Matches in ScholarlyData for { <https://w3id.org/scholarlydata/inproceedings/www2010/paper/main/792> ?p ?o. }
Showing items 1 to 15 of
15
with 100 items per page.
- 792 creator chris-grier.
- 792 creator onur-aciicmez.
- 792 creator sam-king.
- 792 creator shuo-tang.
- 792 type InProceedings.
- 792 label "Alhambra: A system for creating, enforcing and testing browser security policies".
- 792 sameAs 792.
- 792 abstract "Alhambra is a browser-based system designed to enforce and test web browser security policies. At the core of Alhambra is a policy-enhanced browser supporting fine-grain security policies that restrict web page contents and execution. Policies can restrict the construction of the document as well as the execution of JavaScript using access control rules and a taint-tracking engine. Using the Alhambra browser, we present two security policies that we have built using our architecture, both designed to prevent cross-site scripting. The first policy uses browsing history to create policies that restrict the contents of documents and prevent the inclusion of malicious content. The second policy uses the taint-tracking engine to prevent cross-site scripting attacks that exploit a bug in the client-side of the web application. Using Alhambra we analyze the impact of policies on the compatibility of web pages. To test compatibility, Alhambra supports revisiting user-generated browsing sessions and comparing multiple security policies in parallel to quickly and automatically evaluate security policies. To compare security policies for identical pages we have also developed useful comparison metrics that quantify differences between identical pages executed with different security policies. Not only do we show that our policies are effective with minimal compatibility cost, we also demonstrate that Alhambra can enforce strong security policies and provide quantitative evaluation of the differences introduced by security policies.".
- 792 hasAuthorList authorList.
- 792 isPartOf proceedings.
- 792 keyword "Browser security issues".
- 792 keyword "defenses".
- 792 keyword "including attacks".
- 792 keyword "policy models".
- 792 title "Alhambra: A system for creating, enforcing and testing browser security policies".