Security and privacy of client-side isolation on the web
Abstract/Contents
- Abstract
- The modern web browser is very much like a multiple-user operating system, with multiple web sites interacting with each other through designated browser features. As the web platform has grown over time -- adding new features and policies -- security and privacy have not always been preserved. Consequently, there are many features that have resulted in unexpected compromises of the user's security and privacy. This thesis focuses on three different attacks on web features: privacy attacks via the sharing of browsing history, browser cache, and similar incidental bits of state; privacy attacks via the ability to time remote web sites from within the browser, using a user's identity; and security attacks via the non-standard isolation policies of cookies, which are the primary mechanism of access control. For each of these attacks, we will detail the mechanism of the attack and the specific consequences on the security and privacy of the user. We will also explore how to prevent these attacks, from the points of view of the user, web browser developer, and web site developer.
Description
Type of resource | text |
---|---|
Form | electronic; electronic resource; remote |
Extent | 1 online resource. |
Publication date | 2012 |
Issuance | monographic |
Language | English |
Creators/Contributors
Associated with | Bortz, Andrew Scott |
---|---|
Associated with | Stanford University, Computer Science Department |
Primary advisor | Boneh, Dan |
Thesis advisor | Boneh, Dan |
Thesis advisor | Dill, David L |
Thesis advisor | Mitchell, John |
Advisor | Dill, David L |
Advisor | Mitchell, John |
Subjects
Genre | Theses |
---|
Bibliographic information
Statement of responsibility | Andrew Bortz. |
---|---|
Note | Submitted to the Department of Computer Science. |
Thesis | Thesis (Ph.D.)--Stanford University, 2012. |
Location | electronic resource |
Access conditions
- Copyright
- © 2012 by Andrew Scott Bortz
- License
- This work is licensed under a Creative Commons Attribution 3.0 Unported license (CC BY).
Also listed in
Loading usage metrics...