Many web pages display personal information provided by users. The goal of this work is to protect that content from untrusted scripts that are embedded in host pages. We present a browser modification that provides fine-grained control over what parts of a document are visible to different scripts, and executes untrusted scripts in isolated environments where private information is not accessible. To ease deployment, we present a method for automatically inferring what nodes in a web page contain private content. This paper describes how we modify the Chromium browser to enforce newly defined security policies, presents our automatic policy generation method, and reports on experiments inferring and enforcing privacy policies for a variety of web applications. © 2011 Springer-Verlag.
CITATION STYLE
Zhou, Y., & Evans, D. (2011). Protecting private web content from embedded scripts. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6879 LNCS, pp. 60–79). Springer Verlag. https://doi.org/10.1007/978-3-642-23822-2_4
Mendeley helps you to discover research relevant for your work.