• DocumentCode
    2027614
  • Title

    Reactive non-interference for a browser model

  • Author

    Bielova, Nataliia ; Devriese, Dominique ; Massacci, Fabio ; Piessens, Frank

  • Author_Institution
    Univ. of Trento, Trento, Italy
  • fYear
    2011
  • fDate
    6-8 Sept. 2011
  • Firstpage
    97
  • Lastpage
    104
  • Abstract
    We investigate non-interference (secure information flow) policies for web browsers, replacing or complementing the Same Origin Policy. First, we adapt a recently proposed dynamic information flow enforcement mechanism to support asynchronous I/O. We prove detailed security and precision results for this enforcement mechanism, and implement it for the Featherweight Firefox browser model. Second, we investigate three useful web browser security policies that can be enforced by our mechanism, and demonstrate their value and limitations.
  • Keywords
    online front-ends; security of data; Featherweight Firefox browser model; Web browser security policy model; dynamic information flow enforcement mechanism; information flow security; reactive noninterference policy; same origin policy; Browsers; Fires; HTML; Load modeling; Observers; Security; Web pages;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Network and System Security (NSS), 2011 5th International Conference on
  • Conference_Location
    Milan
  • Print_ISBN
    978-1-4577-0458-1
  • Type

    conf

  • DOI
    10.1109/ICNSS.2011.6059965
  • Filename
    6059965
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2027614