Abstract
We investigate non-interference (secure information flow) policies for web browsers, replacing or complementing the Same Origin Policy. First, we adapt a recently proposed dynamic information flow enforcement mechanism to support asynchronous I/O. We prove detailed security and precision results for this enforcement mechanism, and implement it for the Featherweight Firefox browser model. Second, we investigate three useful web browser security policies that can be enforced by our mechanism, and demonstrate their value and limitations. © 2011 IEEE.
Cite
CITATION STYLE
Bielova, N., Devriese, D., Massacci, F., & Piessens, F. (2011). Reactive non-interference for a browser model. Proceedings - 2011 5th International Conference on Network and System Security, NSS 2011, 97–104. https://doi.org/10.1109/ICNSS.2011.6059965
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.