Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WWW
2010
ACM
2010
ACM
Alhambra: a system for creating, enforcing, and testing browser security policies
Alhambra is a browser-based system designed to enforce and test web browser security policies. At the core of Alhambra is a policyenhanced browser supporting fine-grain security policies that restrict web page contents and execution. Alhambra requires no server-side modifications or additions to the web application. Policies can restrict the construction of the document as well as the execution of JavaScript using access control rules and a taint-tracking engine. Using the Alhambra browser, we present two security policies that we have built using our architecture, both designed to prevent cross-site scripting. The first policy uses a taint-tracking engine to prevent cross-site scripting attacks that exploit bugs in the client-side of the web applications. The second one uses browsing history to create policies that restrict the contents of documents and prevent the inclusion of malicious content. Using Alhambra we analyze the impact of policies on the compatibility of web pages. T...
Real-time Traffic| Added | 13 May 2010 |
| Updated | 13 May 2010 |
| Type | Conference |
| Year | 2010 |
| Where | WWW |
| Authors | Shuo Tang, Chris Grier, Onur Aciiçmez, Samuel T. King |
Comments (0)
Researcher Info
|
