, improving the security of HTTPS by preventing network attacks that leverage the browser's lax error processing. By augmenting the browser with a database of custom URL rewrite rules, ForceHTTPS allows sophisticated users to transparently retrofit security onto some insecure sites that support HTTPS. We provide a prototype implementation of ForceHTTPS as a Firefox browser extension. Categories and Subject Descriptors K.6.5 [Management of Computing and Information Systems]: Security and Protection--Unauthorized Access; K.4.4 [Compute...
Real-time TrafficBrowser Security Mechanism | Factors Keywords HTTPS | HTTPS Protocol | Internet Technology | WWW 2008 |
Related Content
| Added | 21 Nov 2009 |
| Updated | 21 Nov 2009 |
| Type | Conference |
| Year | 2008 |
| Where | WWW |
| Authors | Collin Jackson, Adam Barth |
Comments (0)
Researcher Info
|
